Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

5/18/2020
05:10 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

FireEye Announces Availability of FireEye Cloudvisory

Cloudvisory is a cloud-native security solution that gives security teams unified control over cloud sprawl and infrastructure misconfiguration.

MILPITAS, Calif. – May 13, 2020 – FireEye, Inc. (NASDAQ: FEYE), the intelligence-led security company, today announced the availability of FireEye® Cloudvisory™, a control center for cloud security management across any security environment – private, public and hybrid.

FireEye acquired Cloudvisory[1] in January 2020 as a means of combining cloud visibility with unrivaled insights into the threat landscape. Fully integrated into the broader FireEye cloud security portfolio, Cloudvisory now offers customers instant deployment across their cloud infrastructures, and further capabilities in security analytics through FireEye Helix™ and advanced threat detection through FireEye Detection On Demand.

“Managing complex, multi-cloud environments is a reality for the majority of enterprises. However, legacy security tools that bolt-on to existing deployments slow down cloud operations and can create massive security blind spots and open doors,” said Martin Holste, CTO of Cloud at FireEye. “By consolidating these environments into one consistent interface, our Cloudvisory solution offers security teams centralized visibility, continuous compliance and in-line enforcement of organization security policies. This removes the complexity of multi-cloud management while minimizing the impact of a potential incident.”

Building upon the FireEye cloud solutions portfolio, Cloudvisory is a cloud-native security solution that gives security teams unified control over cloud sprawl and infrastructure misconfiguration. Unlike legacy and one-off security tools that introduce deployment complexity and fail to scale in the cloud without greater investments in talent, the Cloudvisory solution is designed to:

·         Provide central single-pane visibility into assets, workloads and associated security controls and events across an organization’s cloud infrastructure

·         Remediate compliance failures, without any need for extra deployment components such as agents, appliances and functions

·         Block and quarantine attacks using cloud-native microsegmentation

Multi-Cloud Context Amplified by Unrivalled Threat Intelligence

While many organizations are moving to the cloud, attackers are exploring this new attack surface. Cloudvisory customers can easily implement security and governance policies for their cloud and container platforms based on frontline Mandiant® knowledge of attacker tools and techniques. These insights are continually being fed back into the Cloudvisory solution to inform better detection of emerging threats.

Further, Cloudvisory integrates with FireEye Helix to inform intelligent, orchestrated responses to detected incidents. With the ability to connect FireEye Detection On Demand and FireEye Messaging Security, analysts have a truly robust ability to pinpoint threats across cloud collaboration tools and popular cloud storage solutions. By coupling intelligent security analytics with orchestrated incident response, organizations benefit from actionable insights within a unified security architecture spanning legacy datacenter, private-cloud and public-cloud environments.

 

 

Availability

The FireEye Cloudvisory solution operates across AWS, Azure, Google Cloud, Kubernetes and OpenStack, as well as traditional virtualized and bare metal environments.

Cloudvisory is available as-a-service (SaaS) or on-premises; stand-alone or integrated with FireEye Helix. For more information on how Cloudvisory integrates with other FireEye and Mandiant products and services, visit https://www.fireeye.com/solutions/cloudvisory.html

About FireEye, Inc.

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 9,000 customers across 103 countries, including more than 50 percent of the Forbes Global 2000.

© 2020 FireEye, Inc. All rights reserved. FireEye, Cloudvisory, Helix and Mandiant are trademarks or registered trademarks of FireEye, Inc. in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/4/2020
Abandoned Apps May Pose Security Risk to Mobile Devices
Robert Lemos, Contributing Writer,  5/29/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13768
PUBLISHED: 2020-06-04
In MiniShare before 1.4.2, there is a stack-based buffer overflow via an HTTP PUT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19861, CVE-2018-19862, and CVE-2019-17601. NOTE: this product is discontinued.
CVE-2020-13849
PUBLISHED: 2020-06-04
The MQTT protocol 3.1.1 requires a server to set a timeout value of 1.5 times the Keep-Alive value specified by a client, which allows remote attackers to cause a denial of service (loss of the ability to establish new connections), as demonstrated by SlowITe.
CVE-2020-13848
PUBLISHED: 2020-06-04
Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.
CVE-2020-11682
PUBLISHED: 2020-06-04
Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing request. A __RequestVerificationToken is set by the web interface, and included in requests sent by web interface. However, this token is not verified by the application: the token can be removed from all requests and the request ...
CVE-2020-12847
PUBLISHED: 2020-06-04
Pydio Cells 2.0.4 web application offers an administrative console named “Cells Console� that is available to users with an administrator role. This console provides an administrator user with the possibility of changing several settings, including the applicat...