FireEye Delivers Next-Generation Threat Protection Platform
MILPITAS, CA, Feb 25, 2013 (MARKETWIRE via COMTEX) --
FireEye(R), Inc., the leader in stopping today's new breed of cyber
attacks, today announced its threat protection platform designed to
help enterprises deploy new security models to counter modern cyber
attacks. Many traditional defenses, such as firewalls and anti-virus,
are not enough to counter the more advanced nature of today's cyber
attacks, leaving the majority of enterprises compromised. The FireEye
platform creates a cross-enterprise threat protection fabric using a
next-generation threat detection engine, dynamic threat intelligence,
and interoperability with a broad ecosystem of more than two dozen
technology alliance partners to secure all major threat vectors and
enable rapid detection, validation, and response to cyber attacks.
"We constantly monitor the cyber threat landscape and perform
in-depth analysis of emerging threats," said Jon Ramsey, chief
technology officer at Dell SecureWorks. "The FireEye platform, along
with the data it provides, is an integral component of our end-to-end
life cycle approach to protecting Dell SecureWorks customers from
The FireEye platform unifies many security technologies to help
enterprises modernize their security strategies. The platform is
formed by three core components that work in concert:
1. Multi-Vector Virtual Execution(TM) (MVX) Engine - The MVX engine
is designed to capture and confirm today's cyber attacks by
detonating Web objects, files, suspicious attachments, and mobile
applications within instrumented virtual environments. It is the
leading signature-less technology that can be used across threat
vectors to automate the discovery and forensic analysis of malicious
code resulting in multi-vector dynamic threat intelligence on attacks
specific to an organization. By correlating multi-vector dynamic
threat intelligence for a particular enterprise, customers can block
infiltration mechanisms used by advanced persistent threats (APTs).
2. Dynamic Threat Intelligence(TM) (DTI) Cloud - Subscribers to the
DTI cloud exchange the latest multi-vector threat intelligence on new
criminal tactics, developing APT attacks, and malware outbreaks. By
exchanging anonymized threat intelligence through the DTI cloud,
participants gain contextual visibility of global attacks and can
strengthen their collective security with the latest protections and
neutralize attacks before they cause catastrophic damage.
3. Partner Interoperability via APIs and Standards-based Threat
Intelligence Metadata - Partner integrations utilize the FireEye APIs
to address the network visibility, endpoint validation, and
enforcement options needed by today's organizations. In addition,
FireEye will be publishing a standards-based threat intelligence
metadata exchange format that enables FireEye and third-party
security solutions to interoperate and automate key cyber security
workflows. The metadata format will enumerate malware attributes,
actions, and forensics captured in our MVX engine. As a result,
customers can better leverage their existing infrastructure and
achieve greater security ROI.
"Organizations are looking for an easier way to confirm suspected
incidents so they can rapidly resolve them," said Dave Merkel, CTO of
Mandiant. "By utilizing our integrated platforms, security teams can
connect the dots between what is happening on their network and their
endpoints. This eliminates blind spots and creates the complete
picture required to fully scope and contain security breaches as they
"Dynamic threat intelligence is critical to combating advanced
threats from adversaries that may already be inside your network,"
said Mark Seward, senior director of security and compliance at
Splunk Inc. "The FireEye platform allows malware command and control
site detection and can provide attribution as part of your security
ecosystem. Splunk software allows a user to take the FireEye data,
add context using machine data from other security and business
systems, and automate responses as part of an active defense. The
combination of FireEye and Splunk allows a long term view of threats
and attacks that support changes to business processes and employee
"FireEye is the security platform organizations can rely upon for
protection against today's new breed of cyber attacks," said David
DeWalt, FireEye chairman and CEO. "We have enabled flexible options
so customers can integrate our dynamic threat intelligence into their
existing security infrastructure to automate the threat response and
rapidly neutralize today's cyber attacks."
The FireEye Global Industry Alliances Program supports
interoperability to build a next-generation threat protection
infrastructure based on the FireEye platform. The FireEye program
features technology partners in several categories.
-- Perimeter - Existing network gateways can be used for enforcement
actions or advanced quarantine of endpoints, such as restricting
access to sensitive information in databases and file servers.
Partners include A10 Networks, Blue Coat Systems, Bradford Networks,
Juniper Networks, and Netronome.
-- Security Intelligence Platforms and Monitoring/SIEM - Security
intelligence, reporting and SIEM partners enable consolidated
reporting and enterprise security integration capabilities. Partners
include HP ArcSight, IBM Q1 Labs, RSA, and Splunk. Network aggregation
and full packet capture partners offer flexible deployment and
contextual analysis options. Partners include Gigamon, Ixia Anue, RSA
NetWitness, Solera Networks, and VSS Monitoring.
-- Endpoint - Endpoint security partners provide endpoint visibility,
validation, and remediation capabilities. Partners include Mandiant,
Bit9, Guidance, McAfee, and Sophos.
-- Managed Security Service Provider (MSSP) - MSSP partners provide
malware expertise and minimize the IT complexity and costs associated
with owning and managing their own IT infrastructures. Partners
include Dell SecureWorks and Solutionary.
About FireEye, Inc.
FireEye has pioneered the next generation of threat protection to
help organizations protect themselves from being compromised. Cyber
attacks have become much more sophisticated and are now easily
bypassing traditional signature-based defenses, such as
next-generation firewalls, IPS, anti-virus, and gateways,
compromising the majority of enterprise networks. The FireEye
platform supplements these legacy defenses with a new model of
security to protect against the new breed of cyber attacks. The
unique FireEye platform provides the industry's leading
cross-enterprise threat protection fabric to dynamically identify and
block cyber attacks in real time. The core of the FireEye platform is
a signature-less, virtualized detection engine and a cloud-based
threat intelligence network, which help organizations protect their
assets across all major threat vectors, including Web, email, mobile,
and file-based cyber attacks. The FireEye platform is deployed in
over 40 countries and more than 1,000 customers and partners,
including over 25 percent of the Fortune 100.
FireEye is a registered trademark of FireEye, Inc. All other brands,
products, or service names are or may be trademarks or service marks
of their respective owners.
Image Available: http://www2.marketwire.com/mw/frame_mw attachid=2238134
[ Back To IBM News 's Homepage ]