Milpitas, California - Sep 3, 2014 – FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today’s advanced cyber attacks, today announced that the FireEye® Threat Analytics Platform™ (TAP™) is available for Amazon Web Services (AWS) customers. A cloud-based security analytics solution, TAP applies FireEye Dynamic Threat Intelligence™ (DTI™) to event data produced by security devices, networks, systems, and applications for attack detection, security monitoring, and incident investigation support. The solution is designed to reduce the alert noise of typical security tools and enable organizations to focus resources on active incident response and remediation in order to stop attacks.
With TAP on AWS, FireEye is the only security company to offer a security analytics platform that combines industry-leading FireEye threat intelligence with analytics and event monitoring across AWS and on-premise environments. Built natively on AWS and used by some of the largest organizations worldwide, TAP is designed to quickly analyze billions of events across terabytes of data from any number of data sources to find the events that matter. By integrating TAP with AWS CloudTrail, organizations are able to monitor AWS API calls from AWS Administrator Consoles, SDKs, command lines tools, or other AWS services and apply FireEye intelligence to detect anomalous behavior that can indicate malicious activities or a breach of administrator credentials.
“As more critical systems move to the cloud, organizations need to ensure the right level of security visibility into their cloud,” said Grady Summers, vice president of strategic solutions, FireEye. “We believe the FireEye Threat Analytics Platform gives customers access to the most advanced threat intelligence and enables security teams to filter out the noise of typical security solutions, allowing them to identify and stop advanced threats.”
Organizations utilizing FireEye TAP gain visibility into AWS activity that is correlated with real-time cyber attack data identified by FireEye around the world, reducing false positives and adding context to real threats. For organizations with hybrid architectures, FireEye TAP now combines data from both on-premise and cloud environments, giving security teams visibility into advanced attacks that look to take advantage of vulnerabilities in all areas of the network.
“Smart CISOs understand that cyber defenses must not only be sophisticated but also extensible to enable protection of sensitive IT assets deployed in the cloud,” said Jon Oltsik, senior principal analyst at the Enterprise Strategy Group. "This announcement brings advanced malware detection and response capabilities for the corporate network and the cloud.”
FireEye Threat Analytics Platform includes the following capabilities:
Analyze Event Data to Detect Advanced Attackers. Perform correlation of event logs against the FireEye database of threat intelligence and apply sophisticated analytical threat models to identify when attackers are active in the environment.
Apply community, custom or other threat intelligence sources. Rapidly apply organizational or industry specific intelligence or hunt rules to security event data to identify unusual activity that may indicate the beginning of an attack.
Accelerate Response to Suspected Incidents. Enable analysts to filter through noisy event data to find the events that matter and pivot on information within an alert to identify related users, endpoints, and attacker infrastructure so they can determine the initial scope of a suspected incident and accelerate incident response.
Manage and Track Incidents. Improve efficiency of breach investigation by enabling analysts to manage investigative tasks related to each incident, track follow-up, and measure resolution time.
Integration with Existing Infrastructure. Seamless deployment and fast time to value with pre built parsers for over 100 security devices, network infrastructure systems, endpoints, applications and other data sources.
AWS customers can add FireEye TAP to their systems through a one-click purchase process and easily set up their deployment with a self-service management tool. For more information or to request a demo, visit www.fireeye.com.
About FireEye, Inc.
FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 2,500 customers across 65 countries, including over 150 of the Fortune 500.