FireEye Extends Security, Intelligence to Cloud, Hybrid Environments
FireEye is rolling out a set of technologies that aim to deliver enhanced security and intelligence to detect threats to the cloud and hybrid environments. IDN takes a look at the FireEye Cloud Security Solution and other cloud-centric offerings.
FireEye is rolling out a set of technologies that aim to deliver enhanced security and intelligence to detect threats to the cloud and hybrid environments.
The FireEye Cloud Security Solution includes capabilities accessible through new cloud versions of FireEye Network Security. Further filling out its cloud security offerings are
- new Detection On Demand cloud service,
- a new secure web gateway offering (developed in partnership with cloud security firm iboss), and
- an enhanced version of its FireEye Helix security operations platform now optimized for cloud environments.
FireEye’s latest cloud security offerings are designed to deliver scalable detection, centralized visibility, configuration monitoring, and user behavior analytics, according to Grady Summers, FireEye’s executive vice president of products and customer success.
The FireEye Cloud Security Solution was created to help organizations cope with increasing security challenges associated with the cloud, Summers said. These challenges often include a lack of necessary controls and the lack of the high level of expertise needed to capture visibility and protection across multi-cloud infrastructures, he added.
“The rapid adoption of cloud services has provided organizations with a world of new opportunities. But with new opportunities come new cyber threats,” Summers said. In fact, these days, more than half of the breaches FireEye responds to involve cloud infrastructures, he added.
The FireEye Cloud Security Solution delivers a wide range of capabilities to protect assets and workloads via a new cloud version of FireEye Network Security.
Notable benefits of FireEye Cloud Security Solution include:
- Network Security protection that follows users
- SSL traffic inspection and protection at scale
- Global points of presence
- Granular control of where user data resides
- Control of access to cloud applications
- Extended user access privileges in the cloud
The FireEye Cloud Security Solution offers protection for most common deployment options. Among them: inline and passive, on-premises, hybrid and virtual.
To help enterprises analyze untrusted content for potential threats, FireEye Detection On-Demand offers a cloud-native service that can quickly pinpoint file-borne threats.
Detection On Demand provides detailed information as to why the content has been flagged as malicious, using insights gained from FireEye Threat Intelligence experts. With flexible deployment options, Detection On Demand can be used standalone or integrated into custom applications.
Similar to other FireEye solutions, Detection On-Demand is designed to provide customers with detailed information as to why the content has been flagged as malicious, using insights gained from FireEye Threat Intelligence experts. This gives organizations the information needed to know best how to remediate malicious content.
The Detection On-Demand offering can be integrated into custom applications, utilized in third-party technology, or used on a standalone basis. FireEye Detection On Demand is available as a yearly subscription on AWS Marketplace.
FireEye + iboss Partner Over Cloud Network Security
In partnership with cloud security company iboss, FireEye also announced a new integrated service available to all customers, Summers added. The new solution, dubbed iboss + FireEye Cloud Network Security, is designed as an “advanced threat and breach detection solution” to protect end traffic, users, devices, networks, assets, and data from known and unknown threats.
The jointly-developed solution combines container-based security from iboss with FireEye detection engines and threat intelligence. With support for a wide range of devices, PCs, Macs, laptops, cellphones and IoT, customers can set access policies that follow users and devices wherever they go.
Thanks to the FireEye/iboss partnership, Summers noted customers receive these benefits:
- Network Security protection that follows users
- SSL traffic inspection and protection at scale
- Global points of presence
- Granular control of where user data resides
- Control of access to cloud applications
- Extended user access privileges in the cloud
For developers, FireEye also announces the newly launched Developer Hub, which makes FireEye leading capabilities such as Detection On-Demand accessible as a flexible and scalable security layer that can be applied to any cloud application or service.
To detect abnormal attacker behavior and unique threats to AWS and Office 365, FireEye Helix is introducing new data analytics rule packs powered by Mandiant incident response expertise. Detection On Demand also works with Helix to deliver advanced cloud threat analytics.
FireEye Helix is an intelligence-led platform that expands visibility from network to endpoints to accelerate threat responses and reduce operational costs.
In specific, FireEye Helix:
- centralizes security data and infrastructure
- makes informed and efficient decisions with contextual threat intelligence, and
- detects security incidents by correlating data from multiple tools
A library of established hypotheses enables FireEye Helix to cycle through and answer as many questions about the events and activity as possible.
Because cloud security should be as native and seamless as possible to maximize its effectiveness, FireEye Helix collects data from a company’s entire ecosystem and automatically analyzes it.
Martin Holste, FireEye CTO for Cloud, explained users can “extract data from places other than the network – such as Apache access logs and higher-level data sources – and FireEye Helix handles it very well. If you can get the data in there, we can apply hardcore detection to that data.”
The FireEye collection of hybrid and cloud solutions rolls out as the company released a video interview with FireEye’s Cloud CTO Martin Holste, introduced by Adam Greenberg this way:
With more organizations migrating to the cloud than ever before, and multiple clouds at that, the job of security professionals has never been tougher. There is simply more work to be done, and a widening skills gap is not doing anything to help. Organizations need to be doing everything they can to ensure they remain secure.
FireEye’s expanded portfolio for cloud and hybrid security debuted during the company’s FireEye Cyber Defense Summit earlier this month.