SOURCE: FireEye

January 27, 2015 08:01 ET

Viewfinity and FireEye Team to Provide Improved Security Event Analytics and Endpoint Visibility

New Joint Integration Accelerates Incident Response Capabilities and Helps Mitigate Privilege Execution by Combining Viewfinity Application and Endpoint Vulnerability Detection With Network Event Information From FireEye AX and the FireEye Threat Analytics Platform

LAS VEGAS, NV and WALTHAM, MA--(Marketwired - Jan 27, 2015) - FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today's advanced cyber attacks, and Viewfinity (www.viewfinity.com), the leading provider of next-generation application control and privilege management solutions, today announced an integration of Viewfinitiy's advanced endpoint protection solution with both the FireEye® Threat Analytics Platform™ (TAP™), a cloud-based security analytics platform, and the FireEye AX series, a group of forensic analysis platforms. The joint integration is designed to correlate suspect access to applications and endpoints with network-based indicators of compromise to detect attacks on a network exploiting excess privilege rights and provide in-depth forensic information to accelerate incident response and remediation. Viewfinity will demonstrate how the two solutions work together at the FireEye Momentum 2015 sales and partner conference.

"Unnecessary and excess privileges play a part of every major cyber attack as bad actors seek to gain access to endpoints and systems within an organization by exploiting administrator privileges," said Grady Summers, vice president of strategic solutions at FireEye. "By working with Viewfinity, we're able to combine security information from FireEye with Viewfinity's application and endpoint access data to surface malicious activity that's attempting to infiltrate via endpoint access. This endpoint to network security visibility is an instrumental component to stopping advance attacks."

With the joint integration, Viewfinity application and endpoint access data are correlated with enterprise-wide security and network threat information within FireEye TAP and FireEye AX,. Using FireEye TAP, security teams can view one dashboard with relevant threat data and prioritized by threat level. This centralized dashboard allows security teams to quickly identify malicious activity and, with the Viewfinity integration, enforce restricted execution of suspicious applications and block malware identified by TAP on the endpoint.

In the event an incident is observed, the integration between Viewfinity and FireEye AX provides in-depth data for forensic investigations. FireEye admins have access to Viewfinity application and endpoint data to submit suspicious files to be analyzed by FireEye AX, where the malware is executed using FireEye MVX™ technology, revealing a full replay of the kill chain in a secure, virtual environment. With that information, forensics experts can more effectively develop a targeted mitigation response.

Endpoint data from Viewfinity provides unique information related to the behavior of users and a timeline of events that provide more context for data in the FireEye analytics engine. With in-depth data, the respective solutions are able to proactively update policies to block confirmed bad files on both the endpoint and network level as well as accelerate response times, increasing the ability to contain and prevent future threats.

"Customers and prospects alike are eager to utilize this integration; it broadens and reinforces application control, endpoint security prevention, and network threat protection," explained Viewfinity CEO, Leonid Shtilman. "Near real-time detection of malicious activity and behavioral indicators lead to expedited incident response and improved attack prevention."

For more information on the integration, visit the Viewfinity booth at the FireEye Momentum Partner Showcast, Jan. 26 - 28, 2015 at the Cosmopolitan Hotel in Las Vegas.

About Viewfinity
Viewfinity's advanced endpoint protection solution focuses on lessening the impact of IT security breaches before, during and after an attack. Our core capabilities reduce the attack surface and proactively prevent advanced persistent threats by removing administrative rights and monitoring and classifying applications. Suspect software is cross-referenced with network security sandboxes and cloud databases to accelerate detection, incident response and remediation efforts. Follow-up threat investigations are pinpoint accurate due to our ancestry tracking forensics that trace back to the origin of an attack. Viewfinity has a unique remediation differentiator in its ability to locate all instances of software related to an attack and block from further execution and propagation on endpoints. For more information, visit www.viewfinity.com.

About FireEye, Inc.
FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 2,700 customers across 67 countries, including over 157 of the Fortune 500.

FireEye, Threat Analytics Platform, TAP and MVX are registered trademarks or trademarks of FireEye, Inc. in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.