Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


12:06 PM
Dark Reading
Dark Reading
Products and Releases

Guidance Software And FireEye Forge Malware Alliance

Companies will integrate their security incident response and malware detection products

Click here for more articles.

SAN FRANCISCO, Calif. RSA Conference - (February 28, 2012) – Guidance Software Inc. (NASDAQ:GUID), the World Leader in Digital Investigations™, and FireEye, Inc. today announced a strategic alliance to integrate their security incident response and malware detection products to allow enterprises to more efficiently andeffectively detect and respond to advanced cyber threats.

The announcement was made at the RSA Conference where Guidance Software is in booth #136 and FireEye is in booth #2117.

Companies are under attack by sophisticated zero-day and signature-less advanced malware that can evade traditional perimeter security systems. FireEye Malware Protection System detects this advanced malware on the network then shares malware forensic information with EnCase' Cybersecurity to further investigate the attack at the endpoint, determine scope of infection and remediate the zero-day threat.

Under the alliance, the two companies are developing a software connector for integration of their two products and are also training their customers and channel on how to use the integrated products.

“Determined hackers, hacktivists and cyber criminals have learned to evade traditional signature and policy-based approaches and the result is that the risk of data loss is higher than ever,” said Alex Andrianopoulos, Guidance Software vice president of marketing. “By working with FireEye to close the loop on responding to a threat, we can help enterprises reduce data losses and the cost and embarrassment that comes with them.”

EnCase Cybersecurity is an endpoint incident response and data auditing software solution designed to eliminate the time gap between alert and response. Through the automation of the incident response process, organizations can reduce the high cost of response and the risk of exposingsensitive data to loss or theft. The solution helps validate the presence of a detected zero-day on network endpoints, prioritize response, determine source and scope of an incident, identify potential data loss scenarios and minimize time to remediation.

“Today, malware attacks have moved beyond signature-based code and have become so sophisticated that it has prompted the need for enterprises to look for new tools to ensure the integrity of theircomputing infrastructure,” said Brent Remai, FireEye chief marketing officer. “With our Malware Protection System working with EnCase Cybersecurity, enterprises now have amore comprehensive tool at their service that is able to find advanced malware on their networks, alert them of threats at the endpoint, and contain thesethreats to prevent further harm to their network.”


The FireEye Malware Protection System (MPS) is the only complete solution to stop advanced targeted attacks across the Web and email threat vectors and malware resident on file shares. The FireEye security platform offers integrated, multi-vector protection utilizing stateful attack analysis to stop all stages of an advanced attack. Each of FireEye’s products features the Virtual Execution (VX) engine that provides state-of-the-art, signature-less analysis using the most sophisticated virtual machines. The Malware Protection System builds a 360-degree, stage-by-stage analysis of an advanced attack, from system exploitation to data exfiltration, in order tomost effectively stop would-be APT attackers.

The combined solution provides:

? Lower security operation costs – Decrease the time to detect and increase the analysis capacity, ultimately reducing the malware incident response cycle from weeks to minutes.

? Adaptive defense to stop targeted, zero-day attacks – Analyze network traffic to identify new and unknown attacks in real time, and audit endpoints to expose unknown risks that may have evaded signature based defenses.

? Real-time protection blocks data exfiltration attempts and gives IT time for a real-time response to contain threats at the endpoint – Stop outbound callback communications to disrupt compromised systems from being exploited from external command and control servers. Wipe data associated with the threat from affected endpoints.

Quick and accurate decision making with complete visibility–See exactly what was occurring on the endpoint the moment an alert is generated and trace the full execution path of zero-day and known attacks to accurately determine the source and scope of attack.

? Accurate results – Confirm malware through comprehensive, automated testing and endpoint validation to avoid false alarms.

? Automated sensitive data audit – Understand immediately if sensitive data is at risk to further prioritize response activities and next steps.

An integrated solution is available today from VARs worldwide.

About Guidance Software (GUID)

Guidance Software is recognized worldwide as the industry leader in digital investigative solutions. Its EnCase' platform, with more than 40,000 licenses distributed worldwide, provides the foundation for government, corporate and law enforcement organizations to conduct thorough, network-enabled, and court-validated computer investigations of any kind, such as responding to e-discovery requests, conducting internal investigations, responding to regulatory inquiries or performing data and compliance auditing - all while maintaining the integrity of the data. The EnCase' Enterprise platform is used by numerous Federal Civilian and Defense agencies, more than 60 of the Fortune 100, andthousands attend Guidance Software's renowned training programs annually. For more information about Guidance Software, visit www.guidancesoftware.com.

About FireEye, Inc.

FireEye is the leader in stopping advanced targeted attacks that use advanced malware, zero-day exploits, and APT tactics. FireEye’s solutions supplement traditional and next-generation firewalls, IPS, antivirus and gateways, which cannot stop advanced threats, leaving security holes innetworks. FireEye offers the industry’s only solution that detects and blocks attacks across both Web and email threat vectors as well as latent malware resident on file shares. It addresses all stages of an attack lifecycle with a signature-less engine utilizing stateful attack analysis to detect zero-daythreats. Based in Milpitas, California, FireEye is backed by premier financial partners including Sequoia Capital, Norwest Venture Partners and Juniper Networks.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-04-11
In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside sift_up or sift_down_range panics. This bug leads to a drop of zeroed memory as an arbitrary type, which can result in a memory ...
PUBLISHED: 2021-04-11
In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the sam...
PUBLISHED: 2021-04-11
In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free.
PUBLISHED: 2021-04-11
In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow.
PUBLISHED: 2021-04-11
In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to a memory safety violation due to an unmet safety r...