Today's more advanced cyber attacks necessitate a new model of security that can protect against unknown malware that is targeted and stealthy and delivered over multiple threat vectors. In fact, over 95 percent of companies already have compromised systems within their networks*. Why? Sophisticated malware has eroded the effectiveness of traditional signature-based defenses, leaving a hole in the network. Designed to use signatures to block known threats, traditional and next-generation firewalls, IPS, AV, and gateways are no match against zero-day and targeted APT attacks.
To fill this gap in network defenses, a new generation of security protections has emerged, ready to do battle against today's new breed of cyber attacks. These next-generation security systems must plug the hole left by firewalls, IPS, AV, and Web gateways by applying advanced, coordinated techniques to identify, confirm and block the activities of today's threats.
- Dynamic defense to stop today's new breed of cyber attacks – Analyze network traffic to identify new and unknown attacks in real time, rather than just comparing bits of code to signatures or shielding known vulnerabilities
- Real-time protection to block data exfiltration attempts – Stop outbound callback communications to disrupt compromised systems from being controlled and exploited from the external Command and Control servers
- Integrated inbound and outbound filtering across protocols – Take protective action across multiple protocols in both directions of communications, inbound exploits and infections and outbound callback channel communications to malicious Command and Control servers
- Accurate, low false positive rates – Confirm malware through comprehensive, automated testing that avoids the flood of false alarms inevitable with crude heuristics
- Dynamic threat intelligence on attacks to protect the local network – Efficiently distribute newly confirmed threat intelligence, both within a site and across the Internet, to share the latest insight on both inbound attacks and outbound callbacks
The FireEye Malware Protection System automates these techniques to supplement traditional defenses, adding integrated inbound and outbound protection to combat today's stealthy Web, email, and file-based threats. While these traditional security defenses provide a relevant policy enforcement function, they have been outclassed by today's new breed of cyber attacks. FireEye appliances combine signature-based detections to detect the known with signature-less code execution to reveal the unknown. By linking inbound and outbound protections with dynamically generated threat intelligence exchanged through the FireEye Dynamic Threat Intelligence cloud, FireEye uniquely short-circuits the multiple stages and subtle communications of today's cyber attacks.
* Based on FireEye end-user data
