UPDATED 11:20 EST / FEBRUARY 14 2014

NEWS

FireEye launches a new platform and details Mandiant integration

medium_6966705501FireEye – To anyone that doesn’t invest in them, follow security technology stories much or the big race between these guys, Cisco, Palo Alto Networks and a few others – a name like FireEye may sound like whatever is happening to Bob Costas lately.  All kidding aside FireEye is a big name in the industry, they went public not so long ago and back in January they snatched up Mandiant for $1 Billion.  Mandiant is known as the cybersecurity firm that found and reported on China’s top secret cyber war unit, narrowing it down to the actual building for the world to see.  FireEye has shot up in value at just about four-fold their debut offering price, so there’s a lot of attention paid to the significant and aggressive moves this company makes.  Mandiant was one of those moves and earlier this week, FireEye announced not only what they are doing with Mandiant, but they also announced they’re on track to release a completely revamped platform that will provide a unified solution for customers to deal with security issues from threat alerts to remediation.

A powerful new platform

 

Mandiant_FireEye_InfoGraphicIn a briefing with Dave Merkle, CTO of Mandiant he shared the details of this new platform and also talked about some of the details on how they got here.   First off, the linking of technologies of these two companies is being navigated in such a way that the hardware tech will be stratified under the FireEye brand.  The Mandiant brand will apply to incident response and high-end security services, playing purely in the services space.  But it is a true marriage, not just a brand shift.  That’s clear in what they are introducing in their new platform.  FireEye’s coming platform will rely on Mandiant intelligence in order to produce a level of automated intelligence that is integrated in an analytic process.  The platform also incorporates intelligence exchange within the various system elements as well as from throughout a peer community.

fireeyeAs Merkle puts it, they have taken the steps to go from offering a great point solution component to a company that provides a full security platform.  That’s what the Mandiant purchase was all about.  It’s a big shift that puts them in some exclusive company, but they have a lot of momentum and seem to be making all the right moves as a company.   The new platform extends FireEye’s Multi-Vector Virtual Execution technology (MVX) and reaches into the intelligence layer of their security stack.  It’s here that analytics validate the attacks that are reported by the IPS and isolates the threats which are the most credible, reducing response times and increasing effectiveness.   That tuning of response and most credible threat is at the heart of the platform, aimed at great efficiency throughout – it’s evident in the Endpoint Threat Detection & Response component, which allows customers to make rapid decisions on reports of compromises.

It’s time to get to some features:

Intrusion Prevention System

The new intrusion prevention system will address the shortcoming of traditional IPS solutions by applying FireEye’s Multi-Vector Virtual Execution™ (MVX) technology to validate attacks and minimize the time and resources security teams spend investigating false alerts. Users get actionable insight from validated alerts so they can focus on alerts that present the greatest risk and accelerate incident response. By adding intrusion prevention capabilities to the FireEye Security Platform, organizations can get a more comprehensive view of an advanced attack.

Endpoint Threat Detection & Response

The FireEye Security Platform now incorporates Mandiant’s endpoint threat detection and response products (formerly sold as Mandiant for Security Operations). FireEye customers will now be able to confirm when network and email alerts result in compromise, make faster and more accurate decisions about incidents and contain impacted devices with a single click, even when they are outside of an organization’s network.

Threat Analytics

New threat analytics capabilities will allow security teams to apply FireEye’s threat intelligence to security event data generated from their existing security infrastructure so they can find and scope attacks as they are unfolding. This cloud-based solution is designed to perform real-time correlation of event logs against FireEye’s threat intelligence to identify when attackers are active in your environment. The system delivers prioritized alerts to help accelerate incident response as well as manages incidents to improve efficiencies in assigning, tracking and resolving events.

Managed Defense™ Subscription Services

New subscription services build on FireEye’s continuous monitoring subscription service by offering additional expertise from Mandiant’s Managed Defense service. Organizations will now be able to choose from an expanded menu of monitoring and protection services and draw on FireEye security analysts to actively hunt for adversaries to find and stop attacks as they begin to unfold.

The new products are expected to start selling mid-year and there will be a lot of anticipation for observers, customers and investors.  FireEye’s move to a more integrated system means a lot of customers will have the option to rely on much more of the company’s technology as opposed to integrating a mix of software and hardware from a number of vendors.  If successful, it should mean a rapid jump for the company in a tightly contested security technology race.   There are few sectors as hot as security technology right now as old technology is being phased out to deal with new threats.  FireEye has been one to watch and they’re making sure they stay that way.

photo credit: WeissenbachPR via photopin cc

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU