FireEye claims new approach to security software
FireEye is a US Company that is braving an entirely new approach to enterprise security.
Traditionally security vendors use a database of threat signatures to identify potential problems.
This approach relies upon the security vendor discovering a new threat, then your security software downloading the latest signature database.
The problem being that this process may leave your system or enterprise vulnerable for hours or days until the latest definitions are made available.
More recently for security threats that a signature doesn't already exist, security vendors have been using heuristics. This heuristic approach monitors many common signs for a threat but still leaves opportunities for innovative new types of security exploits.
The approach that FireEye is taking is different. It manufacturers hardware appliances that monitor your network traffic and runs each file discovered in a virtual environment.
This approach is often known as virtual sandboxing. In this virtual environment, time is accelerated, and the files are monitored to suspicious behaviour. Anything suspicious is flagged for a security analyst inside the organisation to investigate.
The solution is ideal for large organisations or government departments that don’t want any of their files to be sent offsite for analysis and that want to employee internal security analysts.
With over 95 new security vulnerabilities discovered each week and many Australian banks already using the vendor’s solution, FireEye looks ready for a big growth year in ANZ.
For more information visit FireEye's website.