Analytics
1/15/2013
07:34 AM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Sourcefire Extends Advanced Malware Protection With Incident Response Capabilities

Services enable customers to identify an event, evaluate the risk, and determine the most effective approach to remediate

Columbia, MD – January 14, 2013 -- Sourcefire, Inc. (Nasdaq: FIRE), a leader in intelligent cybersecurity solutions, today announced it has expanded its advanced malware protection offerings to include new Incident Response Professional Services that assist customers in addressing advanced malware challenges. The services enable customers to clearly identify an event, evaluate the risk and determine the most effective approach to remediate. Experienced in incident response techniques, methodology and the actions of malicious code, the Sourcefire Incident Response Team helps customers eliminate uncertainty and make educated decisions for better protection – before, during and after an attack.

“Given the inevitability of a security breach, large organizations must supplement Advanced Malware Detection/Prevention network and host-based controls with effective and efficient incident response policies, processes and metrics,” said Jon Oltsik, Senior Principal Analyst, Enterprise Strategy Group (ESG).1 “Many security solutions were designed for advanced malware detection and blocking alone, and lack the intelligence and integration necessary for incident detection and response. One notable exception of products and services comes from network security leader Sourcefire.”

The Sourcefire Incident Response team assists customers in diagnosing, identifying and remediating risks using Sourcefire technology. Sourcefire advanced malware protection for FirePOWER™ and FireAMP™ use security big data analytics and collective intelligence to deliver integrated, advanced malware protection from the network to end-devices. The Incident Response team helps customers leverage the intelligence these solutions provide, including forensic data, continuous file analysis, and visibility into file trajectory and behavior, to make more informed security and incident response decisions across the entire advanced malware lifecycle.

Using best practices for incident response and a structured approach to incident evaluation, the Sourcefire experts act as an extension of the customer’s team to identify risk and minimize it in the future. Services include incident investigation to determine the method(s) of attack employed by the attacker throughout the course of the incident; countermeasure development to detect and stop attacks; assistance in deploying countermeasures according to best practices; and validation of countermeasure effectiveness and recalibration as needed to ensure ongoing protection.

“Advanced malware protection is not just about having the right technologies in place but also the right response when the technologies identify an event,” said Jonathan Goldberger, vice president of professional services for Sourcefire. “Our incident response service helps our customers bridge the knowledge and experience gap so that they can take a more proactive stance to identifying, mitigating and eliminating risks using the intelligence from FireAMP and advanced malware protection for FirePOWER.”

Complimentary Webinar

Discover the 4 Dimensions of Incident Response during the complimentary webinar, “Malware War Stories.” Register for one of three sessions: http://www.sourcefire.com/malwarewarstories

About Sourcefire Professional Services

Sourcefire Professional Services combines a sophisticated and empirical approach to customer satisfaction with more than a decade of thought leadership in cybersecurity technologies. All offerings are based on best practices maintained by Sourcefire and derived from Information Security Standards (CISSP Domains, ISO 27000 series, etc.), compliance standards (PCI, HIPAA, SOX, FISMA, etc.) and our extensive experience deploying, architecting, tuning and securing environments globally.

About Sourcefire Sourcefire, Inc. (Nasdaq:FIRE), a world leader in intelligent cybersecurity solutions, is transforming the way global large- to mid-size organizations and government agencies manage and minimize network security risks. With solutions from a next-generation network security platform to advanced malware protection, Sourcefire provides customers with Agile Security® that is as dynamic as the real world it protects and the attackers against which it defends. Trusted for more than 10 years, Sourcefire has been consistently recognized for its innovation and industry leadership with numerous patents, world-class research, and award-winning technology. Today, the name Sourcefire has grown synonymous with innovation, security intelligence and agile end-to-end security protection. For more information about Sourcefire, please visit www.sourcefire.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7052
Published: 2014-10-19
The sahab-alkher.com (aka com.tapatalk.sahabalkhercomvb) application 2.4.9.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-7056
Published: 2014-10-19
The Yeast Infection (aka com.wyeastinfectionapp) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-7070
Published: 2014-10-19
The Air War Hero (aka com.dev.airwar) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-7075
Published: 2014-10-19
The HAPPY (aka com.tw.knowhowdesign.sinfonghuei) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-7079
Published: 2014-10-19
The Romeo and Juliet (aka jp.co.cybird.appli.android.rjs) application 1.0.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.