Malware protection firm FireEye has teamed up with EMC’s RSA Security division through a new interoperability agreement that will leverage threat information from FireEye’s Malware Protection System (MPS) and feed that data into RSA’s NetWitness network monitoring platform.
The NetWitness platform, which EMC acquired in a deal announced in April 2011, provides network security monitoring and analysis solutions that help customers better understand what’s happening on their networks.
FireEye’s MPS security appliances analyze files using a Virtual Execution (VX) Engine that detects malicious code embedded in common file types. The File Malware Protection System can perform recursive, scheduled, and on-demand scanning of accessible network file shares to identify and quarantine malware present on enterprise networks.
“With the planned interoperability of the FireEye and RSA NetWitness solutions, joint customers will have greater visibility into the extent of previous network and system compromises and cyber attack tactics, and be able to take action to address similar cyber attacks that might occur in the future,” the company explained in a statement. “This future integration will also help security analysts investigate and remediate the compromised end systems.”
“With our next-generation threat protection, critical information gleaned from our appliances is crucial for security professionals to make informed decisions,” said Mihir Mohanty, director of product management at FireEye. “This interoperability partnership is a win for our joint customers because it saves them time and resources and increases their visibility within their security operations.”
“Enterprises demand insight into the impact of cyber attacks as they occur. The ability of our joint solutions to provide common customers with real-time, dynamic analysis of zero-day attacks, accurate incident scoping, and definitive answers, provides an extra benefit for customers looking to improve their security posture,” said Brian Girardi, senior director, product management of RSA.
In September, FireEye and Splunk, the software vendor that helps organizations gather and make use of machine data from multiple sources, announced Splunk for FireEye, an application that makes information on inbound and outbound events from FireEye appliances available within the Splunk console. Through that partnership, Splunk Enterprise is able to provide real-time continuous monitoring and trending of data being generated by FireEye’s appliances.