The Latest FireEye News
Product and Solution Information, Press Releases, Announcements
|Viewfinity and FireEye Team To Provide Improved Security Event Analytics and Endpoint Visibility|
|Posted: Tue Jan 27, 2015 02:05:56 PM|
New Joint Integration Accelerates Incident Response Capabilities and Helps Mitigate Privilege Execution by Combining Viewfinity Application and Endpoint Vulnerability Detection with Network Event Information from FireEye AX and the FireEye Threat Analytics Platform
LAS VEGAS & WALTHAM, MA – January 27, 2015 – FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today’s advanced cyber attacks, and Viewfinity (www.viewfinity.com), the leading provider of next-generation application control and privilege management solutions, today announced an integration of Viewfinitiy’s advanced endpoint protection solution with both the FireEye® Threat Analytics Platform™ (TAP™), a cloud-based security analytics platform, and the FireEye AX series, a group of forensic analysis platforms. The joint integration is designed to correlate suspect access to applications and endpoints with network-based indicators of compromise to detect attacks on a network exploiting excess privilege rights and provide in-depth forensic information to accelerate incident response and remediation. Viewfinity will demonstrate how the two solutions work together at the FireEye Momentum 2015 sales and partner conference
“Unnecessary and excess privileges play a part of every major cyber attack as bad actors seek to gain access to endpoints and systems within an organization by exploiting administrator privileges,” said Grady Summers, vice president of strategic solutions at FireEye. “By working with Viewfinity, we’re able to combine security information from FireEye with Viewfinity’s application and endpoint access data to surface malicious activity that’s attempting to infiltrate via endpoint access. This endpoint to network security visibility is an instrumental component to stopping advance attacks.”
With the joint integration, Viewfinity application and endpoint access data are correlated with enterprise-wide security and network threat information within FireEye TAP and FireEye AX,. Using FireEye TAP, security teams can view one dashboard with relevant threat data and prioritized by threat level. This centralized dashboard allows security teams to quickly identify malicious activity and, with the Viewfinity integration, enforce restricted execution of suspicious applications and block malware identified by TAP on the endpoint.
In the event an incident is observed, the integration between Viewfinity and FireEye AX provides in-depth data for forensic investigations. FireEye admins have access to Viewfinity application and endpoint data to submit suspicious files to be analyzed by FireEye AX, where the malware is executed using FireEye MVX™ technology, revealing a full replay of the kill chain in a secure, virtual environment. With that information, forensics experts can more effectively develop a targeted mitigation response.
Endpoint data from Viewfinity provides unique information related to the behavior of users and a timeline of events that provide more context for data in the FireEye analytics engine. With in-depth data, the respective solutions are able to proactively update policies to block confirmed bad files on both the endpoint and network level as well as accelerate response times, increasing the ability to contain and prevent future threats.
“Customers and prospects alike are eager to utilize this integration; it broadens and reinforces application control, endpoint security prevention, and network threat protection,” explained Viewfinity CEO, Leonid Shtilman. “Near real-time detection of malicious activity and behavioral indicators lead to expedited incident response and improved attack prevention.”
For more information on the integration, visit the Viewfinity booth at the FireEye Momentum Partner Showcast, Jan. 26 – 28, 2015 at the Cosmopolitan Hotel in Las Vegas.