FireEye Threat Intelligence

An adaptive defense requires Threat Intelligence

As attackers use more advanced tactics and seek to maintain persistence in an organization, security teams struggle to understand which cyber threats pose the greatest risk. New threats appear daily and create a strain on cyber security teams who must quickly determine whether a threat is real and respond accordingly.

FireEye Threat Intelligence draws on our proprietary global, machine-based threat intelligence and incident response analysis. It enables cyber security teams to effectively identify, block, analyze and respond to advanced cyber attacks by giving them the context required to identify threat actors and the indicators of compromise.

Emerging Products: Threat Intelligence

Read why SC Magazine calls FireEye Threat Intelligence "...an extremely powerful system for gathering, analyzing, and acting on cyber threat intelligence."

View Product Review 

FireEye Threat Intelligence Gives Context to Prioritize and Stop Threats

FireEye Threat Intelligence provides intel and analysis to help you understand cyber threats, identify and stop cyber attacks, and reduce the impact of compromise. Specifically, FireEye Threat Intelligence helps:

  • Automate the detection and prevention of zero day and other advanced cyber attacks with our global threat intelligence ecosystem.
  • Accelerate incident response and reduce the time to investigate and resolve security incidents.
  • Improve ROI on cyber security investments and evaluate your cyber security posture against threats to shift resources accordingly to protect against new cyber threats and resolve incidents.

Hacking the Street? FIN4 Likely Playing the Market.

FIN4 group targets over 100 publicly traded companies and advisory boards. Find out the targeted industries, techniques used, and more.

Download Report 

 

FireEye offers 3 levels of threat intelligence to suit your analysis needs:
 

Dynamic Threat Intelligence
(DTI)

DTI provides basic cyber threat intelligence and enables FireEye technologies to gather and share global threat intelligence. It helps you detect and block advanced cyber attacks by anonymously exchanging data on web, email, and file-based threats across the FireEye global cloud network.

Advanced Threat Intelligence (ATI)

ATI adds additional context to the threat intelligence and analysis and alerts you with this information. It includes any known information about the threat actors and malware used. In addition, likely motives and other indicators of compromise are included so you can search for the attackers in your environment.

Advanced Threat Intelligence Plus (ATI+)

ATI+ adds comprehensive dossiers, trends, news, and analysis on advanced cyber threat groups as well as profiles of targeted industries and information about the types of data threat groups are targeting. It also includes community threat sharing, which allows organizations to share threat intelligence with trusted partners to develop personalized community cyber defenses. Customers at this level can also benefit from our 24/7/365 critical alert and detection efficacy monitoring.

FireEye Threat intelligence allows you to move from detection to response in minutes and helps you implement a predictive posture for your cyber security efforts.

Download the FireEye Threat Intelligence data sheet for additional information on how FireEye transforms data into intelligence.

Cyber threat intelligence is central to an Adaptive Security Strategy

FireEye Threat Intelligence Subscription Options Table

  Dynamic Threat Intelligence
(DTI)
Advanced Threat Intelligence
(ATI)
Advanced Threat Intelligence
Plus (ATI+)
Threat Intel Updates for FireEye Platforms Threat Intel Updates for FireEye Platforms
Supports One- and Two-Way Threat Intelligence Sharing Supports One- and Two-Way Threat intelligence Sharing Two-way Only
Community-Based Intel Sharing Community-Based Intel Sharing
Attribution of Alerts to Known Threat Actors Attribution of Alerts to Known Threat Actors  ●* ●*  ●* ●*
Description of Malware Family Description of Malware Family  ●* ●*  ●* ●*
Vulnerability and Kill Chain Analysis Vulnerability and Kill Chain Analysis  ●* ●*  ●* ●*
Continuous Monitoring by FireEye Analysts Continuous Monitoring by FireEye Analysts  ●* ●*
Detection Efficacy Monitoring Detection Efficacy Monitoring  ●* ●*
Detailed Information on Malware Families Detailed Information on Malware Families
Enriched Community Intel Sharing Enriched Community Intel Sharing
Threat Actor Profiles Threat Actor Profiles
In-Depth Analysis and Reports on Attacker Trends In-Depth Analysis and Reports on Attacker Trends
On-Demand Analysis of IPs and Domains On-Demand Analysis of IPs and Domains
●* Requires Two-Way Threat Intelligence Sharing mode. Subscribers of ATI+ also receive ATI benefits on their appliances that support this feature. Currently ATI is supported by the FireEye Network Threat Prevention Platforms.

Since 2007, APT28 has systematically evolved its malware, using flexible and lasting platforms indicative of plans for long-term use."

- FireEye Labs