Call a Specialist Today! 844-960-3901
Free Shipping! Free Shipping!

The Latest FireEye News
Product and Solution Information, Press Releases, Announcements

FireEye Introduces Threat Analytics Platform for Amazon Web Services
Posted: Wed Sep 03, 2014 02:15:35 PM


Next-Generation Analytics Platform Gives Enterprises Running AWS Context Around Security Event Data, Reduces Alert Noise

Milpitas, California - Sep 3, 2014 – FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today’s advanced cyber attacks, today announced that the FireEye® Threat Analytics Platform™ (TAP™) is available for Amazon Web Services (AWS) customers. A cloud-based security analytics solution, TAP applies FireEye Dynamic Threat Intelligence™ (DTI™) to event data produced by security devices, networks, systems, and applications for attack detection, security monitoring, and incident investigation support. The solution is designed to reduce the alert noise of typical security tools and enable organizations to focus resources on active incident response and remediation in order to stop attacks.

With TAP on AWS, FireEye is the only security company to offer a security analytics platform that combines industry-leading FireEye threat intelligence with analytics and event monitoring across AWS and on-premise environments. Built natively on AWS and used by some of the largest organizations worldwide, TAP is designed to quickly analyze billions of events across terabytes of data from any number of data sources to find the events that matter. By integrating TAP with AWS CloudTrail, organizations are able to monitor AWS API calls from AWS Administrator Consoles, SDKs, command lines tools, or other AWS services and apply FireEye intelligence to detect anomalous behavior that can indicate malicious activities or a breach of administrator credentials.

“As more critical systems move to the cloud, organizations need to ensure the right level of security visibility into their cloud,” said Grady Summers, vice president of strategic solutions, FireEye. “We believe the FireEye Threat Analytics Platform gives customers access to the most advanced threat intelligence and enables security teams to filter out the noise of typical security solutions, allowing them to identify and stop advanced threats.”

Organizations utilizing FireEye TAP gain visibility into AWS activity that is correlated with real-time cyber attack data identified by FireEye around the world, reducing false positives and adding context to real threats. For organizations with hybrid architectures, FireEye TAP now combines data from both on-premise and cloud environments, giving security teams visibility into advanced attacks that look to take advantage of vulnerabilities in all areas of the network.

“Smart CISOs understand that cyber defenses must not only be sophisticated but also extensible to enable protection of sensitive IT assets deployed in the cloud,” said Jon Oltsik, senior principal analyst at the Enterprise Strategy Group. "This announcement brings advanced malware detection and response capabilities for the corporate network and the cloud.”

FireEye Threat Analytics Platform includes the following capabilities:

  • Analyze Event Data to Detect Advanced Attackers. Perform correlation of event logs against the FireEye database of threat intelligence and apply sophisticated analytical threat models to identify when attackers are active in the environment.
  • Apply community, custom or other threat intelligence sources. Rapidly apply organizational or industry specific intelligence or hunt rules to security event data to identify unusual activity that may indicate the beginning of an attack.
  • Accelerate Response to Suspected Incidents. Enable analysts to filter through noisy event data to find the events that matter and pivot on information within an alert to identify related users, endpoints, and attacker infrastructure so they can determine the initial scope of a suspected incident and accelerate incident response.
  • Manage and Track Incidents. Improve efficiency of breach investigation by enabling analysts to manage investigative tasks related to each incident, track follow-up, and measure resolution time.
  • Integration with Existing Infrastructure. Seamless deployment and fast time to value with pre built parsers for over 100 security devices, network infrastructure systems, endpoints, applications and other data sources.
« Return to News List