Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

5/18/2020
05:10 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

FireEye Announces Availability of FireEye Cloudvisory

Cloudvisory is a cloud-native security solution that gives security teams unified control over cloud sprawl and infrastructure misconfiguration.

MILPITAS, Calif. – May 13, 2020 – FireEye, Inc. (NASDAQ: FEYE), the intelligence-led security company, today announced the availability of FireEye® Cloudvisory™, a control center for cloud security management across any security environment – private, public and hybrid.

FireEye acquired Cloudvisory[1] in January 2020 as a means of combining cloud visibility with unrivaled insights into the threat landscape. Fully integrated into the broader FireEye cloud security portfolio, Cloudvisory now offers customers instant deployment across their cloud infrastructures, and further capabilities in security analytics through FireEye Helix™ and advanced threat detection through FireEye Detection On Demand.

“Managing complex, multi-cloud environments is a reality for the majority of enterprises. However, legacy security tools that bolt-on to existing deployments slow down cloud operations and can create massive security blind spots and open doors,” said Martin Holste, CTO of Cloud at FireEye. “By consolidating these environments into one consistent interface, our Cloudvisory solution offers security teams centralized visibility, continuous compliance and in-line enforcement of organization security policies. This removes the complexity of multi-cloud management while minimizing the impact of a potential incident.”

Building upon the FireEye cloud solutions portfolio, Cloudvisory is a cloud-native security solution that gives security teams unified control over cloud sprawl and infrastructure misconfiguration. Unlike legacy and one-off security tools that introduce deployment complexity and fail to scale in the cloud without greater investments in talent, the Cloudvisory solution is designed to:

·         Provide central single-pane visibility into assets, workloads and associated security controls and events across an organization’s cloud infrastructure

·         Remediate compliance failures, without any need for extra deployment components such as agents, appliances and functions

·         Block and quarantine attacks using cloud-native microsegmentation

Multi-Cloud Context Amplified by Unrivalled Threat Intelligence

While many organizations are moving to the cloud, attackers are exploring this new attack surface. Cloudvisory customers can easily implement security and governance policies for their cloud and container platforms based on frontline Mandiant® knowledge of attacker tools and techniques. These insights are continually being fed back into the Cloudvisory solution to inform better detection of emerging threats.

Further, Cloudvisory integrates with FireEye Helix to inform intelligent, orchestrated responses to detected incidents. With the ability to connect FireEye Detection On Demand and FireEye Messaging Security, analysts have a truly robust ability to pinpoint threats across cloud collaboration tools and popular cloud storage solutions. By coupling intelligent security analytics with orchestrated incident response, organizations benefit from actionable insights within a unified security architecture spanning legacy datacenter, private-cloud and public-cloud environments.

 

 

Availability

The FireEye Cloudvisory solution operates across AWS, Azure, Google Cloud, Kubernetes and OpenStack, as well as traditional virtualized and bare metal environments.

Cloudvisory is available as-a-service (SaaS) or on-premises; stand-alone or integrated with FireEye Helix. For more information on how Cloudvisory integrates with other FireEye and Mandiant products and services, visit https://www.fireeye.com/solutions/cloudvisory.html

About FireEye, Inc.

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 9,000 customers across 103 countries, including more than 50 percent of the Forbes Global 2000.

© 2020 FireEye, Inc. All rights reserved. FireEye, Cloudvisory, Helix and Mandiant are trademarks or registered trademarks of FireEye, Inc. in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23381
PUBLISHED: 2021-04-18
This affects all versions of package killing. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.
CVE-2021-23374
PUBLISHED: 2021-04-18
This affects all versions of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.
CVE-2021-23375
PUBLISHED: 2021-04-18
This affects all versions of package psnode. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.
CVE-2021-23376
PUBLISHED: 2021-04-18
This affects all versions of package ffmpegdotjs. If attacker-controlled user input is given to the trimvideo function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.
CVE-2021-23377
PUBLISHED: 2021-04-18
This affects all versions of package onion-oled-js. If attacker-controlled user input is given to the scroll function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.