Modern Malware Defense

Wednesday, May 25, 2011

Ashar Aziz, founder of FireEye, recognized early on that custom malware, zero day threats, and drive by downloads could all slip by common defenses that most organizations have deployed (firewalls, IPS, AV).   

He built the technology needed to take all executables off the wire, and essentially unpack and run them in a mini-cloud of virtual emulators on a hardware appliance. 

By looking at what the software does in its intended environment (usually Windows) FireEye can determine if it is malicious or not and then allow it through or block it.

Over a year ago, FireEye added beaconing detection to its appliance. This has been the key to their recent fast track growth. 

 

Once installed on a customer's network they invariably discover previously downloaded malware attempting to "phone home" to command and control servers. 

The customers get the immediate value of discovering those infections and the ability to prevent future downloads of what Ashar calls modern malware.

Watch my interview with Ashar Aziz to learn more about FireEye.

Possibly Related Articles:
10589
Viruses & Malware
Information Security
Firewall Zero Day malware Defense Beaconing Detection FireEye
Post Rating I Like this!