What is Next-Gen Threat Protection?
Today's new breed of cyber attacks necessitates a new security model that can protect against unknown malicious code delivered over multiple threat vectors. Over 95% of companies already have compromised systems within their networks*. Why? Sophisticated malware has eroded the effectiveness of traditional defenses, leaving a hole in the network. Designed to use signatures to block known threats, traditional, and next-generation firewalls, IPS, AV, and gateways do nothing when zero-day, targeted APT malware attacks.
To fill this gap in network defenses, a new generation of security protections has emerged, ready to do battle against today's new breed of cyber attacks. These next-generation security systems must plug the hole left by firewalls, IPS, AV, and Web gateways by applying advanced, coordinated techniques to identify, confirm and block the activities of today's threats.
- Dynamic defense to stop today's new breed of cyber attacks – Analyze network traffic to identify new and unknown attacks in real time, rather than just comparing bits of code to signatures or shielding known vulnerabilities
- Real-time protection to block data exfiltration attempts – Stop outbound callback communications to disrupt compromised systems from being controlled and exploited from the external Command and Control servers
- Integrated inbound and outbound filtering across protocols – Take protective action across multiple protocols in both directions of communications, inbound exploits and infections and outbound callback channel communications to malicious Command and Control servers
- Accurate, low false positive rates – Confirm malware through comprehensive, automated testing that avoids the flood of false alarms inevitable with crude heuristics
- Dynamic threat intelligence on attacks to protect the local network – Efficiently distribute newly confirmed threat intelligence, both within a site and across the Internet, to share the latest insight on both inbound attacks and outbound callbacks
The FireEye Malware Protection System automates these techniques to supplement traditional defenses, adding integrated inbound and outbound protection to combat today's stealthy Web, email, and file-based threats. While these traditional security defenses provide a relevant policy enforcement function, they have been outclassed by today's new breed of cyber attacks. FireEye appliances combine signature-based detections to detect the known with signature-less code execution to reveal the unknown. By linking inbound and outbound protections with dynamically generated threat intelligence exchanged through the FireEye Dynamic Threat Intelligence cloud, FireEye uniquely short-circuits the multiple stages and subtle communications of today's cyber attacks.
* Based on FireEye end-user data