FireEye™ Malware Protection System and EnCase® Cybersecurity take the malware incident response cycle from weeks to minutes
Guidance Software and FireEye, Inc. today announced a strategic alliance to integrate their security incident response and malware detection products to allow enterprises to more efficiently and effectively detect and respond to advanced cyber threats.
The announcement was made at the RSA Conference where Guidance Software is in booth #136 and FireEye is in booth #2117.
Companies are under attack by sophisticated zero-day and signature-less advanced malware that can evade traditional perimeter security systems. FireEye Malware Protection System detects this advanced malware on the network then shares malware forensic information with EnCase® Cybersecurity to further investigate the attack at the endpoint, determine scope of infection and remediate the zero-day threat.
Under the alliance, the two companies are developing a software connector for integration of their two products and are also training their customers and channel on how to use the integrated products.
“Determined hackers, hacktivists and cyber criminals have learned to evade traditional signature and policy-based approaches and the result is that the risk of data loss is higher than ever,” said Alex Andrianopoulos, Guidance Software vice president of marketing. “By working with FireEye to close the loop on responding to a threat, we can help enterprises reduce data losses and the cost and embarrassment that comes with them.”
EnCase Cybersecurity is an endpoint incident response and data auditing software solution designed to eliminate the time gap between alert and response. Through the automation of the incident response process, organizations can reduce the high cost of response and the risk of exposing sensitive data to loss or theft. The solution helps validate the presence of a detected zero-day on network endpoints, prioritize response, determine source and scope of an incident, identify potential data loss scenarios and minimize time to remediation.
“Today, malware attacks have moved beyond signature-based code and have become so sophisticated that it has prompted the need for enterprises to look for new tools to ensure the integrity of their computing infrastructure,” said Brent Remai, FireEye chief marketing officer. “With our Malware Protection System working with EnCase Cybersecurity, enterprises now have a more comprehensive tool at their service that is able to find advanced malware on their networks, alert them of threats at the endpoint, and contain these threats to prevent further harm to their network.”
The FireEye Malware Protection System (MPS) is the only complete solution to stop advanced targeted attacks across the Web and e-mail threat vectors and malware resident on file shares. The FireEye security platform offers integrated, multi-vector protection utilizing stateful attack analysis to stop all stages of an advanced attack. Each of FireEye’s products features the Virtual Execution (VX) engine that provides state-of-the-art, signature-less analysis using the most sophisticated virtual machines. The Malware Protection System builds a 360-degree, stage-by-stage analysis of an advanced attack, from system exploitation to data exfiltration, in order to most effectively stop would-be APT attackers.
The combined solution provides:
|•|| ||Lower security operation costs – Decrease the time to detect and increase the analysis capacity, ultimately reducing the malware incident response cycle from weeks to minutes. |
|•|| ||Adaptive defense to stop targeted, zero-day attacks – Analyze network traffic to identify new and unknown attacks in real time, and audit endpoints to expose unknown risks that may have evaded signature based defenses.|
|•|| ||Real-time protection blocks data exfiltration attempts and gives IT time for a real-time response to contain threats at the endpoint – Stop outbound callback communications to disrupt compromised systems from being exploited from external command and control servers. Wipe data associated with the threat from affected endpoints.|
|•|| ||Quick and accurate decision making with complete visibility – See exactly what was occurring on the endpoint the moment an alert is generated and trace the full execution path of zero-day and known attacks to accurately determine the source and scope of attack.|
|•|| ||Accurate results – Confirm malware through comprehensive, automated testing and endpoint validation to avoid false alarms.|
|•|| ||Automated sensitive data audit – Understand immediately if sensitive data is at risk to further prioritize response activities and next steps.|
An integrated solution is available today from VARs worldwide.
For more information please contact:
FireEye:Read the Full Press Release