Vulnerabilities / Threats
2/6/2014
03:42 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

OpenDNS And FireEye Partner To Amplify Protection Against Advanced Cyber Attacks

Company announces integration of its Umbrella security service with the FireEye Web Malware Protection System

LAS VEGAS, Feb. 5, 2014 - OpenDNS, the world's leading provider of cloud security services, today announced the integration of its Umbrella security service with the FireEye Web Malware Protection System (MPS). The combination of OpenDNS predictive threat detection and enforcement with FireEye behavioral analysis provides real-time protection against custom malware, zero-day exploits and advanced persistent threats (APT). Using OpenDNS and FireEye together, customers can extend security policies to the cloud and transparently protect any user and any device, both on and off the network.

OpenDNS will demonstrate its Umbrella security service with FireEye integration at the FireEye 2014 Momentum Partner Conference in Las Vegas this week.

According to Gartner, Inc., "Today's attacks are stealthy and target specific enterprises, individuals and data. A typical targeted attack will exploit multiple weaknesses to achieve its ultimate goal -- usually the theft of data, fraud, or damage to the enterprise."

Today more than ever, employees are working outside of the secured network perimeter, leaving devices vulnerable and increasingly exposed to malicious attacks. As a result, employees bring compromised devices back inside the protected network.

The combination of OpenDNS's cloud security infrastructure and the FireEye allows organizations to block both known and zero-day attacks whether the employee is inside the perimeter or not. Malicious activity detected by FireEye is automatically fed to the Umbrella service to enhance security policy enforcement, protecting customers from infection and preventing data leakage.

"OpenDNS is a pioneer in cloud security," said Didi Dayton, vice president of worldwide strategic alliances at FireEye. "Through this partnership, we are able to extend FireEye's advanced threat protection to the cloud and provide centralized security policy enforcement to any device, on or off the network. OpenDNS offers a unique solution that resonates with our customers and we're excited to welcome them to our partner community."

OpenDNS uses a big data analytics platform that harnesses the collective intelligence of the Internet to discover, predict and block cyber threats without tuning by security administrators. FireEye uses a unique automated approach to test suspicious executable files in a safe virtual environment and analyze their behavior to detect sophisticated malware. To centrally protect all on and off network devices against zero-day and multi-protocol cyber attacks, FireEye will deliver alerts to OpenDNS when new threats are detected.

"This partnership is truly a force-multiplier for Enterprise security," said David Ulevitch, CEO of OpenDNS. "The OpenDNS-FireEye integration provides the most comprehensive protection against cyber attacks and extends enforcement beyond the eroding network perimeter. Together we can detect, alert and block advanced threats before damage can be done."

Availability and Pricing

The Umbrella service with FireEye integration is available immediately from OpenDNS.

Resources:

Our "Secret Sauce"

Managing Evolved Threats

Rethinking Cyber-Security

About OpenDNS

OpenDNS is the world's leading provider of Internet security and DNS services, enabling the world to connect to the Internet with confidence on any device, anywhere, anytime. OpenDNS provides millions of businesses, schools and households with a safer, faster and more intelligent Internet experience by protecting them from malicious Web threats and providing them control over how users navigate the Internet, while dramatically increasing the network's overall performance and reliability. The company's cloud-delivered Umbrella security service protects enterprise users from malware, botnets and phishing regardless of location or device. At the heart of all OpenDNS services is the OpenDNS Global Network, the world's largest Internet-wide security network, securing 50 million active users daily through 21 data centers worldwide. For more information, please visit: www.opendns.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-3946
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

CVE-2012-5723
Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVE-2013-6738
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

CVE-2014-0188
Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web