• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
FireEye
 

FireEye

on

  • 5,587 views

FireEye, Inc. is the leader in network malware control, dedicated to eradicating malware from the world's networks. FireEye provides the world's only malware control system designed to secure networks ...

FireEye, Inc. is the leader in network malware control, dedicated to eradicating malware from the world's networks. FireEye provides the world's only malware control system designed to secure networks from targeted malware. Our solutions bring advanced network security together with state-of-the-art virtualization technology to combat crimeware and protect customer data, intellectual property and company resources, solving critical business needs without taxing your IT administration. FireEye is based in Menlo Park, CA and backed by Sequoia Capital and Norwest Venture Partners. For more details, visit http://www.fireeye.com.

Statistics

Views

Total Views
5,587
Views on SlideShare
5,574
Embed Views
13

Actions

Likes
4
Downloads
0
Comments
0

3 Embeds 13

http://www.lovemytool.com 7
http://www.gigamon.com 5
http://www.slideshare.net 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

FireEye FireEye Presentation Transcript

  • FireEye Network Malware Control System Chad Harrington VP of Marketing
  • Overview Crimeware’s rise to prominence Traditional security barriers collapsing FireEye Network Malware Control System
  • Understanding Crimeware
    • Targeted malware for profit
    • Funded by criminal orgs & online markets
    • Allows remote control by external parties
    Cybercrime now ranks among the FBI’s top priorities behind terrorism & espionage. Computer-based crimes caused $14.2 billion in damages to businesses around the globe in 2005
  • The Crimeware Economy
  • Impact of Crimeware Attacks
    • Bottom line losses
      • Product/service theft
      • Intellectual property stolen
      • PC & bandwidth exploited
    • Liability & clean-up
      • Customer notifications & lawsuits
      • Data restoration & downtime
    • Brand erosion & loss of customers
      • 20% of notified customers have ended business relationship due to breach
  • How Does Targeted Malware Infiltrate?
    • Common vectors
    • Mobile laptop
    • Employee home machine
    • 3 rd party, guest PC
    • Enterprise desktop
    1 Customized attack
  • How Does Targeted Malware Infiltrate? 2 Customized attack Command & control
    • Remote Control Established
    • Begin probing network
    • Identify high-value victims
    • Install additional malware
    • Steal data & information
  • How Does Targeted Malware Infiltrate? Targeted infiltration 3 Customized attack Command & control
  • How Does Targeted Malware Infiltrate?
    • Keyloggers
    • Password crackers
    • Trojans
    • Spam/Phishbots
    4 Customized attack Command & control
  • Traditional Security Barriers Collapsing
    • Crimeware is designed to escape attention
    • Exploits bypass traditional security, such as
      • Firewalls – use open ports
      • Antivirus – be slightly new & different
      • Anomaly detectors – remain calm & look normal
    “ Botnet worm infections can occur even when the impacted organization has the very latest antivirus signatures and is automatically pushing out OS and application patches .” US-CERT whitepaper
  • Targeted Malware Simply Undetectable by Traditional Security Techniques Targeted malware has 2 to 6 year window Window of Exploitability Signature or Patch Released Vulnerable Software Released Vulnerability Discovered/ Disclosed
  • Fire FireEye Network Malware Control System
    • Stops botnet & malware infiltration others do not
    • Ensures only compliant PCs gain network access
    • Continuous network traffic analysis
    • Automatic prevention & enforcement
  • What is Network Malware Control? Ensure Compliance On-connect network access controls ensures only compliant machines gain network access Continuous Analysis Continuous analysis of network activities for botnet transmissions & infection attempts Automatic Enforcement Automatically filter out malicious packets, botnet transmissions, and block infected machines
  • Ensure Compliant Network Access Remote & Wireless users LAN users WAN/VPN Internet Wireless Network access controls - Limit network access to machines with updated AV signatures & OS patches
  • Continuous Analysis using the FireEye Attack Confirmation Technology (FACT) An infinite supply of virtual victim machines analyzes network traffic flows for targeted attacks Mirrored network traffic flows
  • Automated Prevention & Enforcement Switches Close off / restrict network access to infected machines to protect customer data and company resources Mobility controllers MAC exclusion, VLAN re-assignment to block infected machines from network Packet filtering Productive traffic can continue to flow, but malicious traffic is blocked Internet
  • Typical FireEye Deployments Backbone WAN Internet Data Center Eliminate Network Borne Crimeware from Wireless Users Protect Data Center Windows Servers from Crimeware Eliminate Crimeware From Infiltrating from Internet Eliminate Network Borne Crimeware From Remote Branch Offices and Stores
  • The FireEye Ecosystem
    • Active collaboration with law enforcement, industry, & security researchers to root out crimeware
      • Law enforcement & Military
      • Research institutions
      • Industry participants
      • Enterprise customers
      • Internet Service Providers
  • About FireEye, Inc.
    • Dedicated to eradicating malware from the world’s networks
    • Based in Menlo Park, CA
    • Led by an experienced team from Sun, Cisco, Aruba, Symantec, Check Point, & McAfee
    • Online at www.fireeye.com
  • www.fireeye.com