FireEye has launched a new threat detection platform to deal with modern targeted malware.
According to the company, the FireEye platform creates a cross-enterprise threat protection fabric using a threat detection engine, dynamic threat intelligence and interoperability with a broad ecosystem of more than 20 alliance partners to secure threat vectors and enable detection, validation and response to cyber attacks.
FireEye said its features include: a multi-vector signature-less virtual execution engine that detonates web objects, files, suspicious attachments, and mobile applications within virtual environments; the dynamic threat intelligence cloud where information can be exchanged; and partner interoperability via APIs and standards-based threat intelligence metadata.
Dave Merkel, CTO of Mandiant said: “By utilising our integrated platforms, security teams can connect the dots between what is happening on their network and their endpoints. This eliminates blind spots and creates the complete picture required to fully scope and contain security breaches as they are unfolding.”
Jon Ramsey, chief technology officer at Dell SecureWorks, said: “The FireEye platform, along with the data it provides, is an integral component of our end-to-end lifecycle approach to protecting Dell SecureWorks customers from advanced threats.”
Mark Seward, senior director of security and compliance at Splunk, said: “The FireEye platform allows malware command and control site detection and can provide attribution as part of your security ecosystem. Splunk software allows a user to take the FireEye data, add context using machine data from other security and business systems, and automate responses as part of an active defence.
“The combination of FireEye and Splunk allows a long term view of threats and attacks that support changes to business processes and employee awareness."
David DeWalt, FireEye chairman and CEO, said: “FireEye is the security platform organisations can rely upon for protection against today's new breed of cyber attacks. We have enabled flexible options so customers can integrate our dynamic threat intelligence into their existing security infrastructure to automate the threat response and rapidly neutralise today's cyber attacks."
FireEye has also announced a partnership with Guidance Software to improve attack detection and incident response times. The two companies will integrate the EnCase Cybersecurity solution and the FireEye threat protection platform.
The FireEye alert triggers an automated assessment of the endpoints by EnCase Cybersecurity, which determines their risk profiles, prioritises the responses and remediates any harm, according to the companies.