Follow Us
Contact Us
Live ChatHow FireEye Analysis & Confirmation Technology works
The FireEye Analysis & Confirmation Technology (FACT) engine is at the core of all FireEye appliances and feeds dynamically generated security content into the FireEye MAX Network.
The FACT engine is a network-based technology that creates an infinite supply of virtual victim machines to analyze in real-time Web and network traffic flows for stealthy, targeted malware.
- Web & network traffic is mirrored into the FACT engine.
- Suspicious traffic is identified using signatures, heuristics, anomaly detection, and other techniques to maximize detection of stealth malware
- Next, the suspicious traffic is replayed into virtual machines to eliminate false positives and confirm that a malicious infection is taking place
- Malware and its callback channels are fingerprinted, shared with the MAX network, and automated XML, SNMP, and SMTP alerts are issued
