Threat protection firm FireEye has announced a new targeted attack protection offering for Apple’s Mac OS X and iOS platforms.
Built on the Apple platform, FireEye says the new security solutions support Apple’s Mac OS X operating system for network protection, iOS for mobile protection, and enable analytics with forensic analysis for Apple products.
Mac support has now been incorporated into the FireEye Network Security Threat Prevention Platform (NX series), FireEye Forensic Analytics (AX series), FireEye Mobile Threat Prevention (MTP) and FireEye Investigation Analysis System (IAS).
The new solutions for Apple products, which are becoming more common in enterprise environments, rounds out FireEye’s product line, which now offers advanced threat protection for Microsoft, Apple and Google Android platforms.
According to Forrester Research, almost 50 percent of enterprises support Apple products, 21 percent of information workers use one or more Apple products for work, and executives and senior-level represent 41 percent of enterprise Apple users.
Not surprisingly, attackers follow these trends, and while the number of threats targeting Mac OS X and iOS is still insignificant when compared to Windows and Android threats, FireEye Labs said that it has witnessed “malware callbacks” from Macs increase 90 percent month over month from June 2013 to June 2014.
“As enterprises evolve and the Apple footprint grows within them, advanced threat actors are turning their attacks to Apple products to carry out their work,” said Manish Gupta, senior vice president of products at FireEye.
In early September, FireEye reported that a Windows backdoor (XSLCmd) used in numerous attacks by a certain threat actor group had been ported to Mac OS X (OSX.XSLCmd ) and fitted with new features.
Just this week, Apple updated its XProtect security feature to block malware dubbed “iWorm” that had infected more than 18,500 OS X machines as of Sept. 29.
“By supporting Apple, FireEye can now protect nearly all personal computers in the enterprise environment from advanced attacks,” said Jon Oltsik, senior principal analyst at Enterprise Strategy Group. “More importantly, since many executives, researchers and other VIPs who work with intellectual property are frequently Apple users, this new FireEye capability can help focus protection where it’s needed most — high-priority systems where sensitive data and expansive access privileges reside.”
The FireEye Multi-vector Virtual Execution (MVX) engine with support for Mac OS X is offered on the FireEye NX 7500 network security platform, the company said.
The FireEye MVX engine with Mac support performs multi-flow analysis of traffic flows, files, and Web objects to understand the full context of a cyber attack, FireEye explained.
Now with Apple support, the NX Series is designed to provide customers with additional benefits including:
• Zero-day and APT attack detection for Apple Mac OS X users to identify known and unknown threats and stops outbound malware communications
• Coverage from cyber attacks for Mac and Windows users on enterprise corporate networks, including reduced false-positives and unified management capabilities
• Integrated malware analysis and network monitoring for malicious images, PDFs, Flash or ZIP/RAR/TNEF archives to stop highly targeted attacks
For iOS protection, FireEye said it would offer a Mobile Threat Prevention App in Apple’s App Store, which will work with Mobile Threat Prevention Management to offer benefits including:
• Cloud-based analysis providing details on behavior, callbacks and live analysis for iOS apps
• Display of threat scores of iOS apps, detailing malicious or unwanted behavior within each app, and examining factors associated with endpoint device compromise.
The FireEye MTP app alerts mobile users to threats before an app is executed on their device.
The FireEye AX 5500 forensic analysis security platform will provide customers with enhanced global threat intelligence from the FireEye Dynamic Threat Intelligence (DTI) cloud with data drawn from attacks targeting Mac OS systems and the ability to correlate attacks across Microsoft Windows, Mac OS X, and Google Android platforms.
FireEye Advanced Threat Protection NX and AX with OS X support are available immediately, while the FireEye Mobile Threat Prevention App for iOS will be generally available by the end of 2014, FireEye Said.
Last month FireEye announced new offerings designed to provide customers with on-demand access to its cyber defense technology, intelligence, and analysts expertise on a subscription basis.