Industry’s Leading Detection Engine Triples Analysis Speed - FireEye Redefines Threat Detection Again With Cutting-Edge Innovations Powered By New MVX Architecture. With this new architecture, FireEye brings increased speed, accuracy and coverage for advanced threats, provides richer contextual intelligence, and the automation of front-line intelligence to drive detection.
MILPITAS, California – October 12, 2015 – FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today's advanced cyber attacks, unveiled its next generation MVX™ architecture, tripling analysis speed to improve time to protection. With this new architecture, FireEye brings increased speed, accuracy and coverage for advanced threats, provides richer contextual intelligence, and the automation of front-line intelligence to drive detection. The new release expands FireEye’s ability to inspect encrypted objects, adding visibility into SSL encrypted traffic. FireEye also continues to reduce operational costs faced by security teams by eliminating the noise generated by adware and potentially unwanted programs (PUPs) in a solution that consolidates commodity and advanced threats. The new release will be generally available in November 2015.
With this release, customers will benefit from:
Increased speed, accuracy and coverage for advanced threats
Today, most advanced attacks leverage multiple vectors across many stages. With new innovations, FireEye customers will see:
- A three-fold increase in overall analysis speed using faster algorithms for web traffic analysis.
- A five-fold increase in capacity to detect attacks at their earliest phase to help block attackers at the weakest point of attack, further expanding FireEye’s industry leading detection efficacy.
A ten-fold increase in providing alert specific intelligence context at the time of detection.
FireEye MVX is the only advanced threat solution in the market to provide attacker context at the time of detection. With this release, FireEye has increased this capability to better enable enterprises to swiftly and accurately respond to threats that matter.
Automation of front-line intelligence
Identifying, correlating, and understanding suspicious patterns in an organization are fundamental to detecting today’s advanced threats. FireEye’s intelligence-driven detection framework enables the quick release and tuning of new detection modules through FireEye’s Dynamic Threat Intelligence™ (DTI™) capability. In addition, FireEye investigates the intrinsic properties of malicious objects to detect evolving malware and recognize the continuous alterations made by attackers. This advanced technique leverages the power of the FireEye network encompassing millions of sensors, intelligence from incident response and FireEye threat research as well as machine learning and big data analytics to discover new malware variants. With these capabilities, FireEye customers can quickly and accurately respond to changing threat actor tools, tactics and procedures.
- Mobile Threat Prevention integration into the MVX platform. The new MVX engine architecture enables detection and prevention of callbacks coming from infections on Android and iOS devices when they are on protected company WiFi networks.
- Applying FireEye technology to reduce noise from adware and PUP. FireEye also continues to reduce operational costs borne by security teams by consolidating detection and eliminating the noise generated by adware and potentially unwanted programs. FireEye pioneered noise reduction by integrating traditional IPS signature detection with MVX engine validation, improving efficiency for security analysts by eliminating IPS false positives and allowing security teams to focus on high fidelity alerts.
- SSL visibility into encrypted traffic. FireEye is also introducing SSL Intercept 10150, with 10G load balancing and SSL decryption in one appliance, which when combined with other FireEye products, delivers line-rate 10G encrypted traffic visibility and detection. More and more applications use encryption, leaving today’s security tools blind. According to Sandvine, more than two-thirds of North American internet traffic will be encrypted by 2016. The SSL Intercept appliance improves security, enhances visibility into encrypted traffic and creates a more holistic protection system. The new appliance provides a hardware based SSL decryption functionality that does not impede performance and scales to 20 gigabits per second. With URL classification, organizations with privacy policies and compliance requirements can selectively exclude trusted sites from SSL inspection.
“The network security sandbox segment is dominated by FireEye, which commands almost two-thirds of 2014 market revenue,” said Frank Dickson, research director with Frost & Sullivan. “A combination of network security sandbox features and large market share puts FireEye in the position of clear leadership. FireEye continues to capitalize on its first-mover advantage.”
According to Frost and Sullivan’s Network Security Sandbox Market Analysis: APTs Create a “Must Have” Security Technology, the network sandbox segment was a half billion market in 2014, and this sector is expected to grow to $3.5 billion by 2019, with an average compound annual growth rate (CAGR) of 45.6 percent from 2014-2019. Network security sandbox technologies, which execute and analyze suspicious software in a controlled environment, use sophisticated algorithms to detect and validate previously unseen attacks missed by signature-based detection technologies.
“Today’s advanced attackers strike fast and hard, constantly shifting their methods. To succeed in this environment, security teams require an adaptive defense capability architected to be accurate, precise and resilient in a changing threat landscape,” explained Manish Gupta, SVP of products at FireEye. “By innovating the MVX architecture with next generation detection capabilities, FireEye not only raises the bar against the advanced attackers to an unprecedented level. Additionally, our innovations continue to streamline the cost of security operations by expediting their ability to detect and respond to the threats that matter the most.”
Additional capabilities include:
- Higher Capacity NX Solution Leveraging the FireEye SSL Intercept load balancing capability, enterprises can now distribute traffic across FireEye Network appliances to achieve up to 10 Gbps inline throughput.
- IPS enhancements FireEye has seen a 30 percent attach rate for its IPS product with its customer base. Now, FireEye strengthens accuracy, manageability and visibility with a number of IPS enhancements including rules to further improve alert accuracy, additional custom policies, and selective detection based on suspicious indicator category.