The integration between Guidance Software's EnCase® Cybersecurity and the FireEye threat protection platform is designed to automate the incident response workflow so that companies can start triaging an advanced cyber attack immediately following detection, within minutes instead of weeks. The combined solution uses the FireEye platform to detect malware on the network, and then immediately shares threat intelligence discovered by the FireEye platform with EnCase Cybersecurity. The FireEye alert triggers an automated assessment of the endpoints by EnCase Cybersecurity which determines their risk profiles, prioritizes the responses, and finally remediates any harm.
The FireEye-EnCase Cybersecurity joint solution provides a complete workflow against today's new breed of cyber attacks. Features include the following:
Signature-less detection ensures ability to detect advanced threats including targeted zero-day attacks and advanced persistent threats (APTs)
Automated endpoint validation to ensure high-risk devices get the immediate attention they deserve
A snapshot of the affected endpoints the moment an attack is detected to provide the information needed for comprehensive scope assessment and dramatic reduction in time to recovery
Remediation capabilities to block command and control traffic, kill malicious processes, and wipe offending files
"As a value added reseller, our mission is to solve pervasive information security problems with the right technology--and there is no one vendor with a single solution," said Brandy Peterson, chief technology officer, FishNet Security. "There's simply too much at stake for our customers, and the integration between FireEye and EnCase Cybersecurity will help them quickly detect and more fully respond to cyber attacks."
"Traditional security technology is ill-equipped to handle the barrage of cyber attacks perpetuated by today's cybercriminals," said David DeWalt, FireEye chairman and CEO. "FireEye has a unique threat protection platform to protect against today's attacks, which is extended by the ability of EnCase Cybersecurity to provide rapid incident response."
"The headlines prove that even the most secure organizations will inevitably face a data breach and need to respond swiftly when that happens," said Victor Limongelli, Guidance Software president and chief executive officer. "Our customers acknowledge this and have actively worked with us and FireEye to take the evolutionary next step in information security, fully automating critical response activities that mitigate the threat of today's cyber attacks."
Additional benefits of the joint solution include:
Lower Total Cost of Ownership – Organizations can decrease their security spend by reducing detection time and improving digital forensics, improving malware incident response from weeks to minutes.
Advanced Threat Protection – Network traffic analysis identifies and stops targeted, zero-day attacks and audits endpoints to detect additional risk.
Real-time Detection and Response – IT departments can identify and prevent outbound callback communication to eliminate compromised systems from being exploited by external command and control servers to contain threats.
Deep Forensic Analysis – The FireEye-EnCase cybersecurity solution is designed to provide total visibility into potentially compromised endpoints the moment an alert is generated to accurately determine the source and scope of an attack.
The joint solution is available today from VARs worldwide.
About FireEye, Inc.
FireEye® has pioneered the next generation of threat protection to help organizations protect themselves from being compromised. Cyber attacks have become much more sophisticated and are now easily bypassing traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways, compromising the majority of enterprise networks. The FireEye platform supplements these legacy defenses with a new model of security to protect against the new breed of cyber attacks. The unique FireEye platform provides the industry's leading cross-enterprise threat protection fabric to dynamically identify and block cyber attacks in real time. The core of the FireEye platform is a signature-less, virtualized detection engine and a cloud-based threat intelligence network, which help organizations protect their assets across all major threat vectors, including Web, email, mobile, and file-based cyber attacks. The FireEye platform is deployed in over 40 countries and more than 1,000 customers and partners, including over 25% of the Fortune 100.
About Guidance Software, Inc.
Guidance Software is recognized worldwide as the industry leader in digital investigative solutions. Its EnCase® Enterprise platform is used by numerous government agencies, more than 65% of the Fortune 100, and more than 40% of the Fortune 500, to conduct digital investigations of servers, laptops, desktops, and mobile devices. Built on the EnCase Enterprise platform are market-leading electronic discovery and cyber security solutions, EnCase® eDiscovery and EnCase® Cybersecurity, which enable organizations to respond to litigation discovery requests, proactively perform data discovery for compliance purposes, and conduct speedy and thorough security incident response. For more information about Guidance Software, visit www.guidancesoftware.com.
EnCase®, EnScript®, FastBloc®, EnCE®, EnCEP®, CaseCentral®, CaseCentral eDiscovery Cloud®, Guidance Software&trade and Tableau&trade are registered trademarks or trademarks owned by Guidance Software in the United States and other jurisdictions and may not be used without prior written permission. All other trademarks and copyrights referenced in this press release are the property of their respective owners.
- See more at: http://www.rsaconference.com/events/2013/usa/for-media/sponsor-news.htm#sthash.1yFzc4k7.dpuf