When I attend conferences, I'm always amazed at how many of the talks hype up the challenges and problems facing the information security community. S...
Throw me a Bone
April 8, 2014
I had the pleasure of attending the Secure Cloud 2014 conference this week. The presentations and discussions were quite interesting, and I was eager...
Clouds on the Horizon
April 8, 2014
A recent DarkReading article discussed the subject of the DNS "blind spot". That is a topic that has always interested me, and I would like to discuss...
DNS Blind Spot
April 8, 2014
FireEye Enters Agreement to Acquire nPulse Technologies
May 9, 2014
Combination Creates Industry’s First Solution to Deliver Enterprise Forensics From the Endpoint to the Network, Providing Visibility Across the Entire Attack Life Cycle and Accelerating Threat Response and Remediation
Milpitas, CA - May 6, 2014 – FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today's advanced cyber attacks, today announced the execution of a definitive agreement to acquire privately held nPulse Technologies, the performance leader in network forensics. The combination of the nPulse network forensics solution with the FireEye Security Platform will deliver the industry’s only Enterprise Forensics solution for visibility into the entire attack life cycle - from network intrusion to endpoint exploitation and lateral movement. The transaction is expected to close during the second quarter of 2014, subject to standard closing conditions.
With the acquisition, FireEye will further expand its security platform with the following:
- FireEye will offer the industry’s first Enterprise Forensics solution with a unified view of network to endpoint forensics, enabling enterprises to minimize risk and drive down mean time to resolution.
- The Enterprise Forensics solution, coupled with the FireEye threat analytics solution, will form a comprehensive intelligence platform.
- The FireEye Network Threat Prevention Platform combined with newly introduced IPS capabilities and the addition of nPulse’s forensics will offer a comprehensive threat management platform.
- The Enterprise Forensics solution together with FireEye Managed Defense™ will enable the industry’s most advanced managed service capabilities, bringing together deep visibility and rich context from Enterprise Forensics with active defense capabilities of the Managed Defense portfolio.
“The new reality of security is that every organization has some piece of malicious code within their network,” said David DeWalt, chairman of the board and chief executive officer of FireEye. “The more important question is has that code been able to execute any compromising activity that puts the organization at risk, and if so, what data left the network? With the addition of the nPulse solution, the FireEye platform will have a “flight recorder” for security analytics. By incorporating real-time breach information from the endpoint and the network, we’re building a single platform to provide the most in-depth attack information and the right data to protect and remediate before a compromise turns catastrophic.”
The nPulse product portfolio provides full packet capture and indexing for ultra-fast search and analysis of network traffic. When combined with the endpoint products acquired from Mandiant, FireEye will be able to offer customers Enterprise Forensics capabilities across both gateway and endpoint nodes. With the addition of deep analytic capabilities, FireEye will continue to redefine the security architecture, providing customers with a single security platform that delivers precise alerts with detailed forensic data on the full scope of an attack.
Using high-quality forensics and validated alerts, customers will have the ability to detect and prevent data loss. In the event of a breach, detailed attack information is recorded to track the full scope of a breach so security teams can move quickly to incident response and remediation, saving hours of investigation time and reducing operational expense. Following a breach investigation, organizations have a detailed report of breach activity and, when necessary, the ability to disclose investigation results with confidence.
“With this acquisition, FireEye continues to align its endpoint security offerings with emerging requirements,” said Jon Oltsik, senior principal analyst at ESG. “Today, enterprises need as much insight into breaches to understand them in tremendous detail. By combining endpoint and network visibility, FireEye gives security teams the information they require to respond to attacks and remediate threats of advanced attacks quickly with the right intelligence, analytics, and automation."
The key to the nPulse solution is the ability to capture full packets at high speeds and index them in real time, enabling big-data analytics and rapid search capabilities paired with layer seven visibility. Well-maintained perimeter defenses are a critical part of any security strategy, but as attacks grow more sophisticated, quickly analyzing persistent threats and incident response for advanced malware breaches is a necessity. nPulse complements the existing FireEye Web and email products by augmenting the FireEye Multi-vector Virtual Execution™ (MVX) technology with deep analytics. Once attempted malware downloads or callbacks are detected, the priority shifts to a thorough analysis of what may have been missed during the lifetime of the breach, and any activity from potentially infected clients. The nPulse solution also enables expeditious reconstruction of the kill chain and is designed to perform at 10 Gbps full duplex, providing capture, inspection, and exposing indications of compromise within minutes. For the Mandiant services team, the addition of of nPulse’s network forensics solution will result in faster incident response capabilities and enable more detailed data for the Managed Defense service.
“When we established a partnership with FireEye, our customers immediately realized the value of having comprehensive threat information in one central dashboard,” said Tim Sullivan, president and chief executive officer of nPulse Technologies. “As the security industry evolves, customers are looking for one trusted partner to provide a comprehensive solution that provides threat data as well as a path to remediation. We’re looking forward to joining the FireEye team and helping to transform the security industry.”