sb-eu logo
Story image

FireEye revamps its flagship anti-malware solution

21 May 2020

Cybersecurity company FireEye has today introduced a new Innovation Architecture behind its Endpoint Security solution, including the availability of several new modules for protection, investigation and response. 

FireEye Endpoint Security says it aims to buck the trend of ‘one-size-fits-all’ solutions common for security vendors by delivering comprehensive defence using customisable protection modules. 

The module creation blocks malware, detects advanced attacks, and provides the response tools and techniques that fit an organisation’s unique risk profile and security posture, says FireEye.

“The rate at which new threats emerge is outpacing response,” says FireEye vicem president of engineering and general manager of Endpoint Michelle Salvado.

“And traditionally, the time that the industry took to respond with the creation, testing and deployment of new features has been too long.

“Through our new framework, FireEye makes an important shift in feature deployment. Now we can create and deploy these custom protection, investigation and response modules in just days – versus several months – in response to changes in the threat landscape.”

Using this new modular approach, organisations need not wait for the next upgrade to benefit from the roll-out of new features or threat responses. 

Organisations also have the autonomy to choose which modules they want to deploy, tailoring the level of protection down to an individual level if necessary.

New Endpoint Security modules fall under three general categories – protection, investigation & response, and enterprise readiness.
 

Protection

Endpoint Security stops unauthorised processes from obtaining access to credential data on Windows, removing the need for an analyst to intervene to resolve the security issue.
 

Investigation and response

The solution collects metadata on Windows, Mac, and Linux endpoints and streams the data to the Endpoint Security console.

Released in the next few months, the enrichment module adds FireEye Intelligence information to files to help determine when a file is malicious, and aid in incident response investigations.
 

Enterprise readiness

The solution offers a user interface within the Endpoint Security console that displays system information and agent status, providing extended visibility to the IT admin.

It also creates a triage on events that send back triggers, offering visibility into what the agent is doing, including which files have been previously quarantined.
 

FireEye says it plans to continue to release modules on an ongoing basis to address threats and release new features –  including automation of remediation, increased streaming for alerting and investigation and enhanced protection of Windows access controls.

FireEye Endpoint Security also includes malware protection for macOS, support for IPv6 environments and updated Linux audit options.

Story image
Millions of email attacks missed by organisations’ cyber security protection
"While organisations have invested in protection against email threats, many of these attacks slip through gateways, landing in users inboxes."More
Story image
Trend Micro expands XDR capabilities through new platform
Trend Micro has rolled out new extended detection and response (XDR) capabilities through a new platform called Vision One.More
Story image
Creating a strong culture of security within organisations
CISOs worldwide are inherently aware of how significant investment in cybersecurity strategies and technologies can bolster an organisation’s protection against cyberattacks. However, many overlook the importance of culture when it comes to cybersecurity.More
Story image
2021 global salary guide: Cybersecurity, data analytics professionals in high demand
"Technology has been one of the most successful sectors throughout 2020 and that looks set to continue for the foreseeable future.”More
Story image
How to stay ahead of the next cyber breach
With so many people working from home, the corresponding surge in app usage, unmanaged devices, web traffic and accessing internal resources is making security a much trickier prospect.More
Story image
ExtraHop reveals methods used by attackers in SUNBURST breach
The network detection and response company says between late March and early October 2020, detections of probable malicious activity increased by approximately 150%, including detections of lateral movement, privilege escalation and command and control beaconing.More