sb-as logo
Story image

FireEye revamps its flagship anti-malware solution

21 May 2020

Cybersecurity company FireEye has today introduced a new Innovation Architecture behind its Endpoint Security solution, including the availability of several new modules for protection, investigation and response. 

FireEye Endpoint Security says it aims to buck the trend of ‘one-size-fits-all’ solutions common for security vendors by delivering comprehensive defence using customisable protection modules. 

The module creation blocks malware, detects advanced attacks, and provides the response tools and techniques that fit an organisation’s unique risk profile and security posture, says FireEye.

“The rate at which new threats emerge is outpacing response,” says FireEye vicem president of engineering and general manager of Endpoint Michelle Salvado.

“And traditionally, the time that the industry took to respond with the creation, testing and deployment of new features has been too long.

“Through our new framework, FireEye makes an important shift in feature deployment. Now we can create and deploy these custom protection, investigation and response modules in just days – versus several months – in response to changes in the threat landscape.”

Using this new modular approach, organisations need not wait for the next upgrade to benefit from the roll-out of new features or threat responses. 

Organisations also have the autonomy to choose which modules they want to deploy, tailoring the level of protection down to an individual level if necessary.

New Endpoint Security modules fall under three general categories – protection, investigation & response, and enterprise readiness.
 

Protection

Endpoint Security stops unauthorised processes from obtaining access to credential data on Windows, removing the need for an analyst to intervene to resolve the security issue.
 

Investigation and response

The solution collects metadata on Windows, Mac, and Linux endpoints and streams the data to the Endpoint Security console.

Released in the next few months, the enrichment module adds FireEye Intelligence information to files to help determine when a file is malicious, and aid in incident response investigations.
 

Enterprise readiness

The solution offers a user interface within the Endpoint Security console that displays system information and agent status, providing extended visibility to the IT admin.

It also creates a triage on events that send back triggers, offering visibility into what the agent is doing, including which files have been previously quarantined.
 

FireEye says it plans to continue to release modules on an ongoing basis to address threats and release new features –  including automation of remediation, increased streaming for alerting and investigation and enhanced protection of Windows access controls.

FireEye Endpoint Security also includes malware protection for macOS, support for IPv6 environments and updated Linux audit options.

Story image
App install fraud up $945 million in APAC
Asia Pacific was exposed to US$945 million in app install fraud in the first half of 2020. This is according to the AppsFlyer annual fraud report The State of Mobile Ad Fraud 2020 Edition. More
Story image
Three-in-one cloud security can ease business through difficult times
By leveraging a comprehensive security platform, organisations can block threats and prevent leakage for all interaction between endpoints, devices and apps, writes Bitglass product marketing manager Juan Lugo. More
Story image
Cyber criminals turn to Gmail and AOL to advance attacks
“Securing oneself against this threat requires organisations to take protection matters into their own hands - this requires them to invest in sophisticated email security that leverages artificial intelligence to identify unusual senders and requests."More
Link image
Making SASE a reality with dynamic edge protection
Gartner’s Secure Access Service Edge (SASE) model for cloud-delivered security is a new paradigm – Forcepoint’s Dynamic Edge Protection is one of the first to take this paradigm and make it a reality. Find out more.More
Story image
Cloud breaches set to increase in velocity and scale - Accurics
“While the adoption of cloud native infrastructure such as containers, serverless, and servicemesh is fuelling innovation, misconfigurations are becoming commonplace and creating serious risk exposure for organisations."More
Story image
DDoS attacks spike thanks to COVID-19 lockdowns, Kaspersky finds
Kaspersky experts believe the rise in malicious activity can be attributed to the impact of COVID-19, as both cybercriminals and their targets have had to reconsider their holiday plans. More