Automatically Detonates and Analyzes Files on Endpoints and Servers, Prioritizes Alerts, Speeds Investigation and Accelerates Remediation
WALTHAM, Mass.—May 21, 2013—Bit9, the leader in Next-generation Endpoint and Server Security, today announced the introduction of the Bit9 Connector for FireEye, the first solution to combine network security with real-time, continuous endpoint and server monitoring and recording. The Bit9 Connector for FireEye delivers four significant enterprise security firsts:
- It is the FIRST solution to automatically enforce endpoint and server protection based on detonation results from FireEye.
- It is the FIRST solution that can automatically retrieve any file on any system and submit it to FireEye for detonation and, if it’s determined to be malicious, prevent it from ever executing again.
- It is the FIRST solution to combine a real-time endpoint sensor and continuous recorder with FireEye’s network security to automatically prioritize actionable alerts.
- It is the FIRST solution to provide real-time enterprise-wide visibility into all endpoints and servers infected by malware discovered by FireEye.
Traditional security solutions are ineffective against today’s advanced threats, especially zero-day and targeted attacks. Network security solutions and endpoint/server security solutions can no longer operate in silos; they must work together to deliver complete actionable intelligence from the network to endpoints and servers.
The Bit9 Connector for FireEye delivers real-time security for two major use cases:
1. Files that arrive on the network are automatically detonated by FireEye with malware alerts sent to the Bit9 Platform. These detonation results are immediately correlated with Bit9’s up-to-the-second endpoint and server data to confirm the location, scope and severity of the threat across the enterprise. This enables security teams to:
- Prioritize network alerts based on how many machines have been infected and if the malware has executed.
- Investigate the scope of threats using the recorded details of every endpoint and server to trace the root cause and progression of the attack.
- Remediate endpoints and servers by knowing precisely which machines are impacted and need attention and automatically ban files from executing based on FireEye-detected malware.
2. Bit9 can retrieve any file from any endpoint or server—automatically or on-demand—and have FireEye detonate it to analyze the file and assess its risk level. This enables security teams to:
- Ensure every new file on any endpoint or server is safe. Security teams can also write rules to determine which files should be automatically submitted to maximize coverage while minimizing network traffic.
- Analyze any file on any endpoint or server with just a few clicks. Often security analysts need to determine the risk level of a particular file. Now they can use Bit9 to retrieve the file from any endpoint or server and directly submit it to FireEye for detonation.
- Automatically block the execution of files on endpoints or servers based on detonation results. Bit9 can automatically ensure that any file deemed malicious by FireEye can never execute again throughout the enterprise.
Bit9 Executive Quote: Brian Hazzard, vice president of product management
“Attacks are becoming increasingly sophisticated and stopping them requires innovation. Legacy antivirus solutions can’t stop these advanced threats. Our customers asked us to deliver a solution that effectively integrates FireEye with our next-generation endpoint and server security. The Bit9 Connector for FireEye is a game-changer. Now security teams can prioritize FireEye alerts and investigate events in minutes. This product combination can automatically retrieve any new file arriving on any endpoint or server and submit it to FireEye for analysis and, if it’s malicious, automatically ensure it can never execute again in their enterprise. This truly represents the next generation of endpoint and server security.”
FireEye Executive Quote: Dave DeWalt, chairman of the board and CEO
“FireEye is pleased to work with Bit9 to offer our mutual customers a comprehensive end-to-end security solution that combines our industry-leading capabilities in network and endpoint security. Increasingly, organizations want to modernize their security strategies to counter the relentless tide of advanced threats coming from nation-states, hacktivists and cybercriminals. This integration is an important step toward helping enterprises build a better defense against today’s attackers.”
Analyst Quote: Scott Crawford, managing research director, security & risk management
“Bit9’s integration with FireEye to prioritize alerts and share data and intelligence across systems in real time gives enterprise security teams more complete visibility into attacks that target their environment. The Bit9 Connector’s ability to retrieve files from endpoints and servers and submit them to FireEye for analysis further demonstrates the two vendors’ commitment to closing gaps in enterprise defenses that remain too often fragmented, uniting modern network defense with proactive protection for endpoints and servers and challenging the status quo.”
Pricing and Availability
The Bit9 Connector is available immediately. An Early Access Program offering priority access and financial savings is available until June 30, 2013. Click here for details.
Brian Hazzard on the customer benefits of the Bit9 Connector
The Bit9 Security Platform is the only next-generation endpoint and server security solution that continuously monitors and records all activity on endpoints and servers and stops cyber threats that evade traditional security defenses. Bit9’s real-time sensor and recorder, real-time enforcement engine, and cloud-based services provide the most reliable form of endpoint and server security and deliver value within days of implementation. This combination gives organizations immediate visibility to everything running on their endpoints and servers; real-time signature-less detection of and protection against advanced threats; and a recorded history of all endpoint and server activity for deep forensics. Security teams use Bit9’s integration with network security devices such as FireEye and Palo Alto Networks to accelerate incident response and ensure all files arriving on endpoints and servers are safe. Bit9 has stopped the most advanced attacks, including Flame, Gauss, and the malware responsible for the RSA breach. One thousand organizations worldwide—from 25 Fortune 100 companies to small businesses—use Bit9 to increase security, reduce operational costs, and improve compliance.