FireEye and Rapid7 Advance Security Incident Detection and Response Management With User-Behavior Intelligence
Technology Integration Alerts Enterprises of Advanced Attacks by Correlating User-Based Indicators of Compromise with Industry-Leading FireEye Dynamic Threat Intelligence
FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today’s advanced cyber attacks, today announced the integration of Rapid7 UserInsight into the FireEye® Threat Analytics Platform (TAP)™. The integrated solution adds user and account analysis to TAP’s hosted incident response platform to augment the detection of advanced attacks and insider threats. The joint solution is designed to provide the deepest levels of context to detect, contain, resolve and prevent threats.
FireEye Threat Analytics Platform is a cloud-based security incident detection and response management platform that provides high quality alerts verified against global cyber attack data. Based on user behavior, Rapid7 UserInsight detects and investigates breaches and compromised credentials across on-premise, cloud and mobile environments providing visibility into a critical attack vector. With additional threat data from Rapid7, FireEye is able to provide a more complete picture of when and how advanced attackers are targeting an organization as compromised user credentials comprise the majority of breaches.
TAP works with a diverse ecosystem of partners and leverages specialized parsers to translate log data into metadata that can quickly be analyzed to provide actionable intelligence. For select partners, TAP also provides customized rule packs that enhance reporting capabilities to security teams, helping to deliver immediate value to joint customers and extend the ROI they receive from their existing security tools.
"Advanced attack groups take advantage of siloed security solutions and their inability to correlate the different pieces of a complex breach attempt," said Steve Pataky, vice president of worldwide channels and alliances at FireEye. "By adding additional data from Rapid7, TAP is able to aggregate and analyze disparate sets of data from across the network along with user behavior to produce actionable intelligence that helps security teams and incident responders prioritize events that matter.”
“We know the majority of breaches involve compromised user credentials,” said Lee Weiner, senior vice president of products & engineering at Rapid7. “By integrating UserInsight with the FireEye Threat Analytics Platform, organizations can identify when unusual user behavior is paired with other suspicious activity on their network. This creates a more detailed picture of an attack and allows security operations teams to detect and investigate breaches and compromised credentials.”
A demo of the integrated solution will be available this week at Black Hat USA 2014 in Rapid7’s booth #541.
About FireEye, Inc.
FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 2,200 customers across more than 60 countries, including over 130 of the Fortune 500.
Vitor De Souza
# # #
© 2014 FireEye, Inc. All rights reserved. FireEye, Threat Analytics Platform, TAP, Dynamic Threat Intelligence and DTI are registered trademarks or trademarks of FireEye, Inc. in the United States and other countries. Rapid7 and UserInsight are trademarks of Rapid7. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.