Dynamic Threat Intelligence cloud

FireEye's picture
Printer-friendly versionPrinter-friendly version

Download Now

The FireEye Dynamic Threat Intelligence (DTI) cloud interconnects FireEye threat prevention platforms deployed within customer networks, technology partner networks, and service providers around the world. This worldwide cloud efficiently shares auto-generated threat intelligence, such as covert callback channels, as well as new threat findings from FireEye Labs.

How FireEye Combats Today's New Breed of Cyber Attacks

When a platform confirms an attack locally, it generates dynamic and anonymized threat intelligence of the attack and distributes it through the DTI cloud to warn other users. Threat intelligence includes:

  • Malware attack profiles, including identifiers of malware code, exploit URLs, and other sources of inbound infections and attacks
  • Analysis of email attachments and URLs
  • Fully qualified malware callback destinations (destination IP address, protocols used, ports used) that identify malicious websites and email sources
  • Malware communication protocol characteristics, such as custom commands used to instantiate transmission sessions
  • Third-party threat intelligence feeds from many different sources, which are then automatically validated using FireEye technology and added into the DTI cloud subscription feed

Unlike reputation and risk-based threat intelligence networks, which make assumptions about potentially risky code and broadcast signatures that may either falsely block or falsely allow traffic, FireEye systems confirm malicious activity. The assessments captured by the FireEye systems are conclusive because suspicious code is fully tested in a virtual execution environment.

Copy this html code to your website/blog to embed this press release.


Post new comment

3 + 4 =

To prevent automated spam submissions leave this field empty.
Page execution time was 1134.49 ms.

Memory usage:

Memory used at: devel_init()=2.13 MB, devel_shutdown()=22.53 MB.