Showing results for 
Search instead for 
Did you mean: 

Cisco Stealthwatch WannaCry Incident Response Guide


The WannaCry ransomware attack jumped into the headlines shortly after appearing in the wild on May 12, 2017. Within a day of appearing, WannaCry had infected more than 230,000 computers in 150 countries – an alarming scale and rate of infection. While the authors of WannaCry made some mistakes that allowed researchers to mitigate a number of attacks, its initial success means we will likely see WannaCry variants in the future.

  • View the Cisco Stealthwatch WannaCry Incident Response Guide attached to better understand your current and past exposure; and how to effectively monitor and control ongoing exposure.
  • Learn how you can use Cisco Stealthwatch and Cisco Advanced Malware Protection (AMP), to detect and defend against WannaCry and its variants. Watch Dmitry Kazakov, a Cisco Systems Engineer, demonstrate how to use these solutions to detect and trace WannaCry activities from the network access layer to endpoint processes.