Guidance Software And FireEye Forge Malware Alliance

Companies will integrate their security incident response and malware detection products

February 28, 2012

5 Min Read


SAN FRANCISCO, Calif. RSA Conference - (February 28, 2012) – Guidance Software Inc. (NASDAQ:GUID), the World Leader in Digital Investigations™, and FireEye, Inc. today announced a strategic alliance to integrate their security incident response and malware detection products to allow enterprises to more efficiently andeffectively detect and respond to advanced cyber threats.

The announcement was made at the RSA Conference where Guidance Software is in booth #136 and FireEye is in booth #2117.

Companies are under attack by sophisticated zero-day and signature-less advanced malware that can evade traditional perimeter security systems. FireEye Malware Protection System detects this advanced malware on the network then shares malware forensic information with EnCase' Cybersecurity to further investigate the attack at the endpoint, determine scope of infection and remediate the zero-day threat.

Under the alliance, the two companies are developing a software connector for integration of their two products and are also training their customers and channel on how to use the integrated products.

“Determined hackers, hacktivists and cyber criminals have learned to evade traditional signature and policy-based approaches and the result is that the risk of data loss is higher than ever,” said Alex Andrianopoulos, Guidance Software vice president of marketing. “By working with FireEye to close the loop on responding to a threat, we can help enterprises reduce data losses and the cost and embarrassment that comes with them.”

EnCase Cybersecurity is an endpoint incident response and data auditing software solution designed to eliminate the time gap between alert and response. Through the automation of the incident response process, organizations can reduce the high cost of response and the risk of exposingsensitive data to loss or theft. The solution helps validate the presence of a detected zero-day on network endpoints, prioritize response, determine source and scope of an incident, identify potential data loss scenarios and minimize time to remediation.

“Today, malware attacks have moved beyond signature-based code and have become so sophisticated that it has prompted the need for enterprises to look for new tools to ensure the integrity of theircomputing infrastructure,” said Brent Remai, FireEye chief marketing officer. “With our Malware Protection System working with EnCase Cybersecurity, enterprises now have amore comprehensive tool at their service that is able to find advanced malware on their networks, alert them of threats at the endpoint, and contain thesethreats to prevent further harm to their network.”


The FireEye Malware Protection System (MPS) is the only complete solution to stop advanced targeted attacks across the Web and email threat vectors and malware resident on file shares. The FireEye security platform offers integrated, multi-vector protection utilizing stateful attack analysis to stop all stages of an advanced attack. Each of FireEye’s products features the Virtual Execution (VX) engine that provides state-of-the-art, signature-less analysis using the most sophisticated virtual machines. The Malware Protection System builds a 360-degree, stage-by-stage analysis of an advanced attack, from system exploitation to data exfiltration, in order tomost effectively stop would-be APT attackers.

The combined solution provides:

? Lower security operation costs – Decrease the time to detect and increase the analysis capacity, ultimately reducing the malware incident response cycle from weeks to minutes.

? Adaptive defense to stop targeted, zero-day attacks – Analyze network traffic to identify new and unknown attacks in real time, and audit endpoints to expose unknown risks that may have evaded signature based defenses.

? Real-time protection blocks data exfiltration attempts and gives IT time for a real-time response to contain threats at the endpoint – Stop outbound callback communications to disrupt compromised systems from being exploited from external command and control servers. Wipe data associated with the threat from affected endpoints.

Quick and accurate decision making with complete visibility–See exactly what was occurring on the endpoint the moment an alert is generated and trace the full execution path of zero-day and known attacks to accurately determine the source and scope of attack.

? Accurate results – Confirm malware through comprehensive, automated testing and endpoint validation to avoid false alarms.

? Automated sensitive data audit – Understand immediately if sensitive data is at risk to further prioritize response activities and next steps.

An integrated solution is available today from VARs worldwide.

About Guidance Software (GUID)

Guidance Software is recognized worldwide as the industry leader in digital investigative solutions. Its EnCase' platform, with more than 40,000 licenses distributed worldwide, provides the foundation for government, corporate and law enforcement organizations to conduct thorough, network-enabled, and court-validated computer investigations of any kind, such as responding to e-discovery requests, conducting internal investigations, responding to regulatory inquiries or performing data and compliance auditing - all while maintaining the integrity of the data. The EnCase' Enterprise platform is used by numerous Federal Civilian and Defense agencies, more than 60 of the Fortune 100, andthousands attend Guidance Software's renowned training programs annually. For more information about Guidance Software, visit

About FireEye, Inc.

FireEye is the leader in stopping advanced targeted attacks that use advanced malware, zero-day exploits, and APT tactics. FireEye’s solutions supplement traditional and next-generation firewalls, IPS, antivirus and gateways, which cannot stop advanced threats, leaving security holes innetworks. FireEye offers the industry’s only solution that detects and blocks attacks across both Web and email threat vectors as well as latent malware resident on file shares. It addresses all stages of an attack lifecycle with a signature-less engine utilizing stateful attack analysis to detect zero-daythreats. Based in Milpitas, California, FireEye is backed by premier financial partners including Sequoia Capital, Norwest Venture Partners and Juniper Networks.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights