FireEye Threat Intelligence

An adaptive defense requires Threat Intelligence

As attackers use more advanced tactics and seek to maintain persistence in an organization, security teams struggle to understand which cyber threats pose the greatest risk. New threats appear daily and create a strain on cyber security teams who must quickly determine whether a threat is real and respond accordingly.

FireEye Threat Intelligence draws on our proprietary global, machine-based threat intelligence and incident response analysis. It enables cyber security teams to effectively identify, block, analyze and respond to advanced cyber attacks by giving them the context required to identify threat actors and the indicators of compromise.

FireEye offers multiple levels of threat intelligence to align with your needs and capabilities from our core Dynamic Threat Intelligence (DTI) to Advanced Threat Intelligence Plus (ATI+).

Dynamic Threat Intelligence
(DTI)

DTI provides basic cyber threat intelligence and enables FireEye technologies to gather and share global threat intelligence. It helps you detect and block advanced cyber attacks by anonymously exchanging data on web, email, and file-based threats across the FireEye global cloud network.

Advanced Threat Intelligence (ATI)

ATI adds additional context to the threat intelligence and analysis and alerts you with this information. It includes any known information about the threat actors and malware used. In addition, likely motives and other indicators of compromise are included so you can search for the attackers in your environment.

Advanced Threat Intelligence Plus (ATI+)

ATI+ adds comprehensive dossiers, trends, news, and analysis on advanced cyber threat groups as well as profiles of targeted industries and information about the types of data threat groups are targeting. It also includes community threat sharing, which allows organizations to share threat intelligence with trusted partners to develop personalized community cyber defenses. Customers at this level can also benefit from our 24/7/365 critical alert and detection efficacy monitoring.

FireEye Threat Intelligence
Subscription Options
Dynamic Threat Intelligence
(DTI)
Advanced Threat Intelligence
(ATI)
Advanced Threat Intelligence
Plus (ATI+)
Threat Intel Updates for FireEye Platforms Threat Intel Updates for FireEye Platforms
Supports One- and Two-Way Threat Intelligence Sharing Supports One- and Two-Way Threat intelligence Sharing Two-way Only
Community-Based Intel Sharing Community-Based Intel Sharing
Attribution of Alerts to Known Threat Actors Attribution of Alerts to Known Threat Actors  ●* ●*  ●* ●*
Description of Malware Family Responsible for Alerts if Applicable Description of Malware Family Responsible for Alerts if Applicable  ●* ●*  ●* ●*
Vulnerability and Kill Chain Analysis of Alerts if Applicable Vulnerability and Kill Chain Analysis of Alerts if Applicable  ●* ●*  ●* ●*
24/7 Monitoring by FireEye Analysts for Critical Alerts 24/7 Monitoring by FireEye Analysts for Critical Alerts  ●* ●*
Detection Efficacy Monitoring Detection Efficacy Monitoring  ●* ●*
Detailed Information on Malware Families Detailed Information on Malware Families
Threat Actor Profiles Threat Actor Profiles
In-Depth Analysis and Reports on Attacker Trends In-Depth Analysis and Reports on Attacker Trends
On-Demand Analysis of IPs and Domains On-Demand Analysis of IPs and Domains
Enriched Community Intel Sharing Enriched Community Intel Sharing
●* Requires Two-Way Threat Intelligence Sharing mode. Subscribers of ATI+ also receive ATI benefits on their appliances that support this feature. Currently ATI is supported by the FireEye Network Threat Prevention Platforms.

Emerging Products: Threat Intelligence

Read why SC Magazine calls FireEye Threat Intelligence "...an extremely powerful system for gathering, analyzing, and acting on cyber threat intelligence."

View Product Review