Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Sourcefire Enhances Malware Protection Portfolio to Track Malware Movement

On Monday, Sourcefire announced improvements to its Advanced Malware Protection (AMP) portfolio, which aims to offer customers more visibility into attack activity. This additional insight, the company said, will enable clients to detect, remediate, and control malware outbreaks faster.

On Monday, Sourcefire announced improvements to its Advanced Malware Protection (AMP) portfolio, which aims to offer customers more visibility into attack activity. This additional insight, the company said, will enable clients to detect, remediate, and control malware outbreaks faster.

“Even organizations which are diligent in their security measures realize that breaches are entirely too likely in the face of modern threats and they need solutions that help them deal with malware before, during and after an attack,” said Martin Roesch, Sourcefire founder and CTO, in a statement.

Sourcefire AMPSourcefire’s new Network File Trajectory and Device Trajectory allow customers to determine the scope of an attack, helping them track the malware across the network and down to a system level. This in turn helps security teams locate malware point-of-entry, propagation and behavior.

Moreover, Sourcefire’s Indicators of Compromise (IoC) correlates malware intelligence and other events to determine if a system is compromised – at a glance. This, the company said, helps security teams remain agile when investigating a potential incident. In addition, the trajectory and IoC features leverage the captured network activity to accelerate investigation and compromise prioritization.

Network File Trajectory is available as part of Sourcefire’s AMP for FirePOWER software license, which can be added to their Next Gen IPS or Firewall, or as a dedicated appliance. Device Trajectory is available as part of the FireAMP host-based protection for endpoints and virtual networks.

Further information is available online.

Related: Sourcefire Unveils Malware Protection Appliance

Related: Sourcefire Launches Incident Response Services

Advertisement. Scroll to continue reading.

Related: Preparing for an Attack –  5 Tips for Organizations

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.