Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

5/21/2020
09:25 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

FireEye Endpoint Security: Introducing Innovation Architecture for Rapid Deployment of Advanced Capabilities

Enables organizations to respond to security incidents more quickly with flexible and customizable modules.

MILPITAS, Calif. – May 20, 2020 – FireEye, Inc. (NASDAQ: FEYE), the intelligence-led security company, today introduced a new Innovation Architecture behind FireEye® Endpoint Security, including the availability of several new modules for protection, investigation and response. Through this approach, FireEye is enabling organizations with an efficient way to deploy advanced features.

“The rate at which new threats emerge is outpacing response. And traditionally, the time that the industry took to respond with the creation, testing and deployment of new features has been too long,” said Michelle Salvado, Vice President of Engineering and Endpoint GM at FireEye. “Through our new framework, FireEye makes an important shift in feature deployment. Now we can create and deploy these custom protection, investigation and response modules in just days – versus several months – in response to changes in the threat landscape.” 

Unlike traditional endpoint security vendors that provide one-size-fits-all solutions to every customer, FireEye Endpoint Security is designed to deliver comprehensive defense using fully customizable protection modules. The module creation is supported by the world’s leading frontline responders at Mandiant, to block malware and exploits, detect advanced attacks, and provide the response tools and techniques that fit an organization’s unique risk profile and security posture.

No More Waiting for Updates

With the new modular approach, organizations are no longer waiting for the next upgrade to benefit from the roll-out of new features or threat responses. Further, it’s up to organizations which modules they want to deploy and for whom, tailoring the level of protection down to an individual level if they choose.

Available via the FireEye Market, new Endpoint Security modules fall under three general categories – Protection, Investigation & Response, and Enterprise Readiness – with several coming as a direct result of knowledge from the frontlines of cyber security from the efforts by Mandiant® Solutions to address specific growing threats.

Protection:

  • Process Guard: Stops unauthorized processes from obtaining access to credential data on Windows, removing the need for an analyst to intervene to resolve the security issue.

Investigation and Response:

  • Process Tracker: Collects metadata on Windows, Mac, and Linux endpoints and streams the data to the Endpoint Security console.
  • Enrichment: Available in the coming months, this module adds FireEye Intelligence information to files to help determine when a file is malicious and aid in incident response investigations.

Enterprise Readiness:

  • Agent Status: Offers a user interface within the Endpoint Security console that displays system information and agent status, providing extended visibility to the IT admin.
  • Agent Console: Creates a triage on events that send back triggers, offering visibility into what the agent is doing, including which files have been previously quarantined.

FireEye plans to continue to release modules on an ongoing basis to address threats and release new features; including automation of remediation, increased streaming for alerting and investigation and enhanced protection of Windows access controls.

Additionally, FireEye Endpoint Security now includes malware protection for macOS, support for IPv6 environments and updated Linux audit options.

About FireEye Endpoint Security

FireEye Endpoint Security delivers expert-built endpoint defense to protect against common threats, detect and block advanced attacks and respond to the threats that matter. FireEye Endpoint Security is designed to enable security teams to respond with intelligence-led information to detect what other products miss and make current staff more efficient and users more secure. 

FireEye Endpoint Security customers that choose to augment their security teams with Mandiant Managed Defense further benefit from the solution with dedicated analysts that deliver proactive hunting, prioritization of alerts, and assistance in responding to threats. In a recent MITRE ATT&CK® evaluation, FireEye Endpoint Security and Mandiant Managed Defense delivered the most comprehensive coverage across all detection categories. For more details, visit https://www.fireeye.com/blog/products-and-services/2020/04/mitre-evaluation-demonstrates-endpoint-security-managed-defense-detection-leadership.html

For more details on Endpoint Security, and to request a 30-day evaluation, visit https://www.fireeye.com/endpoint

About FireEye, Inc.

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 9,000 customers across 103 countries, including more than 50 percent of the Forbes Global 2000.

Forward-Looking Statements

This press release contains forward-looking statements, including statements related to the expectations, beliefs, features, capabilities, benefits and availability of new FireEye Endpoint Security modules. These forward-looking statements involve risks and uncertainties, as well as assumptions which, if they do not fully materialize or prove incorrect, could cause FireEye's results to differ materially from those expressed or implied by such forward-looking statements. The risks and uncertainties that could cause our results to differ materially from those expressed or implied by such forward-looking statements include customer demand and adoption of FireEye's offerings; real or perceived defects, errors or vulnerabilities in FireEye's offerings; the ability of FireEye to retain and recruit highly experienced and qualified personnel; FireEye's ability to react to trends and challenges in its business and the markets in which it operates; FireEye's ability to anticipate market needs or develop and deliver new or enhanced offerings to meet those needs; and general market, political, economic, and business conditions; as well as those risks and uncertainties included under the captions "Risk Factors" and "Management's Discussion and Analysis of Financial Condition and Results of Operations," in FireEye's Form 10-Q filed with the Securities and Exchange Commission on May 1, 2020, which is available on the Investor Relations section of the company's website at investors.FireEye.com and on the SEC website at www.sec.gov. All forward-looking statements in this press release are based on information available to the company as of the date hereof, and FireEye does not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made. Any future product, service, feature, benefit or related specification that may be referenced in this release is for information purposes only and is not a commitment to deliver any technology or enhancement. FireEye reserves the right to modify future product and services plans at any time.

© 2020 FireEye, Inc. All rights reserved. FireEye and Mandiant are registered trademarks or trademarks of FireEye, Inc. in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.

Media Inquiries:
[email protected]

Investor Inquiries: 
[email protected]

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
NSA Appoints Rob Joyce as Cyber Director
Dark Reading Staff 1/15/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This is not what I meant by "I would like to share some desk space"
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-1067
PUBLISHED: 2021-01-20
NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the implementation of the RPMB command status, in which an attacker can write to the Write Protect Configuration Block, which may lead to denial of service or escalation of privileges.
CVE-2021-1068
PUBLISHED: 2021-01-20
NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the NVDEC component, in which an attacker can read from or write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service or escalation of privileges.
CVE-2021-1069
PUBLISHED: 2021-01-20
NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the NVHost function, which may lead to abnormal reboot due to a null pointer reference, causing data loss.
CVE-2020-26252
PUBLISHED: 2021-01-20
OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.6, there is a vulnerability which enables remote code execution. In affected versions an administrator with permission to update product data to be able to store an executable file on the server ...
CVE-2020-26278
PUBLISHED: 2021-01-20
Weave Net is open source software which creates a virtual network that connects Docker containers across multiple hosts and enables their automatic discovery. Weave Net before version 2.8.0 has a vulnerability in which can allow an attacker to take over any host in the cluster. Weave Net is suppli...