NEWS
NEWS
NEWS
Cyber security leader stays one step ahead of attackers | #splunkconf
It’s more than a little unnerving for a big company to purposely experience an attack. But that’s just what FireEye, a cyber security leader, does when it “Red Teams” for clients.
“Red teaming is a valuable service for companies, because often they may not know what it’s really like to face the adversary,” Tony Lee, FireEye Inc.’s technical director of security consulting services, told Jeff Frick, cohost of theCUBE, from the SiliconANGLE Media team, during Splunk.conf 2015. “We show clients what it’s like to be specifically targeted. After seeing one attack and learning from mistakes, they are more ready to face the real world.”
Enabling event correlation
Lee said that Splunk is a great partner for FireEye because it augments FireEye data. “We want our data to be available for all of Splunk’s users, and it enables event correlation,” Lee stated.
Much of that data relates to some of the largest security breaches in the industry. “We are on the ground level,” said Lee. “We see things that nobody else sees. The attacker techniques and procedures are always evolving. We see new tools being integrated into hacks; in particular, WMI, PowerShell attacks. It’s ever evolving. We have to stay one step ahead of the attackers. We can apply our incident response knowledge to our proactive services to emulate the adversary because we see what they’re doing firsthand.”
Watch the full interview below, and be sure to check out more of SiliconANGLE and theCUBE’s coverage of Splunk .conf2015.
Photo by SiliconANGLE
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
