FireEye offering APT-detection service to notify customers of stealthy attacks

FireEye today announced it has started providing a threat-detection and notification service called Oculus intended to warn the enterprise security manager whenever targeted attacks seek to undermine the network for cyber-espionage purposes. Such attacks are often called "advanced persistent threats," and may be attempts by nation states or their agents to penetrate a company to steal sensitive information, such as intellectual property.

The service is intended for customers of FireEye's malware-detection products which use a sandboxing technique to be able to detect zero-day malware. The Oculus service involves continuous monitoring by FireEye security personnel to be able to communicate directly with the enterprise security team about targeted attacks.

Poison ivy, used in RSA SecurID attack, still popular

The Oculus service is not a managed service in the sense of the management of the FireEye threat-detection products the customer may have. Rather, it's continuous monitoring of what the FireEye products spot, with FireEye staff analyzing events and notifying the enterprise of APT-style attacks.

Manish Gupta, senior vice president of products at FireEye, said his company will provide the enterprise with not only details on where the targeted attack originated but also where the APT is striking in other places around the world, and the history of that APT.

FireEye will provide specifics on what nation-state or other entity may be behind the APT. The Oculus service will sort out APT attacks based on industries impacted by them. FireEye is drawing its threat information from its own technical base of about 1,000 customers, as well as other sources.

The Oculus service will help the chief information security officer (CISO) provide more information to upper management at the company about specific threats targeting the organization to steal critical information, according to Gupta.

Oculus, available now, starts at about $400,000 per year.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: emessmer@nww.com

Read more about wide area network in Network World's Wide Area Network section.

Tags FireEyeWide Area NetworkIPSIDS

Show Comments