sb-nz logo
Story image

FireEye revamps its flagship anti-malware solution

21 May 2020

Cybersecurity company FireEye has today introduced a new Innovation Architecture behind its Endpoint Security solution, including the availability of several new modules for protection, investigation and response. 

FireEye Endpoint Security says it aims to buck the trend of ‘one-size-fits-all’ solutions common for security vendors by delivering comprehensive defence using customisable protection modules. 

The module creation blocks malware, detects advanced attacks, and provides the response tools and techniques that fit an organisation’s unique risk profile and security posture, says FireEye.

“The rate at which new threats emerge is outpacing response,” says FireEye vicem president of engineering and general manager of Endpoint Michelle Salvado.

“And traditionally, the time that the industry took to respond with the creation, testing and deployment of new features has been too long.

“Through our new framework, FireEye makes an important shift in feature deployment. Now we can create and deploy these custom protection, investigation and response modules in just days – versus several months – in response to changes in the threat landscape.”

Using this new modular approach, organisations need not wait for the next upgrade to benefit from the roll-out of new features or threat responses. 

Organisations also have the autonomy to choose which modules they want to deploy, tailoring the level of protection down to an individual level if necessary.

New Endpoint Security modules fall under three general categories – protection, investigation & response, and enterprise readiness.
 

Protection

Endpoint Security stops unauthorised processes from obtaining access to credential data on Windows, removing the need for an analyst to intervene to resolve the security issue.
 

Investigation and response

The solution collects metadata on Windows, Mac, and Linux endpoints and streams the data to the Endpoint Security console.

Released in the next few months, the enrichment module adds FireEye Intelligence information to files to help determine when a file is malicious, and aid in incident response investigations.
 

Enterprise readiness

The solution offers a user interface within the Endpoint Security console that displays system information and agent status, providing extended visibility to the IT admin.

It also creates a triage on events that send back triggers, offering visibility into what the agent is doing, including which files have been previously quarantined.
 

FireEye says it plans to continue to release modules on an ongoing basis to address threats and release new features –  including automation of remediation, increased streaming for alerting and investigation and enhanced protection of Windows access controls.

FireEye Endpoint Security also includes malware protection for macOS, support for IPv6 environments and updated Linux audit options.

Story image
Insider threat report reveals deception in the workforce
Insider threats come from people inside an enterprise, whether they divulge proprietary information with nefarious intentions, or are just careless employees that unwittingly share sensitive data, writes Bitglass product marketing manager Juan Lugo.More
Link image
The importance of data resilience in the current cybersecurity climate
Protecting an organisation's data is one of the most crucial functions of any CISO. Strategies should be in place where data is stored securely and cost-effectively.More
Story image
Cisco report: Remote working is here to stay, making cybersecurity a top priority
"With this new way of working here to stay and organisations looking to increase their investment in cybersecurity, there’s a unique opportunity to transform the way we approach security as an industry to better meet the needs of our customers and end-users.”More
Story image
How cyber-attackers use Microsoft 365 tools to steal data
Vectra security research has recently identified how cyber-attackers use Microsoft Office 365 tools against organisations to steal data and take over accounts.More
Story image
Experiencing ransomware significantly impacts cybersecurity approach
"The survey findings illustrate clearly the impact of these near-impossible demands. Among other things, those hit by ransomware were found to have severely undermined confidence in their own cyber threat awareness."More
Story image
The business case for an in-house ethical hacker
Ethical hackers, also known as penetration testers or white-hat hackers, mimic the techniques used by malicious hackers to try and break into computer systems and discover vulnerabilities before the bad guys can exploit them.More