FireEye Announces Availability of Splunk for FireEye, a New Application to Enable Customers to Further Consolidate and Correlate Analytics on Cyber Attacks
Application Gives Businesses Long-Term Trending and Analytics With FireEye Data
(firmenpresse) - MILPITAS, CA -- (Marketwire) -- 09/13/12 -- , the leader in stopping advanced cyber attacks, and (NASDAQ: SPLK), the leading provider of software for real-time operational intelligence, today announced the availability of the Splunk® for FireEye application. Information on inbound and outbound events from FireEye appliances is now available within the Splunk Enterprise console.
With this application, Splunk Enterprise provides real-time continuous monitoring and trending of FireEye customer data, along with support for real-time alerting. This allows users to visualize and express long-term trends that aid with the prioritization of incident response activities, as well as set and monitor key performance metrics.
"With our next-generation threat protection, critical information gleaned from our appliance is crucial for security professionals to make informed decisions," said Ashar Aziz, FireEye founder and CEO. "This application is a win for our joint customers by saving them time and increasing their visibility into their security operations."
"Enterprises demand tools that give them insight into events as they occur. FireEye is a leader in providing dynamic analysis and blocking of zero-day attacks," said Bill Gaylord, senior vice president of business development at Splunk. "There is an incredible amount of security data generated by FireEye's products that companies can use to improve their security posture. Splunk software can ingest a comprehensive analysis of malware to ultimately provide security professionals the ability to correlate this data with other activity in their environment to proactively monitor for and detect these elusive threats."
The Splunk for FireEye application provides comprehensive reports for monitoring malware distribution and callbacks, infection types over time, and the number of infected systems. Included in the reports are dashboards that show the number of inbound infections by host IP over time and the number of callbacks over time by malware name. Users are able to examine a discovered piece of malware in a number of ways, including:
provides an overview of a specific piece of malware including its name, number of callbacks, source and destination, and port and protocol used.
: provides a view of each of the callbacks as a transaction, identifying the source and destination, the severity, and the infection source port.
includes HTTP (layer-7) information along with the URI, HTTP version, user agent (browser version), and the action (GET or POST).
: provides an "over-time" graphical view of communication (ports and IPs) between the malware and its C2 destination.
passes the time of a particular malware activity to Splunk, which launches a search for other activities happening at that same time.
Visit for more information on FireEye next-generation threat protection.
FireEye is the that use advanced malware, zero-day exploits, and APT tactics. The supplement traditional and next-generation firewalls, IPS, anti-virus, and gateways, which cannot stop advanced threats, leaving security holes in networks. FireEye offers the industry's only solution that detects and blocks attacks across both Web and email threat vectors as well as latent malware resident on file shares. It addresses all stages of an attack lifecycle with a signature-less engine utilizing stateful attack analysis to detect zero-day threats. Based in Milpitas, California, FireEye is backed by premier financial partners including Sequoia Capital, Norwest Venture Partners, and Juniper Networks.
(NASDAQ: SPLK) provides the engine for machine data™. Splunk® software collects, indexes and harnesses the machine-generated big data coming from the websites, applications, servers, networks and mobile devices that power business. Splunk software enables organizations to monitor, search, analyze, visualize and act on massive streams of real-time and historical machine data. More than 4,400 enterprises, universities, government agencies and service providers in over 80 countries use Splunk Enterprise to gain operational intelligence that deepens business and customer understanding, improves service and uptime, reduces cost and mitigates cyber-security risk.
FireEye is a registered trademark of FireEye, Inc. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.
FireEye
Lisa Matichak
+1.408.321.6300
LEWIS Pulse
Katherine Nellums
+1.415.432.2451
Themen in dieser Pressemitteilung:
Unternehmensinformation / Kurzprofil:
Datum: 13.09.2012 - 12:00 Uhr
Sprache: Deutsch
News-ID 183053
Anzahl Zeichen: 0
contact information:
Town:
MILPITAS, CA
Kategorie:
Internet
Diese Pressemitteilung wurde bisher 233 mal aufgerufen.
Die Pressemitteilung mit dem Titel:
"FireEye Announces Availability of Splunk for FireEye, a New Application to Enable Customers to Further Consolidate and Correlate Analytics on Cyber Attacks"
steht unter der journalistisch-redaktionellen Verantwortung von
FireEye, Inc. (Nachricht senden)
Beachten Sie bitte die weiteren Informationen zum Haftungsauschluß (gemäß TMG - TeleMedianGesetz) und dem Datenschutz (gemäß der DSGVO).
