FireEye has announced several enhancements to its endpoint security solution designed to offer protection from threats missed by legacy and next-generation endpoint solutions. Utilising the behavioural analysis capabilities of Exploit Guard, Endpoint Security now adds the prevention capabilities needed to quickly detect and respond to threats against Microsoft Windows. With this latest release, FireEye Endpoint Security also adds support for Mac OS endpoints. These new capabilities are generally available to customers around the world effective immediately.
These exploit prevention capabilities are the first of several major, no-cost upgrades for FireEye Endpoint Security customers in 2017 – providing them a comprehensive Endpoint Protection Platform (EPP). Additional 2017 enhancements will include industry-leading anti-virus (AV) capabilities for known malware protection, virtual and cloud form factors, expanded behavioural analysis and machine learning capabilities to protect against unknown malware and exploits, and Linux support for server coverage.
FireEye Endpoint Security is built to speed up and simplify endpoint protection and response with high-fidelity alerts, context from FireEye iSIGHT Intelligence, and forensic and investigation capabilities scaled to hundreds of thousands of endpoints. This integration of prevention, detection and response capabilities in a single agent also greatly simplifies the customer deployment and lowers the performance impact on the endpoint.
“The endpoint has always been the most reliable source of truth for us and our customers. With over a decade of experience responding to some of the largest breaches in the world, we see where other products fail and can codify that intelligence into a comprehensive endpoint solution focused on simplicity and speed. The investments we are making in 2017 for our customers in Endpoint Security are significant, as it is a core component of the FireEye Helix platform and a huge opportunity for our business,” said Kevin Mandia, CEO, FireEye.
“FireEye is focused on developing a complete solution for our customers that reduces the multitude of agents running on their endpoints. This helps improve reliability and performance while simplifying and accelerating our customers’ ability to respond to threats,” said Grady Summers, CTO, FireEye. “Endpoint Security is already a proven leader in Endpoint Detection Response (EDR), and the addition of prevention in Exploit Guard with anti-virus solidifies that. Most importantly, our ability to take threat intelligence and rapidly turn that into new protections and features – such as with recent Shamoon 2.0 attacks – allows us to deliver the only Endpoint Protection Platform able to detect, prevent and respond to the threats others miss.”
Endpoint Security incorporates the intelligence-led detection and prevention capabilities that FireEye is well-known for in Network Security and applies these capabilities to the exploit prevention functionality in Endpoint Security. This approach complements FireEye’s leading EDR capabilities and enables faster incident response for our customers. The behavioural analysis engine that powers the new Exploit Guard prevention capability has shown in testing that it can detect and block 100 percent of the previously unknown exploits – without signatures or indicators – that were publicly reported in 2014, 2015 and 2016.
FireEye Endpoint Security safeguards against the threats missed by legacy and next-generation endpoint security products. And, with granular visibility into endpoint activity, security teams have the added benefit of being able to detail any incident in-depth, resulting in a real-time, intelligence-led endpoint response.
FireEye has entered an OEM relationship with a leading anti-virus solution to deliver customers comprehensive, simplified endpoint protection from threats – known and unknown – to further simplify security operations at no additional cost. Unlike many legacy or next-generation anti-virus solutions, customers will benefit from the advanced detection and response capabilities developed by and for the Mandiant Incident Response team and the context of these threats by FireEye iSIGHT Intelligence. This context helps prioritise and triage threats, giving security teams time to focus on more proactive work.
The integration of anti-virus is expected to occur during the first quarter of 2017 with additional progressive roll-out of other detection and prevention capabilities in the first half of 2017.
Scaleable, differentiated endpoint for Channel partners
For FireEye Partners, Endpoint Security can replace customer legacy endpoint products with a single agent that addresses compliance requirements. The endpoint security market is estimated by some to grow to more than $17B by 2020, representing a significant opportunity for channel partners worldwide. Partners can further differentiate Endpoint Security with FireEye by adding the powerful simplicity of Helix and a “single plane of glass” to process all their security alerts from all their products and focus on what matters most.
“Our endpoint solution gives our partners the best technology and a simplified sales process that demonstrates the value of working with FireEye,” said Chris Carter, VP of channels at FireEye. “We’re evolving quickly to be more channel friendly, and we’ll look to our partners to drive products like endpoint and Helix into the market where they can make a difference for customers on the front lines.”
For more information about these exciting new updates to FireEye Endpoint Security, watch our YouTube video.