Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats //

Advanced Threats

12:00 AM
Dark Reading
Dark Reading
Products and Releases

FireEye and Mandiant Unite to Deliver Industry's First Global Security as a Service Solution

Introduces Next Generation Threat Intelligence Suite for Deeper Insights Into Cyber Attacks

Milpitas, CA – Sept. 17, 2014 – FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today’s advanced cyber attacks, today announced two new solutions designed to equip organizations to scale their defense strategies. The new FireEye as a Service™ offering is an on-demand security management offering that allows organizations to apply FireEye’s technology, intelligence and expertise to find and stop cyber attacks. The second new offering announced today, FireEye® Advanced Threat Intelligence™, provides access to threat data and analytical tools that help identify attacks and provide context about the tactics and motives of specific threat actors. Together, these new offerings enable organizations to implement an Adaptive Defense™ security model, so that organizations can rapidly detect and respond to security incidents as they occur.

The ongoing acceleration of technology innovation continues to outpace today’s security capabilities, leading more and more organizations to align with a strategic defense partner that can protect them over the long haul,” said David DeWalt, chairman of the board and CEO, FireEye. “To meet this need, FireEye is taking a new approach with the introduction of FireEye as a Service and FireEye Advanced Threat Intelligence. FireEye is now able to serve as an extension of our customers’ security teams so they can more quickly implement an Adaptive Defense security model. By blending FireEye’s technology, intelligence and expertise into a single on-demand offering, FireEye as a Service simplifies and consolidates the disparate patchwork of products and services organizations must piece together to defend themselves.”

The Adaptive Defense security model is an approach for defending against advanced threat actors that scales up or down based on the unique needs of each security organization at any point in time. With this new approach, organizations can significantly reduce the risks of cyber attacks with on-demand access to FireEye’s expert team of analysts, forensics specialists and malware reverse engineers.

With FireEye as a Service, organizations can choose to manage their own security operations, offload security operations to FireEye, or co-manage operations with FireEye or a FireEye partner. When organizations choose FireEye as a Service, they tap into FireEye’s team of expert threat analysts located in security operations centers around the world to hunt for attackers in their organization by applying FireEye’s unique combination of technology, intelligence and expertise.

The new FireEye Advanced Threat Intelligence offering adds two new capabilities to complement FireEye’s existing Dynamic Threat Intelligence™ subscription. First, when the FireEye Threat Prevention Platform identifies an attack, users will now be able to view intelligence about the attackers and the malware. Security teams will be able to see who the associated threat actor is, what their likely motives are, and get information about the malware and other indicators they can use to search for the attackers. The second new capability is a threat intelligence research service where customers can subscribe to ongoing research including comprehensive dossiers, trends, news and analysis on advanced threat groups as well as profiles of targeted industries, including information about the types of data that threat groups target. Both new offerings are available as a subscription to customers that have purchased FireEye products.

"The tools attackers use to invade networks and steal digital assets are changing every day and security teams are tired of knitting together a complex patchwork of technology and services to defend themselves,” said Jon Oltsik, principal analyst with the Enterprise Strategy Group. “With FireEye as a Service, customers get on-demand access to the FireEye’s technology, intelligence and expertise so they can have a single point of contact to address their needs before, during or after a security incident.

Highlights of FireEye as a Service include:

FireEye analysts staff an around the clock global network of security operations centers to hunt for attackers in an environment using FireEye technology and advanced analytics that identifies outliers and correlates them with behaviors of known attackers. By finding high-risk threats at the earliest stages of an attack, FireEye minimizes the risk of a breach.

Even organizations with the most aggressive and mature security programs experience security incidents. With FireEye as a Service, organizations can quickly engage a Mandiant® incident response team when needed.

Support for Multiple Licensing Models Organizations can choose to pay a subscription fee and account for the service as an operational expense or pay up front and account for it as a capital expense.

Complementary to Existing Service Providers .If an organization desires, FireEye offers the service through qualified managed security service partners to complement their capabilities and deliver FireEye-as-a-Service through them.

Access to Personalized Intelligence Reports. FireEye as a Service customers get access to key intelligence findings and judgments specific to their organization from the FireEye intelligence team.  This includes identification of attackers specifically targeting their industry, typical attack methodologies used by relevant adversaries, and key business or financial data that motivates attackers to target your organization.

Access to Experts. Collectively, FireEye’s security analysts, threat assessment managers and forensics specialists have centuries’ worth of experience. Skilled security experts are expensive and hard to find. By providing reliable, on-demand access to these advanced skills, security teams can rest assured they are available in times of need without making unnecessary investments.

To learn more about how FireEye as a Service enables organizations to operationalize an Adaptive Defense security model, please visit FireEye COO Kevin Mandia’s blog post: http://www.fireeye.com/blog/corporate/2014/09/security-done-the-right-way-adaptive-defense.html. For more information on FireEye as a Service, FireEye Advanced Threat Intelligence or becoming an Adaptive Defense customer, please visit: http://www.fireeye.com

About FireEye, Inc.

FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 2,500 customers across 65 countries, including over 150 of the Fortune 500.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/5/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Cybersecurity Spending Hits 'Temporary Pause' Amid Pandemic
Kelly Jackson Higgins, Executive Editor at Dark Reading,  6/2/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The State of Ransomware
The State of Ransomware
Ransomware has become one of the most prevalent new cybersecurity threats faced by today's enterprises. This new report from Dark Reading includes feedback from IT and IT security professionals about their organization's ransomware experiences, defense plans, and malware challenges. Find out what they had to say!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-06-05
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from a stored XSS vulnerability. An author user can create posts that result in a stored XSS by using a crafted payload in custom links.
PUBLISHED: 2020-06-05
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user can create posts that result in stored XSS vulnerabilities, by using a crafted link in the custom URL or by applying custom attributes.
PUBLISHED: 2020-06-05
In Combodo iTop a menu shortcut name can be exploited with a stored XSS payload. This is fixed in all iTop packages (community, essential, professional) in version 2.7.0 and iTop essential and iTop professional in version 2.6.4.
PUBLISHED: 2020-06-05
In Combodo iTop, dashboard ids can be exploited with a reflective XSS payload. This is fixed in all iTop packages (community, essential, professional) for version 2.7.0 and in iTop essential and iTop professional packages for version 2.6.4.
PUBLISHED: 2020-06-05
In the cheetah free wifi 5.1 driver file liebaonat.sys, local users are allowed to cause a denial of service (BSOD) or other unknown impact due to failure to verify the value of a specific IOCTL.