FireEye Redefines Threat Detection Again With Cutting-Edge Innovations Powered By New MVX Architecture

Industry’s Leading Detection Engine Triples Analysis Speed

MILPITAS, California – October 12, 2015 – FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today's advanced cyber attacks, unveiled its next generation MVX™ architecture, tripling analysis speed to improve time to protection. With this new architecture, FireEye brings increased speed, accuracy and coverage for advanced threats, provides richer contextual intelligence, and the automation of front-line intelligence to drive detection. The new release expands FireEye’s ability to inspect encrypted objects, adding visibility into SSL encrypted traffic. FireEye also continues to reduce operational costs faced by security teams by eliminating the noise generated by adware and potentially unwanted programs (PUPs) in a solution that consolidates commodity and advanced threats. The new release will be generally available in November 2015.

With this release, customers will benefit from:

·      Increased speed, accuracy and coverage for advanced threats.  Today, most advanced attacks leverage multiple vectors across many stages. With new innovations, FireEye customers will see:

        o   A three-fold increase in overall analysis speed using faster algorithms for web traffic analysis.

        o   A five-fold increase in capacity to detect attacks at their earliest phase to help block attackers at the weakest point of attack, further expanding FireEye’s industry leading detection efficacy.

·      A ten-fold increase in providing alert specific intelligence context at the time of detection. FireEye MVX is the only advanced threat solution in the market to provide attacker context at the time of detection. With this release, FireEye has increased this capability to better enable enterprises to swiftly and accurately respond to threats that matter.

·      Automation of front-line intelligence. Identifying, correlating, and understanding suspicious patterns in an organization are fundamental to detecting today’s advanced threats. FireEye’s intelligence-driven detection framework enables the quick release and tuning of new detection modules through FireEye’s Dynamic Threat Intelligence™ (DTI™) capability.  In addition, FireEye investigates the intrinsic properties of malicious objects to detect evolving malware and recognize the continuous alterations made by attackers. This advanced technique leverages the power of the FireEye network encompassing millions of sensors, intelligence from incident response and FireEye threat research as well as machine learning and big data analytics to discover new malware variants. With these capabilities, FireEye customers can quickly and accurately respond to changing threat actor tools, tactics and procedures.

  • Mobile Threat Prevention integration into the MVX platform. The new MVX engine architecture enables detection and prevention of callbacks coming from infections on Android and iOS devices when they are on protected company WiFi networks.
  • Applying FireEye technology to reduce noise from adware and PUP.  FireEye also continues to reduce operational costs borne by security teams by consolidating detection and eliminating the noise generated by adware and potentially unwanted programs. FireEye pioneered noise reduction by integrating traditional IPS signature detection with MVX engine validation, improving efficiency for security analysts by eliminating IPS false positives and allowing security teams to focus on high fidelity alerts.
  • SSL visibility into encrypted traffic.  FireEye is also introducing SSL Intercept 10150, with 10G load balancing and SSL decryption in one appliance, which when combined with other FireEye products, delivers line-rate 10G encrypted traffic visibility and detection. More and more applications use encryption, leaving today’s security tools blind. According to Sandvine, more than two-thirds of North American internet traffic will be encrypted by 2016. The SSL Intercept appliance improves security, enhances visibility into encrypted traffic and creates a more holistic protection system. The new appliance provides a hardware based SSL decryption functionality that does not impede performance and scales to 20 gigabits per second. With URL classification, organizations with privacy policies and compliance requirements can selectively exclude trusted sites from SSL inspection.

“The network security sandbox segment is dominated by FireEye, which commands almost two-thirds of 2014 market revenue,” said Frank Dickson, research director with Frost & Sullivan. “A combination of network security sandbox features and large market share puts FireEye in the position of clear leadership. FireEye continues to capitalize on its first-mover advantage.”

According to Frost and Sullivan’s Network Security Sandbox Market Analysis: APTs Create a “Must Have” Security Technology, the network sandbox segment was a half billion market in 2014, and this sector is expected to grow to $3.5 billion by 2019, with an average compound annual growth rate (CAGR) of 45.6 percent from 2014-2019. Network security sandbox technologies, which execute and analyze suspicious software in a controlled environment, use sophisticated algorithms to detect and validate previously unseen attacks missed by signature-based detection technologies.

“Today’s advanced attackers strike fast and hard, constantly shifting their methods. To succeed in this environment, security teams require an adaptive defense capability architected to be accurate, precise and resilient in a changing threat landscape,” explained Manish Gupta, SVP of products at FireEye. “By innovating the MVX architecture with next generation detection capabilities, FireEye not only raises the bar against the advanced attackers to an unprecedented level. Additionally, our innovations continue to streamline the cost of security operations by expediting their ability to detect and respond to the threats that matter the most.”

Additional capabilities include:

  • Higher Capacity NX Solution  Leveraging the FireEye SSL Intercept load balancing capability, enterprises can now distribute traffic across FireEye Network appliances to achieve up to 10 Gbps inline throughput.
  • IPS enhancements  FireEye has seen a 30 percent attach rate for its IPS product with its customer base.  Now, FireEye strengthens accuracy, manageability and visibility with a number of IPS enhancements including rules to further improve alert accuracy, additional custom policies, and selective detection based on suspicious indicator category.

About FireEye, Inc.

FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 3,700 customers across 67 countries, including 675 of the Forbes Global 2000.

Forward-Looking Statements

This press release contains forward-looking statements, including statements related to the expectations, beliefs, features, benefits and general availability of FireEye’s new MVX engine architecture and SSL Intercept 10150. These forward-looking statements involve risks and uncertainties, as well as assumptions which, if they do not fully materialize or prove incorrect, could cause the performance of these new platforms and FireEye’s results to differ materially from those expressed or implied by such forward-looking statements. The risks and uncertainties that could cause our results to differ materially from those expressed or implied by such forward-looking statements include customer demand and adoption of FireEye’s solutions; real or perceived defects, errors or vulnerabilities in FireEye’s products or services; FireEye’s ability to react to trends and challenges in its business and the markets in which it operates; FireEye’s ability to anticipate market needs or develop new or enhanced products and services to meet those needs; and general market, political, economic, and business conditions; as well as those risks and uncertainties included under the captions “Risk Factors” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” in FireEye’s quarterly report on Form 10-Q filed with the Securities and Exchange Commission on July 31, 2015, which is available on the Investor Relations section of the company’s website at and on the SEC website at All forward-looking statements in this press release are based on information available to the company as of the date hereof, and FireEye does not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made. Any future product, service, feature, benefit or related specification that may be referenced in this release are for information purposes only and are not commitments to deliver any technology or enhancement. FireEye reserves the right to modify future product and services plans at any time.

Media contact:

Vitor De Souza
FireEye, Inc.


Investor Contact:

Kate Patterson
FireEye, Inc.



© 2015 FireEye, Inc. All rights reserved. FireEye, MVX, Dynamic Threat Intelligence and DTI are registered trademarks or trademarks of FireEye, Inc. in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.