sb-au logo
Story image

FireEye revamps its flagship anti-malware solution

21 May 2020

Cybersecurity company FireEye has today introduced a new Innovation Architecture behind its Endpoint Security solution, including the availability of several new modules for protection, investigation and response. 

FireEye Endpoint Security says it aims to buck the trend of ‘one-size-fits-all’ solutions common for security vendors by delivering comprehensive defence using customisable protection modules. 

The module creation blocks malware, detects advanced attacks, and provides the response tools and techniques that fit an organisation’s unique risk profile and security posture, says FireEye.

“The rate at which new threats emerge is outpacing response,” says FireEye vicem president of engineering and general manager of Endpoint Michelle Salvado.

“And traditionally, the time that the industry took to respond with the creation, testing and deployment of new features has been too long.

“Through our new framework, FireEye makes an important shift in feature deployment. Now we can create and deploy these custom protection, investigation and response modules in just days – versus several months – in response to changes in the threat landscape.”

Using this new modular approach, organisations need not wait for the next upgrade to benefit from the roll-out of new features or threat responses. 

Organisations also have the autonomy to choose which modules they want to deploy, tailoring the level of protection down to an individual level if necessary.

New Endpoint Security modules fall under three general categories – protection, investigation & response, and enterprise readiness.
 

Protection

Endpoint Security stops unauthorised processes from obtaining access to credential data on Windows, removing the need for an analyst to intervene to resolve the security issue.
 

Investigation and response

The solution collects metadata on Windows, Mac, and Linux endpoints and streams the data to the Endpoint Security console.

Released in the next few months, the enrichment module adds FireEye Intelligence information to files to help determine when a file is malicious, and aid in incident response investigations.
 

Enterprise readiness

The solution offers a user interface within the Endpoint Security console that displays system information and agent status, providing extended visibility to the IT admin.

It also creates a triage on events that send back triggers, offering visibility into what the agent is doing, including which files have been previously quarantined.
 

FireEye says it plans to continue to release modules on an ongoing basis to address threats and release new features –  including automation of remediation, increased streaming for alerting and investigation and enhanced protection of Windows access controls.

FireEye Endpoint Security also includes malware protection for macOS, support for IPv6 environments and updated Linux audit options.

Download image
Strengthen the weakest link in your security chain
Globalisation. Remote working. High-turnover workforces. These factors and more add up to make increasingly dynamic workforces - and without proper management, your business could fall behind.More
Story image
iseek extends data centre investment in Queensland
iseek, the Australian owned cloud, data centre and connectivity provider, has announced the next stage of its Queensland regional investment strategy.More
Link image
Email continues to be a top attack vector in 2020
Cyber-attackers are showing no signs of stopping their assault on corporate email infrastructure, with coordinated phishing campaigns running rampant. Here's why remote workers need to be protected.More
Story image
Interview: ThreatQuotient champions threat intelligence through virtual 'situation rooms'
To understand what it involves and some of the collaboration challenges that come with distributing threat intelligence amongst specialised security teams, we spoke to ThreatQuotient APJC regional director Anthony Stitt.More
Story image
Attivo named by Gartner as Sample Vendor for deception platforms
The company was named as an example of platforms that create false artifacts to aid threat detection in Gartner’s 2020 Security Ops Hype Cycle report.More
Link image
Nine developer enablement practices to achieve DevOps at enterprise scale
Senior software engineering leader with experience at multiple Fortune 500 companies shares how a metrics-driven mindset can dramatically improve software quality and enable DevOps at enterprise scale.More