FireEye Threat Intelligence
An adaptive defense requires Threat Intelligence
As attackers use more advanced tactics and seek to maintain persistence in an organization, security teams struggle to understand which cyber threats pose the greatest risk. New threats appear daily and create a strain on cyber security teams who must quickly determine whether a threat is real and respond accordingly.
FireEye Threat Intelligence draws on our proprietary global, machine-based threat intelligence and incident response analysis. It enables cyber security teams to effectively identify, block, analyze and respond to advanced cyber attacks by giving them the context required to identify threat actors and the indicators of compromise.
FireEye Threat Intelligence Gives Context to Prioritize and Stop Threats
FireEye Threat Intelligence provides intel and analysis to help you understand cyber threats, identify and stop cyber attacks, and reduce the impact of compromise. Specifically, FireEye Threat Intelligence helps:
- Automate the detection and prevention of zero day and other advanced cyber attacks with our global threat intelligence ecosystem.
- Accelerate incident response and reduce the time to investigate and resolve security incidents.
- Improve ROI on cyber security investments and evaluate your cyber security posture against threats to shift resources accordingly to protect against new cyber threats and resolve incidents.
Building a Business Case
- Datasheet: FireEye Threat Intelligence
- White Paper: The Business Case for an Advanced Security Solution
- Blog: FireEye Threat Intelligence Gives Context to Prioritize and Stop Threats
- Report: M-Trends 2014 Annual Threat Report - Beyond the Breach
- Report: Cybersecurity's Maginot Line
- Webinar: Understanding the Adversary - The Role of Intelligence in Your Security Strategy
- Blog: A Threatening Threat Map
- FireEye Corporate Brochure
- International Literature
- Advanced Threat Solutions Recommendation Guide
- Technology Alliance Partners
FireEye offers 3 levels of threat intelligence to suit your
Dynamic Threat Intelligence
DTI provides basic cyber threat intelligence and enables FireEye technologies to gather and share global threat intelligence. It helps you detect and block advanced cyber attacks by anonymously exchanging data on web, email, and file-based threats across the FireEye global cloud network.
Advanced Threat Intelligence (ATI)
ATI adds additional context to the threat intelligence and analysis and alerts you with this information. It includes any known information about the threat actors and malware used. In addition, likely motives and other indicators of compromise are included so you can search for the attackers in your environment.
Advanced Threat Intelligence Plus (ATI+)
ATI+ adds comprehensive dossiers, trends, news, and analysis on advanced cyber threat groups as well as profiles of targeted industries and information about the types of data threat groups are targeting. It also includes community threat sharing, which allows organizations to share threat intelligence with trusted partners to develop personalized community cyber defenses. Customers at this level can also benefit from our 24/7/365 critical alert and detection efficacy monitoring.
FireEye Threat intelligence allows you to move from detection to
response in minutes and helps you implement a predictive posture for
your cyber security efforts.
Cyber threat intelligence is central to an Adaptive Security Strategy
FireEye Threat Intelligence Subscription Options Table
|Dynamic Threat Intelligence
|Advanced Threat Intelligence
|Advanced Threat Intelligence
|Threat Intel Updates for FireEye Platforms Threat Intel Updates for FireEye Platforms||● ●||● ●||● ●|
|Supports One- and Two-Way Threat Intelligence Sharing Supports One- and Two-Way Threat intelligence Sharing||● ●||Two-way Only||● ●|
|Community-Based Intel Sharing Community-Based Intel Sharing||● ●||● ●||● ●|
|Attribution of Alerts to Known Threat Actors Attribution of Alerts to Known Threat Actors||●* ●*||●* ●*|
|Description of Malware Family Description of Malware Family||●* ●*||●* ●*|
|Vulnerability and Kill Chain Analysis Vulnerability and Kill Chain Analysis||●* ●*||●* ●*|
|Continuous Monitoring by FireEye Analysts Continuous Monitoring by FireEye Analysts||●* ●*|
|Detection Efficacy Monitoring Detection Efficacy Monitoring||●* ●*|
|Detailed Information on Malware Families Detailed Information on Malware Families||● ●|
|Enriched Community Intel Sharing Enriched Community Intel Sharing||● ●|
|Threat Actor Profiles Threat Actor Profiles||● ●|
|In-Depth Analysis and Reports on Attacker Trends In-Depth Analysis and Reports on Attacker Trends||● ●|
|On-Demand Analysis of IPs and Domains On-Demand Analysis of IPs and Domains||● ●|
|●* Requires Two-Way Threat Intelligence Sharing mode. Subscribers of ATI+ also receive ATI benefits on their appliances that support this feature. Currently ATI is supported by the FireEye Network Threat Prevention Platforms.|
Since 2007, APT28 has systematically evolved its malware, using flexible and lasting platforms indicative of plans for long-term use."
- FireEye Labs
Executive Perspectives Blog
Covers the latest news and trends in cyber threats and cyber security focusing on the impact to business.