Story image

FireEye extends threat intelligence for enterprise

13 Oct 15

FireEye has release its Endpoint 3.0 product, which extends FireEye Threat Intelligence to endpoints and adds enterprise search, designed to help organisations rapidly find and mitigate threats.

Along with FireEye Threat Intelligence, the release enables enterprises to adapt their endpoint protection utilising the new visibility into their endpoint and insight gathered from cloud and real-time feeds.

FireEye says today's cybercriminals are targeting employee endpoints, such as desktops, laptops, tablets, and mobile devices, and using them as a way into the corporate infrastructure.

Technology Business Research’s (TBR) September 2015 report, Enterprise Security Market Forecast, says, “Hackers are more often targeting endpoints, compelling customers to add advanced threat solutions to their malware prevention deployments.” TBR predicts that endpoint security segment will grow at an estimated 23.2% CAGR from 2014 to 2019.

“One of the drivers for the recent increase in endpoint security spending is the organisation-wide perception (and unfortunate reality) that antivirus has failed to protect the endpoint from advanced or unknown malware,” says Chris Sherman, endpoint analyst in a Forrester report.

 “Traditionally, [security teams] have relied on signature-based anti-malware as the focal point of their endpoint protection strategy, but third-party research has shown this approach is far from perfect when protecting against zero-day malware,” he says. “[Security teams] are now more than ever looking to augment or replace their failing antimalware tools with more-effective solutions.”

With FireEye HX, visibility into endpoints, integrated threat intelligence and exploit detection gives security teams tools necessary to create a proactive defence against threats.

FireEye HX Endpoint allows security teams to:

• Determine the presence of threats on endpoints. FireEye HX Triage Viewer addresses known events identified by FireEye or other sources, while new enterprise security search capabilities make it easier to uncover potential threats across endpoints. Once a threat is identified, security investigators can conduct deeper inspection and analysis to pinpoint and trace aspects of an exploit.

• Integrate endpoint and network defences. Endpoints defences are integrated into the industry-proven, highly scalable MVX technology that powers endpoint threat detection. With these enhancements, endpoints can be quickly checked when a threat is discovered inside a network.

• Leverage FireEye Threat Intelligence. Threat intelligence from FireEye DTI cloud and real-time feeds enables real-time blocking of advanced attacker activities at the endpoint. Threat intelligence enables additional endpoint inspection and analysis as needed.

FireEye HX Endpoint 3.0 delivers several other new features that address advanced threats targeting endpoints in organisations of all sizes, FireEye says. With the Triage Viewer, Enterprise Search, and Live Response, FireEye HX offers a workflow by which cyber security specialists can quickly identify if their organisation has been targeted for an attack and determine the scope and impact to their organisation, as well as contain the breach to prevent further compromise.

"Today’s endpoint security offerings continue to rely heavily on legacy technologies that do not account for the fact that advanced threat actors can find ways around the best prevention tools," explains Manish Gupta, SVP of products at FireEye.

"FireEye is reimagining endpoint protection by leveraging our proven technologies deployed on millions of network sensors and endpoints around the world to detect and prevent advanced attacks,” Gupta says.

“We believe the next-generation FireEye HX Endpoint solution will provide organisations with the critical endpoint protection the security industry has failed to deliver."

Version 3.0 will be generally available in November 2015.

SonicWall secures hybrid clouds by simplifying firewall deployment
Once new products are brought online in remote locations, administrators can manage local and distributed networks.
What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
Kiwis losing $24.7mil to scam calls every year
The losses are almost five times higher compared to the same period last year, from reported losses alone.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”