SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
FireEye extends threat intelligence for enterprise
Tue, 13th Oct 2015
FYI, this story is more than a year old

FireEye has release its Endpoint 3.0 product, which extends FireEye Threat Intelligence to endpoints and adds enterprise search, designed to help organisations rapidly find and mitigate threats.

Along with FireEye Threat Intelligence, the release enables enterprises to adapt their endpoint protection utilising the new visibility into their endpoint and insight gathered from cloud and real-time feeds.

FireEye says today's cybercriminals are targeting employee endpoints, such as desktops, laptops, tablets, and mobile devices, and using them as a way into the corporate infrastructure.

Technology Business Research's (TBR) September 2015 report, Enterprise Security Market Forecast, says, “Hackers are more often targeting endpoints, compelling customers to add advanced threat solutions to their malware prevention deployments.” TBR predicts that endpoint security segment will grow at an estimated 23.2% CAGR from 2014 to 2019.

“One of the drivers for the recent increase in endpoint security spending is the organisation-wide perception (and unfortunate reality) that antivirus has failed to protect the endpoint from advanced or unknown malware,” says Chris Sherman, endpoint analyst in a Forrester report.

 “Traditionally, [security teams] have relied on signature-based anti-malware as the focal point of their endpoint protection strategy, but third-party research has shown this approach is far from perfect when protecting against zero-day malware,” he says. “[Security teams] are now more than ever looking to augment or replace their failing antimalware tools with more-effective solutions.

With FireEye HX, visibility into endpoints, integrated threat intelligence and exploit detection gives security teams tools necessary to create a proactive defence against threats.

FireEye HX Endpoint allows security teams to:

• Determine the presence of threats on endpoints. FireEye HX Triage Viewer addresses known events identified by FireEye or other sources, while new enterprise security search capabilities make it easier to uncover potential threats across endpoints. Once a threat is identified, security investigators can conduct deeper inspection and analysis to pinpoint and trace aspects of an exploit.

• Integrate endpoint and network defences. Endpoints defences are integrated into the industry-proven, highly scalable MVX technology that powers endpoint threat detection. With these enhancements, endpoints can be quickly checked when a threat is discovered inside a network.

• Leverage FireEye Threat Intelligence. Threat intelligence from FireEye DTI cloud and real-time feeds enables real-time blocking of advanced attacker activities at the endpoint. Threat intelligence enables additional endpoint inspection and analysis as needed.

FireEye HX Endpoint 3.0 delivers several other new features that address advanced threats targeting endpoints in organisations of all sizes, FireEye says. With the Triage Viewer, Enterprise Search, and Live Response, FireEye HX offers a workflow by which cyber security specialists can quickly identify if their organisation has been targeted for an attack and determine the scope and impact to their organisation, as well as contain the breach to prevent further compromise.

"Today's endpoint security offerings continue to rely heavily on legacy technologies that do not account for the fact that advanced threat actors can find ways around the best prevention tools," explains Manish Gupta, SVP of products at FireEye.

"FireEye is reimagining endpoint protection by leveraging our proven technologies deployed on millions of network sensors and endpoints around the world to detect and prevent advanced attacks,” Gupta says.

“We believe the next-generation FireEye HX Endpoint solution will provide organisations with the critical endpoint protection the security industry has failed to deliver."

Version 3.0 will be generally available in November 2015.