Aziz brings the virtual heat against Web-based malware
HEADQUARTERS: Milpitas, Calif.
PRODUCT: FireEye 4200 security appliance, Malware Analysis & Exchange Network
PRINCIPALS: Ashar Aziz, founder and CEO; Bahman Mahbod, VP of engineering; Zane M. Taylor, VP of operations
INVESTORS: Sequoia Capital, Norwest Venture Partners, Jafco, SVB Capital, DAG Ventures, Juniper Networks
EARLY CUSTOMERS: University of California, Berkeley; Canaras Capital
BACKGROUND: Founder Aziz also founded Terraspring, a data center automation and virtualization company. Terraspring was acquired by Sun Microsystems and became Sun N1, with Aziz as the technology leader for N1.
To counteract false positives, it captures and replays suspect traffic against a set of virtual machines that run inside the appliance. These VMs imitate full PCs, including operating systems and applications. If a virtual victim gets compromised, the system knows there was an attack on the wire and will alert administrators.
Administrators can share information with FireEye's Malware Analysis & Exchange Network. This network automatically updates other FireEye appliances so that they can identify exploit code without having to run traffic through a virtual machine.
The FireEye system can't block attacks.
The product's inability to stop attacks may appeal to customers that don't want a startup to be responsible for blocking traffic. However, companies must be prepared to invest the resources into chasing down alerts and remediating exploits. The 4200 isn't a set-it-and-forget-it product.
We'd like to see FireEye more tightly integrate with URL-blocking technology and trouble-ticket systems.