Cyber threat protection and intelligence firm FireEye this week launched new cloud-based network security and threat intelligence offerings amid improving finances.
The new products include MVX Smart Grid, Cloud MVX and enhanced iSIGHT, while the latest financial results show better than expected figures. Losses for the third quarter of 2016 were $122.1 million, its earnings report released Thursday shows. The company’s share value immediately jumped 14%; but remains almost 50% down from the 52 week high.
FireEye is hoping that the new products mark the turning point in a difficult year. In May 2016 incumbent CEO Dave DeWalt announced he would step aside and be replaced by Kevin Mandia who joined FireEye when it purchased Mandiant for $1 billion in 2014. Mandia very quickly announced company restructuring that would lead to the loss of up to 400 employees (it turned out to be nearer 350) following a $139.32 million loss for the second quarter ended June 30.
The troubles have been blamed on a change in the threat environment, with apparently fewer of the large scale attacks that have fueled Mandiant’s typically $1 million consulting/forensic charges, and more of the small but painful attacks typified by ransomware. There may also be an element of geographical shift — Mandiant originally excelled in detecting attacks from China while the focus now has shifted to Russia.
The restructuring and now the new products are designed to adapt to the new circumstances, with FireEye making its products available to a wider audience through lower costs. Extra emphasis on building channel sales is also being made.
MVX Smart Grid and Cloud MVX were designed to simplify and integrate security for large, distributed enterprises and mid-market organizations at lower cost with flexible deployment options. The intent for MVX Cloud was announced back in August, when it was described as being targeted at smaller price-sensitive customers. “We believe that these solutions will open new markets as we have greater price flexibility and multiple deployment options,” Mandia said at the time.
MVX is FireEye’s Multi-Vector Virtual Execution engine. It allows suspect files to execute in a virtual machine environment, capturing the behavior and context and determining whether they are malicious. FireEye claims, “The unique machine learning and analytics of the MVX engine deliver automated threat detection and blocking that generic sandboxes, endpoint solutions, and other products miss or hide among high false positives.” The cloud version makes this option available to smaller organizations.
The MVX Smart Grid is re-engineered to make it particularly effective for campuses, branch offices and remote users. The new development of hardware and virtual Smart Nodes (which are also used with Cloud MVX) analyze internet traffic to detect and block threats using techniques such as static analysis, analytics, IPS, applied intelligence. The MVX engine performs core dynamic analysis.
FireEye’s iSIGHT Intelligence options have also been enhanced (FireEye acquired iSIGHT Partners in January 2016). There are now five role-based offerings: Tactical (for better prioritized customer alerts); Operational (to add operational context around alerts); Fusion (to provide situational awareness, past, present and predictive); Executive (to help leadership understand the company’s true threat profile); and Vulnerability (to help organizations optimize vulnerability and patch management).
FireEye also announced that iSIGHT is now available to Microsoft enterprise users through Windows Defender Advanced Threat Protection (WDATP).
“As two security leaders working together,” commented Moti Gindi, general manager for Windows Cyber Defense, “the combined Microsoft and FireEye adversary-based security intelligence ensures WDATP detections can provide the right context needed to prepare for and simplify response to attacks.”
Finally, a new Audit Viewer addition to the FireEye Endpoint Security product (HX) provides access to forensic endpoint information from a single endpoint dashboard. “When combined with the existing HX capabilities and the integration into Cloud MVX,” claims FireEye, “this allows analysts to optimize their time and minimizes errors by allowing for an integrated detection to investigation to response workflow without ever needing to flip between multiple systems.”
“The completely rearchitected MVX Smart Grid, new Cloud MVX and FireEye platform integrations with TAP and HX,” says FireEye’s CTO Grady Summers, “detect threats that generic sandboxes, endpoint solutions, and other products miss. The new role-based intelligence provides the simplest way to act on and integrate cyber threat intelligence across security operations.”
Cloud MVX is expected to be available later this month, and MVX Smart Grid is currently available worldwide, FireEye said.