FireEye

40 %
60 %
Information about FireEye

Published on July 27, 2007

Author: gigamon

Source: slideshare.net

Description

FireEye, Inc. is the leader in network malware control, dedicated to eradicating malware from the world's networks. FireEye provides the world's only malware control system designed to secure networks from targeted malware. Our solutions bring advanced network security together with state-of-the-art virtualization technology to combat crimeware and protect customer data, intellectual property and company resources, solving critical business needs without taxing your IT administration. FireEye is based in Menlo Park, CA and backed by Sequoia Capital and Norwest Venture Partners. For more details, visit http://www.fireeye.com.

FireEye Network Malware Control System Chad Harrington VP of Marketing

Overview Crimeware’s rise to prominence Traditional security barriers collapsing FireEye Network Malware Control System

Understanding Crimeware Targeted malware for profit Funded by criminal orgs & online markets Allows remote control by external parties Cybercrime now ranks among the FBI’s top priorities behind terrorism & espionage. Computer-based crimes caused $14.2 billion in damages to businesses around the globe in 2005

Targeted malware for profit

Funded by criminal orgs & online markets

Allows remote control by external parties

The Crimeware Economy

Impact of Crimeware Attacks Bottom line losses Product/service theft Intellectual property stolen PC & bandwidth exploited Liability & clean-up Customer notifications & lawsuits Data restoration & downtime Brand erosion & loss of customers 20% of notified customers have ended business relationship due to breach

Bottom line losses

Product/service theft

Intellectual property stolen

PC & bandwidth exploited

Liability & clean-up

Customer notifications & lawsuits

Data restoration & downtime

Brand erosion & loss of customers

20% of notified customers have ended business relationship due to breach

How Does Targeted Malware Infiltrate? Common vectors Mobile laptop Employee home machine 3 rd party, guest PC Enterprise desktop 1 Customized attack

Common vectors

Mobile laptop

Employee home machine

3 rd party, guest PC

Enterprise desktop

How Does Targeted Malware Infiltrate? 2 Customized attack Command & control Remote Control Established Begin probing network Identify high-value victims Install additional malware Steal data & information

Remote Control Established

Begin probing network

Identify high-value victims

Install additional malware

Steal data & information

How Does Targeted Malware Infiltrate? Targeted infiltration 3 Customized attack Command & control

How Does Targeted Malware Infiltrate? Keyloggers Password crackers Trojans Spam/Phishbots 4 Customized attack Command & control

Keyloggers

Password crackers

Trojans

Spam/Phishbots

Traditional Security Barriers Collapsing Crimeware is designed to escape attention Exploits bypass traditional security, such as Firewalls – use open ports Antivirus – be slightly new & different Anomaly detectors – remain calm & look normal “ Botnet worm infections can occur even when the impacted organization has the very latest antivirus signatures and is automatically pushing out OS and application patches .” US-CERT whitepaper

Crimeware is designed to escape attention

Exploits bypass traditional security, such as

Firewalls – use open ports

Antivirus – be slightly new & different

Anomaly detectors – remain calm & look normal

Targeted Malware Simply Undetectable by Traditional Security Techniques Targeted malware has 2 to 6 year window Window of Exploitability Signature or Patch Released Vulnerable Software Released Vulnerability Discovered/ Disclosed

Fire FireEye Network Malware Control System Stops botnet & malware infiltration others do not Ensures only compliant PCs gain network access Continuous network traffic analysis Automatic prevention & enforcement

Stops botnet & malware infiltration others do not

Ensures only compliant PCs gain network access

Continuous network traffic analysis

Automatic prevention & enforcement

What is Network Malware Control? Ensure Compliance On-connect network access controls ensures only compliant machines gain network access Continuous Analysis Continuous analysis of network activities for botnet transmissions & infection attempts Automatic Enforcement Automatically filter out malicious packets, botnet transmissions, and block infected machines

Ensure Compliant Network Access Remote & Wireless users LAN users WAN/VPN Internet Wireless Network access controls - Limit network access to machines with updated AV signatures & OS patches

