New solution gives large enterprises the power to discover, understand and block advanced malware utilizing big data analytics
Sourcefire, Inc. (Nasdaq: FIRE), a leader in intelligent cybersecurity solutions, today introduced FireAMP™ advanced malware protection, a malware discovery and analysis solution that analyzes and blocks malware by utilizing big data analytics. Designed for large enterprises, FireAMP delivers unprecedented visibility and the control needed to block threats missed by other security layers. FireAMP is the latest fulfillment of Sourcefire’s Agile Security™ vision for context-aware, adaptive, and automated security solutions.
“Test results consistently show that the endpoint protection platforms (EPPs) currently available still do not protect endpoints against mass-propagated consumer threats — and their performance is even more dismal when faced with handcrafted targeted attacks,” said Neil MacDonald, vice president and fellow, and Peter Firstbrook, research director, at Gartner.1 “Moreover, the dwell time of targeted threats can be measured in months or even years, in some instances. Gartner currently estimates that 4% to 7% of enterprise endpoints are infected at any given time, and that the next scheduled scan will catch only 1% of threats.”
With the launch of FireAMP, Sourcefire is first to market with five new capabilities that amplify an organization’s defenses against advanced malware:
• FireCLOUD™ – Cloud-based infrastructure encompassing a number of advanced detection capabilities that leverage big data analytics to identify and score threats missed by other security layers
• File Trajectory – Tracks file movement within the enterprise, allowing organizations to identify the entry point and propagation path of malware
• File Analysis – Provides detailed information on malware behavior backed by the elite Sourcefire Vulnerability Research Team (VRT™) and the company’s collective security intelligence
• Outbreak Control – Customer-defined detections that immediately block malware without requiring an update from your security vendor
• Cloud Recall™ – Continuous in-the-cloud analysis of historical file activity to discover and remediate threats that were previously missed
FireAMP uses a lightweight agent to communicate with a cloud-based analysis engine and only leverages metadata for evaluation, requiring less storage, computation and memory than other security products. This minimizes system impact and allows it to coexist with and supplement existing security layers without sacrificing performance or manageability.
“While developing this product, we spoke with more than 100 large enterprises and heard one common theme – while they have the latest security technologies with all of the latest updates, they still see malware infections,” said Oliver Friedrichs, senior vice president of Sourcefire’s Cloud Technology Group. “We developed FireAMP with sophisticated detection, visibility and control especially for enterprises whose primary solutions are lacking. FireAMP’s discovery and analysis capabilities can help these companies quickly determine which systems are infected, how the infection occurred, the extent of the infection and how the malware behaves in order to both stop the malware and recover.”
FireAMP offers powerful reporting that delivers visibility into the state of malware in an environment. These reports detail high-risk computers; threat root cause, showing applications that are introducing malware; and advanced persistent threats, listing advanced malware that could be unique to a customer’s environment. FireAMP also includes comparative reporting, so that users can evaluate activities within their environment in the context of their overall organization or the larger, global installed base of FireAMP customers.
For more information visit www.sourcefire.com/FireAMP.
Sourcefire, Inc. (Nasdaq:FIRE), a world leader in intelligent cybersecurity solutions, is transforming the way global mid- to large-size organizations and government agencies manage and minimize network security risks. With solutions from a next-generation network security platform to advanced malware protection, Sourcefire provides customers with Agile SecurityTM that is as dynamic as the real world it protects and the attackers against which it defends. Trusted for more than 10 years, Sourcefire has been consistently recognized for its innovation and industry leadership with numerous patents, world-class research, and award-winning technology. Today, the name Sourcefire has grown synonymous with innovation, security intelligence and agile end-to-end security protection. For more information about Sourcefire, please visit www.sourcefire.com.
Sourcefire, the Sourcefire logo, Snort, the Snort and Pig logo, ClamAV, FireAMP, FirePOWER, FireSIGHT and certain other trademarks and logos are trademarks or registered trademarks of Sourcefire, Inc. in the United States and other countries. Other company, product and service names may be trademarks or service marks of others.
1 Gartner, “Predicts 2012: Sophisticated Attacks, Complex IT Environments and Increased Risks Demand New Approaches to Infrastructure Protection” November 29, 2011.
Middle East Press Contact:
OAK Consulting FZ LLC
+971 50 781 8568