FireEye, Inc., the intelligence-led security company, has announced the availability of several new cloud security capabilities on Amazon Web Services (AWS).
“Threats in the cloud are unique in their nature. Often, organisations lack the necessary expertise to extend their visibility and protection across complex cloud infrastructures,” said Grady Summers, EVP of Products & Customer Success at FireEye. “Now, FireEye technology and intelligence are accessible on AWS, allowing organisations to add an additional layer of protection from advanced attacks in the cloud that bypass traditional defences.”
New FireEye Helix security analytics capabilities and cloud versions of FireEye Network Security, Forensics and Detection On Demand are now all available on AWS.
The expanded use of decentralised infrastructure as a service (IaaS) platforms has led to new challenges in protecting organisations in the cloud. When faced with new attack vectors, such as ransomware, web shells and targeted malware, cloud IT infrastructures often render traditional defences obsolete. FireEye Network Security and Forensics brings together advanced threat protection and breach detection with the industry’s fastest lossless network data capture and retrieval solution. Paired with centralised analysis and visualisation, this solution gives organisations a truly comprehensive detection and visibility solution. With support for AWS, FireEye customers are able to view the same level of network detail, regardless of where their assets reside – on-premises, in the cloud or a hybrid of both.
To detect abnormal attacker behaviour and unique threats to AWS, FireEye Helix is introducing new data analytics rule packs powered by Mandiant incident response expertise. Helix augments these capabilities with insights from FireEye threat intelligence to further expand the value of FireEye Virtual Network Security and FireEye Detection On Demand in identifying prevalent cloud security challenges, such as cloud misconfigurations, credential misuse and password spray attacks, plus abnormal admin activity and geographic infeasibility.
FireEye Detection On Demand is a scalable security layer that makes it easy for organisations to analyse untrusted content. Using insights gained from FireEye Threat Intelligence experts, the cloud-native service is designed to provide detailed information as to why content has been flagged as malicious. This gives organisations the information and context needed to know how to best remediate file-borne threats. With its flexible deployment options, Detection On Demand allows customers to apply FireEye threat detection capabilities standalone, or in conjunction with existing cloud applications or services offered by FireEye or a third-party.