Continuous Analysis using the FireEye Attack Confirmation Technology (FACT) An infinite supply of virtual victim machines analyzes network traffic flows for targeted attacks Mirrored network traffic flows

Automated Prevention & Enforcement Switches Close off / restrict network access to infected machines to protect customer data and company resources Mobility controllers MAC exclusion, VLAN re-assignment to block infected machines from network Packet filtering Productive traffic can continue to flow, but malicious traffic is blocked Internet

Typical FireEye Deployments Backbone WAN Internet Data Center Eliminate Network Borne Crimeware from Wireless Users Protect Data Center Windows Servers from Crimeware Eliminate Crimeware From Infiltrating from Internet Eliminate Network Borne Crimeware From Remote Branch Offices and Stores

The FireEye Ecosystem Active collaboration with law enforcement, industry, & security researchers to root out crimeware Law enforcement & Military Research institutions Industry participants Enterprise customers Internet Service Providers

Active collaboration with law enforcement, industry, & security researchers to root out crimeware

Law enforcement & Military

Research institutions

Industry participants

Enterprise customers

Internet Service Providers

About FireEye, Inc. Dedicated to eradicating malware from the world’s networks Based in Menlo Park, CA Led by an experienced team from Sun, Cisco, Aruba, Symantec, Check Point, & McAfee Online at www.fireeye.com

Dedicated to eradicating malware from the world’s networks

Based in Menlo Park, CA

Led by an experienced team from Sun, Cisco, Aruba, Symantec, Check Point, & McAfee

Online at www.fireeye.com

www.fireeye.com

Add a comment

Related presentations

Related pages

Cybersicherheit und Malware-Schutz | FireEye

FireEye (FEYE) ist führend im Bereich Cybersicherheit und schützt Unternehmen vor Advanced Malware, Zero-Day-Exploits, APTs und anderen Cyberangriffen.
Read more

Cyber Security & Malware Protection | FireEye

FireEye (FEYE) is a leader in cyber security, protecting organizations from advanced malware, zero-day exploits, APTs, and other cyber attacks.
Read more

FireEye – Wikipedia

FireEye, Inc. ist ein börsennotiertes Unternehmen mit Sitz in Milpitas, Kalifornien, USA, das Netzwerksicherheits-Software und -Dienstleistungen anbietet.
Read more

Schutz gegen Cyberangriffe und Malware | FireEye

FireEye wehrt hochtechnisierte Cyberangriffe ab und erkennt Malware, um so für optimale Sicherheit in Ihrem Netzwerk zu sorgen. Verbessern Sie noch heute ...
Read more

FIREEYE AKTIE | Aktienkurs | Nachrichten - finanzen.net

FIREEYE AKTIE und aktueller Aktienkurs. Nachrichten zur Aktie FireEye Inc | A1W4G7 | FEYE
Read more

FireEye | Die Kosten für die Bewältigung der Warnungsflut ...

Ich möchte E-Mails von FireEye erhalten, die Cyber-Updates und –Warnungen beinhalten. Ich kann diese jederzeit wieder abbestellen.
Read more

Cyber Security Products | FireEye

FireEye stops advanced cyber attacks and detects malware to enhance your network security defenses. Learn about FireEye today!
Read more

FireEye | Deutschland sicher im Netz e.V.

FireEye wurde 2004 gegründet und ist eines der weltweit führenden Unternehmen im Bereich der IT-Sicherheit. FireEye hat eine Virtual-Machine-basierte ...
Read more

FireEye

Ferner präsentieren wir moderne Ansätze wie Threat Intelligence in der Praxis und zeigen den Nutzen, wie dies Ihre Verteidigungsfähigkeit erhöhen kann.
Read more

FIREEYE AKTIEN News | A1W4G7 Nachrichten

News zur FIREEYE AKTIE und aktueller Realtime-Aktienkurs FIREEYE Aktien jetzt ab 5,00 US-Dollar handeln!
Read more