Every day we see #endpointfail (and we built something better)

Last quarter we responded to more security breaches than in any prior quarter in our history. And our Mandiant services team doesn’t respond to intrusions at Kara’s Cupcake Emporium – these are A1 enterprise organizations that all have up to date firewalls and in many cases have deployed traditional and “next gen” endpoint products that claim to detect and stop the most sophisticated attacks.

But they didn’t – otherwise we wouldn’t have been called in.  For every airport ad they’ve bought, we’ve responded to a breach that bypassed detection by a “next gen” endpoint solution or was hidden in a glut of false positives.

At FireEye, our security innovation begins at the breach. Because we own that moment, we get to witness firsthand how attackers evade other security safeguards – including “next gen” endpoint – and this allows us to innovate at the speed of attackers.

A Smarter Endpoint

Our Endpoint Security platform started as the tool of choice for the best IR team in the world to investigate breaches. Over the years, our product evolved to include the high-fidelity detection of FireEye, investigation and search capabilities at massive scale – making us the leader in endpoint detection and response (EDR).

But customers need a modern endpoint solution that addresses the question “now what?”

That’s why today we’re introducing a host of new features at no-cost to our customers, creating a comprehensive endpoint security solution that builds on our leadership in EDR. Specifically, we are adding behavior-based prevention, OSX support, and commodity malware protection. Our solution will include two major engines – Exploit Guard and an OEM partnership  – to answer the “now what?” and protect our customers from all threats, from commodity malware to targeted attacks.

We’re introducing one comprehensive endpoint security solution that incorporates the latest techniques to protect the endpoint: advanced behavior-based prevention, machine learning, MVX-based dynamic analysis, streaming prevention, and now comprehensive threat protection.

“Exploit Guard” – one of our new behavior based engines – detects and prevents adversary activity on the endpoint. We’re also announcing a new OEM partnership with another leading security vendor – Bitdefender – to integrate their anti-malware engine, enabling us to detect and prevent known and unknown threats, not just the threats that AV misses. Bitdefender have consistently been among the leaders in independent, global anti-malware protection tests, and we couldn’t be more excited to offer their capabilities at no additional costs to our customers. These capabilities will be available to customers at no additional charge; all integrated into a single agent within the existing single pane of glass.

As our customers know, a single engine or technique is not enough; attackers continually innovate and bypass existing techniques. That’s why responding to attacks enables us to see where other products fail, and we operationalize this by always innovating and using the latest techniques to protect our clients.

Intelligence-Led Security

When a legacy vendor identifies malicious files, an alert is generated, and given their tools, this is where the story ends. We’re the only company that can incorporate the threat data we get from AV and correlate this with industry-leading threat intelligence to present a full picture of an attack. We can provide context about the attacker, and the ability to automate responses based on high-fidelity contextual alerts.

With high-fidelity correlation, contextual information and automation capabilities, we’re working to answer “now what?” so our customers can move from alert to fix.  

Customers won’t have to deploy and manage multiple agents or pay for overpriced commodity features from a legacy vendor. FireEye endpoint will also include broad OS support, fast enterprise search, and contextual intelligence that no other vendor can match.

Simplify, Integrate, and Automate Your Entire Security Operation – Starting with the Endpoint

But what no other vendor can come close to offering is a single plane of glass that displays the most dangerous threats to your organization and mitigates risk through a simple, streamlined interface for all your security alerts.  

That’s FireEye Helix. And our endpoint product is designed to enable clients to move from detection to response with correlated alert information, automated workflows, fast enterprise search, and the best detection and response technology.

There’s a lot more to come from FireEye. We’re working hard to simplify security operations so our customers can focus on what matters most to them.

If you’re at RSA, come see us to learn more about our approach to the endpoint and see what Helix can do. Just don’t look for us at the airport on the way home – we’re out on the frontlines making our endpoint better every single day.