On Monday, Sourcefire announced improvements to its Advanced Malware Protection (AMP) portfolio, which aims to offer customers more visibility into attack activity. This additional insight, the company said, will enable clients to detect, remediate, and control malware outbreaks faster.
“Even organizations which are diligent in their security measures realize that breaches are entirely too likely in the face of modern threats and they need solutions that help them deal with malware before, during and after an attack,” said Martin Roesch, Sourcefire founder and CTO, in a statement.
Sourcefire’s new Network File Trajectory and Device Trajectory allow customers to determine the scope of an attack, helping them track the malware across the network and down to a system level. This in turn helps security teams locate malware point-of-entry, propagation and behavior.
Moreover, Sourcefire’s Indicators of Compromise (IoC) correlates malware intelligence and other events to determine if a system is compromised – at a glance. This, the company said, helps security teams remain agile when investigating a potential incident. In addition, the trajectory and IoC features leverage the captured network activity to accelerate investigation and compromise prioritization.
Network File Trajectory is available as part of Sourcefire’s AMP for FirePOWER software license, which can be added to their Next Gen IPS or Firewall, or as a dedicated appliance. Device Trajectory is available as part of the FireAMP host-based protection for endpoints and virtual networks.
Further information is available online.
Related: Sourcefire Unveils Malware Protection Appliance
