FireEye

The FireEye Malware Protection System is the next generation of threat protection focused on combating advanced malware, zero-day and targeted APT attacks. FireEye’s solutions supplement traditional security defenses, such as traditional and next-generation firewalls, IPS, AV and Web gateways, which can’t stop advanced malware, thus leaving significant security holes in the majority of corporate networks. Advanced, persistent threats (APTs) continue to innovate and utilize sophisticated malware exploits to bypass traditional security. Data theft, cyber espionage, system sabotage, and data corruption are some of the scenarios occuring today in targeted APT attacks.

The Web Malware Protection Systems (MPS) combat advanced malware, zero-day and targeted APT attacks that compromise the majority of today’s corporate networks. These coordinated attacks often enter the network as Web traffic, evading signature and policy-based defenses like traditional and next-generation firewalls, IPS, AV, and Web gateways. Once inside, they hijack network resources, perform reconnaissance on security defenses, and establish ongoing control over endpoint systems.

FireEye Web MPS Appliances integrate inbound and outbound protection in a turnkey system that deploys in minutes for rapid security ROI. They employ the most sophisticated virtual execution engine in the world to detect and block advanced, unknown malware as well as block known malware and its outbound transmissions. Dynamic analysis of zero-day attacks within a full-featured virtual analysis environment yields real-time malware security content to protect the local network and share with subscribers of the FireEye Malware Protection Cloud.

• Starts protecting in just 30 minutes – Deploys as an appliance inline (block/monitor-mode) or out-of-band (monitor-only) behind traditional gateway defenses to catch what they miss
• Actively analyzes unknown code and suspicious Web objects – Tests with a range of browsers, plug-ins, applications and operating environments, looking for any sign of unusual activity and any attempt to exploit a vulnerability. Confirms and blocks polymorphic and zero-day malware and targeted attacks including malicious image, PDF, and Flash files
• Cuts off outbound malware transmissions across multiple protocols – Thwarts data exfiltration, botnet activities, and advanced persistent threats communicating across HTTP, FTP, IRC, and many other protocols
• Dynamically generates malware intelligence – Captures details such as callback coordinates and communication characteristics to protect locally and share globally through the cloud
• Ends time-wasting false positive analysis – Directs administrators to the confirmed infections and compromised hosts that need remediation
• Can block blended and spear phishing attacks – Works with FireEye Email MPS protection to shut down communications with malicious URLs used in targeted attacks