FireEye Expands Security Platform
FireEye CTO Dave Merkel details his firm's latest additions and offers some security predictions for 2015.
FireEye is expanding its security offerings with an enhanced Endpoint Threat Prevention Platform. The endpoint technology is an evolution of a product that came to FireEye by way of its $1 billion acquisition of Mandiant earlier this year.
Mandiant had typically been more focused on incident response, explained Dave Merkel, CTO of FireEye. With the Endpoint Threat Prevention Platform, the company's goal is to advance the state of endpoint security.
FireEye's HX platform will deliver the enhanced endpoint security services. FireEye also offers NX network protection, EX email protection, AX for standalone malware analysis and FX for content security services.
"While there are a couple of different things we do, the really big technology and strategy bet at FireEye is that we have a powerful virtual detection engine with MVX," Merkel told eSecurity Planet. "What we're going to try to do is find interesting and compelling ways to put MVX across every threat vector."
FireEye views every threat vector as being important, Merkel said, since the vector that isn't protected is the one that an attacker will go after.
From an endpoint perspective, HX encompasses server infrastructure and PCs. FireEye is providing enhanced exploit detection in the updated HX product. It defines an exploit as a malicious payload that enables an attacker to get control of a system.
"An exploit is the first stage of an attack on a system," Merkel explained. "The exploit detection technology for the endpoint is about FireEye taking its knowledge and experience in how exploits work in the real world and putting that knowledge into an endpoint agent."
FireEye is making its enhanced Endpoint Threat Detection technology to a limited set of FireEye customers now, as it gears up for a broader general release in 2015.
Looking ahead, Merkel said FireEye will continue to invest in tightening up the ties between all the various pieces of its security platform.
Security's 'New Normal'
Merkel expects to see continued evolution in the larger threat landscape, following the recent spate of high-impact breaches of popular consumer brands.
"The new normal is that there are bad guys and they are increasingly shifting their activities online and that's not a fad, that's a long-term trend," Merkel said. "We have to adapt to the new normal by continuing to evolve how we protect ourselves."
Merkel stressed that he's not preaching "doom and gloom" for the year ahead but rather a message of continued vigilance.
"It's not an issue of panic; I want to send a message that it's about having a steady cadence of how we protect ourselves, because the bad guys will not magically go away," Merkel said.
Sean Michael Kerner is a senior editor at eSecurity Planet and InternetNews.com. Follow him on Twitter @TechJournalist.
By Jeff Goldman
December 15, 2014
Kevin Mandia said no company 'could have been fully prepared' for the attack.