Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

2/26/2013
10:43 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

FireEye And Guidance Software Partner To Deliver Integrated Cyber Attack Detection And Incident Response Solution

FireEye-EnCase Cybersecurity joint solution designed to automate the incident response workflow

MILPITAS, Calif. & PASADENA, Calif.--(BUSINESS WIRE)--Guidance Software (NASDAQ: GUID) – FireEye®, Inc., the leader in stopping today's new breed of cyber attacks, and Guidance Software Inc. (NASDAQ:GUID), the World Leader in Digital Investigations&trade, today announced the integration of the companies' two security solutions to more effectively detect, validate, and remediate today's new breed of cyber attacks.

The integration between Guidance Software's EnCase® Cybersecurity and the FireEye threat protection platform is designed to automate the incident response workflow so that companies can start triaging an advanced cyber attack immediately following detection, within minutes instead of weeks. The combined solution uses the FireEye platform to detect malware on the network, and then immediately shares threat intelligence discovered by the FireEye platform with EnCase Cybersecurity. The FireEye alert triggers an automated assessment of the endpoints by EnCase Cybersecurity which determines their risk profiles, prioritizes the responses, and finally remediates any harm.

The FireEye-EnCase Cybersecurity joint solution provides a complete workflow against today's new breed of cyber attacks. Features include the following:

Signature-less detection ensures ability to detect advanced threats including targeted zero-day attacks and advanced persistent threats (APTs)

Automated endpoint validation to ensure high-risk devices get the immediate attention they deserve

A snapshot of the affected endpoints the moment an attack is detected to provide the information needed for comprehensive scope assessment and dramatic reduction in time to recovery

Remediation capabilities to block command and control traffic, kill malicious processes, and wipe offending files

"As a value added reseller, our mission is to solve pervasive information security problems with the right technology--and there is no one vendor with a single solution," said Brandy Peterson, chief technology officer, FishNet Security. "There's simply too much at stake for our customers, and the integration between FireEye and EnCase Cybersecurity will help them quickly detect and more fully respond to cyber attacks."

"Traditional security technology is ill-equipped to handle the barrage of cyber attacks perpetuated by today's cybercriminals," said David DeWalt, FireEye chairman and CEO. "FireEye has a unique threat protection platform to protect against today's attacks, which is extended by the ability of EnCase Cybersecurity to provide rapid incident response."

"The headlines prove that even the most secure organizations will inevitably face a data breach and need to respond swiftly when that happens," said Victor Limongelli, Guidance Software president and chief executive officer. "Our customers acknowledge this and have actively worked with us and FireEye to take the evolutionary next step in information security, fully automating critical response activities that mitigate the threat of today's cyber attacks."

Additional benefits of the joint solution include:

Lower Total Cost of Ownership – Organizations can decrease their security spend by reducing detection time and improving digital forensics, improving malware incident response from weeks to minutes.

Advanced Threat Protection – Network traffic analysis identifies and stops targeted, zero-day attacks and audits endpoints to detect additional risk.

Real-time Detection and Response – IT departments can identify and prevent outbound callback communication to eliminate compromised systems from being exploited by external command and control servers to contain threats.

Deep Forensic Analysis – The FireEye-EnCase cybersecurity solution is designed to provide total visibility into potentially compromised endpoints the moment an alert is generated to accurately determine the source and scope of an attack.

The joint solution is available today from VARs worldwide.

About FireEye, Inc.

FireEye® has pioneered the next generation of threat protection to help organizations protect themselves from being compromised. Cyber attacks have become much more sophisticated and are now easily bypassing traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways, compromising the majority of enterprise networks. The FireEye platform supplements these legacy defenses with a new model of security to protect against the new breed of cyber attacks. The unique FireEye platform provides the industry's leading cross-enterprise threat protection fabric to dynamically identify and block cyber attacks in real time. The core of the FireEye platform is a signature-less, virtualized detection engine and a cloud-based threat intelligence network, which help organizations protect their assets across all major threat vectors, including Web, email, mobile, and file-based cyber attacks. The FireEye platform is deployed in over 40 countries and more than 1,000 customers and partners, including over 25% of the Fortune 100.

About Guidance Software, Inc.

Guidance Software is recognized worldwide as the industry leader in digital investigative solutions. Its EnCase® Enterprise platform is used by numerous government agencies, more than 65% of the Fortune 100, and more than 40% of the Fortune 500, to conduct digital investigations of servers, laptops, desktops, and mobile devices. Built on the EnCase Enterprise platform are market-leading electronic discovery and cyber security solutions, EnCase® eDiscovery and EnCase® Cybersecurity, which enable organizations to respond to litigation discovery requests, proactively perform data discovery for compliance purposes, and conduct speedy and thorough security incident response. For more information about Guidance Software, visit www.guidancesoftware.com.

EnCase®, EnScript®, FastBloc®, EnCE®, EnCEP®, CaseCentral®, CaseCentral eDiscovery Cloud®, Guidance Software&trade and Tableau&trade are registered trademarks or trademarks owned by Guidance Software in the United States and other jurisdictions and may not be used without prior written permission. All other trademarks and copyrights referenced in this press release are the property of their respective owners.

- See more at: http://www.rsaconference.com/events/2013/usa/for-media/sponsor-news.htm#sthash.1yFzc4k7.dpuf

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
The Cold Truth about Cyber Insurance
Chris Kennedy, CISO & VP Customer Success, AttackIQ,  11/7/2019
Black Hat Q&A: Hacking a '90s Sports Car
Black Hat Staff, ,  11/7/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5230
PUBLISHED: 2019-11-13
P20 Pro, P20, Mate RS smartphones with versions earlier than Charlotte-AL00A 9.1.0.321(C00E320R1P1T8), versions earlier than Emily-AL00A 9.1.0.321(C00E320R1P1T8), versions earlier than NEO-AL00D NEO-AL00 9.1.0.321(C786E320R1P1T8) have an improper validation vulnerability. The system does not perform...
CVE-2019-5231
PUBLISHED: 2019-11-13
P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.186(C00E180R2P1) have an improper authorization vulnerability. The software incorrectly performs an authorization check when a user attempts to perform certain action. Successful exploit could allow the attacker to update a crafted package.
CVE-2019-5233
PUBLISHED: 2019-11-13
Huawei smartphones with versions earlier than Taurus-AL00B 10.0.0.41(SP2C00E41R3P2) have an improper authentication vulnerability. Successful exploitation may cause the attacker to access specific components.
CVE-2019-5246
PUBLISHED: 2019-11-13
Smartphones with software of ELLE-AL00B 9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(C00E160R2P1) have an insufficient verification vulnerability. The system does not verify certain par...
CVE-2010-4177
PUBLISHED: 2019-11-12
mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+openSUSE-2.3 exposes the password of a user connected to the MySQL server in clear text form via the list of running processes.