Samar Yahya
Saudi Gazette
FireEye Cyber Defense Summit announced a series of products for improved endpoint, malware detection and threat intelligence during FireEye Summit 2015 held in Washington DC recently.
These releases gave emphasis to FireEye integrated approach to bring about true advanced threat detection.
The key benefits, features, and differentiators of this platform include broader visibility, with the announcements, including enhancements to FireEye core network security product MVX, enterprise search for endpoint security with HX, and using threat intel to identify attacks faster and more effectively.
These new capabilities give security teams unprecedented visibility into many aspects of advanced attacks. It also showed accelerated detection and response.
FireEye added some new detection methods in MVX to keep up today’s advanced attackers, who are constantly shifting their tactics. These enhancements help FireEye customers stay ahead of attackers, and include some new techniques to better pinpoint attack elements. In addition FireEye added a long list of searchable security-related terms that can help find broad and specific indicators of compromise.
With endpoint, its not enough to just ask questions — you have to know what to ask. FireEye HX product has predefined questions based on our years of experience with attacks.
Also, intelligence-driven response, FireEye announced the Fire Eye Threat Intel Engine, the Forward Deployed Analyst and the incorporation of threat intelligence into HX.
The Fire Eye Threat Intelligence Engine optimizes the intelligence production cycle: capture, processing, analysis and delivery of intelligence to FireEye customers and analysts.
With this capability, FireEye offers security teams detailed alert context and industry-leading intelligence about attacker campaigns, tools, idiosyncrasies, motivations, and more using the FireEye database of threat actors.
Flexibility is one more feature that many recent articles have highlighted the talent shortage in today’s security industry. Using Fire Eye as a Service model, FireEye introduced the Forward Deployed Analyst service that provides an on-site expert dedicated to infusing Fire Eye threat intelligence within the customer’s environment.
Visa Inc. and FireEye, Inc. also announced the launch of Visa Threat Intelligence, Powered by FireEye. Tailored to the needs of the payments industry. This new service will deliver real-time threat information to merchants and issuers so they can quickly assess and act on the most critical cyber-attacks that could breach their payment systems.
“Attack groups are exceptionally skilled at executing an attack across multiple organizations, identifying successful techniques and scaling those methods to an entire industry,” said Grady Summers, Chief Technology Officer, FireEye.
“By partnering with Visa, we can provide targeted intelligence to the payments industry to combat the economies of scale that attackers employ and help create a community united in a common defense.”
FireEye who is the leader in stopping today’s advanced cyber attacks, also announced an overview of the threat landscape in the Middle East, Turkey and Africa (META) region for the first half of 2015 in its latest Advanced Threat Report.
The report offers unique insights into the latest threats for EMEA enterprise security, in the face of steadily increasing infections and attacks.
Motivated by various objectives, threat actors are increasing their level of sophistication to steal personal data and business strategies from strategic industries, in order to gain a competitive advantage, or to degrade operational reliability.
The findings of this report are based on data from the FireEye Dynamic Threat Intelligence (DTI) cloud. The key findings by FireEye showed that from the META region, Saudi Arabia and Turkey were noted to witness the most targeted attacks.
Saudi Arabia saw 11% of them, whereas Turkey saw 6% of all the attacks affecting the EMEA region. The report also reveals that almost 50% of advanced threats in Saudi Arabia were targeted towards the Energy/Utilities vertical.
To Ray Kafity, vice president (META) region, FireEye sees a continuing trend of advanced attacks against organizations in the Kingdom of Saudi Arabia. Given the Kingdom’s strategic position with some of the largest oil reserves and reported GDP in the world, there is no doubt that the need to invest in advanced cyber security technologies and policies is now more imperative than ever.
FireEye also announced the FireEye Threat Intelligence Engine, FireEye’s threat intelligence capability that both powers and leverages the company’s threat prevention products and service offerings.
The FireEye Threat Intelligence Engine optimizes the intelligence production cycle capturing, processing, analyzing and delivering intelligence to FireEye customers and analysts.
In addition, to help enterprises operationalize threat intelligence, FireEye also announced the Forward Deployed Analyst service that provides an onsite expert dedicated to infusing FireEye threat intelligence within the customer’s environment
Kevin Mandia, president at FireEye said: “We have significantly invested in, and further aligned our technology, people, and unparalleled threat data to form the FireEye Threat Intelligence Engine. With this capability, FireEye offers security teams detailed alert context and industry-leading intelligence about attacker campaigns, tools, idiosyncrasies, motivations, and much more.
“The FireEye Threat Intelligence Engine is the edge that equips our responders, powers our detection, informs our customers and lets them anticipate today’s increasingly sophisticated cyber threats.”
