With this release, FireEye EX is designed to provide a self-contained solution to protect enterprises against spear phishing that employs embedded malicious URLs, instantly blocking and containing these attacks. In addition, FireEye ATI provides security teams with valuable context on email-based attacks, which can include severity, threat actor, attack stage and patch information.
“The vast majority of the breaches we see started with a spear phishing email,” said Manish Gupta, senior vice president of products at FireEye. “By combining advanced email analysis with threat intelligence, FireEye will offer customers superior protection against these attacks, enabling security teams to better allocate resources to optimise incident response and decrease the time to detect and respond. With this release, FireEye continues to drive down the time from detect to fix.”
The FireEye EX platform also includes advanced URL defense capability that provides URL threat detection and prevention by leveraging dynamic cloud-based analysis. If a URL is found to be malicious, the email used to deliver the URL will be quarantined so no user will be affected. This enhances email protection to enterprise employees working remotely and outside the purview of network security controls. Also, customers can protect mobile and remote users and help enterprises securely deploy a “bring your own device” (BYOD) strategy.
The FireEye ATI complements FireEye EX by providing deep context for email attacks detected by FireEye EX. Using FireEye threat intelligence, security teams can benefit from deep attack context, including severity insights, which help with alert prioritisation; attack stage insights, which help identify attack maturity; mitigation information, which is used by analysts and more.