… the basics and doing them a little better than you have been, and perhaps advancing some of your protocols,” he said.
There are a lot of opportunities for the channel to help companies fight off SamSam, Wisniewski said.
“We think that sadly this might be a template for other criminals to start copycatting just because it’s making so darn much money,” he said. “So I don’t think this type of problem is going to go away. It certainly is an opportunity for the channel to really double down on focusing [on] perimeter protection for those servers and stuff especially because that really seems to the be modus operandi in these groups. It’s not as much tricking people to open email that we’ve seen so much of this year. They’re really looking at the perimeter and seeing how they can get past that firewall [to] … exploit those servers … as a way to hold the whole company hostage. Because we’re still dependent on those servers for e-commerce and file sharing, and other things. So rather than hitting all the workstations, that seems to be more effective for them.”
FireEye has added MalwareGuard – a new advanced machine-learning-based detection and prevention engine – to its endpoint-security offering.
MalwareGuard is designed to help detect and block cyber threats to provide customers an added level of protection to stop attacks and protect customer information, sensitive data and intellectual property, the company said.
Phil Montgomery, FireEye’s vice president of product marketing, tells us his company’s new per-user pricing and channel focus allow partners to deliver to customers the “best endpoint solution in the market, with the highest level of protection.”
“In addition, we have strong endpoint detection and response (EDR) capabilities, which provides opportunities for partners to investigate endpoint threats and attacks, and respond to breaches,” he said. “This allows partners to build out the services side of their business.”
While machine learning is nothing new, it is “only as good as the data set that it is based on,” Montgomery said.
“We spent two years training our MalwareGuard model on unique, real-world public and private data from the front lines,” he said. “When combined with our firsthand knowledge of the threat landscape, this gives partners a significant advantage that’s not available elsewhere. Further, our FireEye Helix security-operations platform sits at the center of it all, making it easier for partners to integrate security tools from both FireEye and third parties into a security operations center (SOC) platform, simplifying management from alert to fix.”
Cofense, formerly PhishMe, has released its phishing-specific orchestration, automation and response (SOAR) platform designed to allow organizations to respond to phishing threats faster and with fewer resources.
The platform combines the capabilities of an improved Cofense Triage with a new product, Cofense Vision, which helps mitigate identified threats and potential impact by determining where else a potentially malicious email is lurking within an organization. It stores indexes and enriches email messages for …