The FireEye Malware Protection System (MPS) accurately blocks Modern Malware, such as Trojans, bots, crimeware, and advanced persistent threats, in real-time using an advanced multi-phase analysis engine to capture and confirm zero-day malware and targeted attacks. At the core of each security appliance are the FireEye Malware-VM™ and Malware-Callback™ technologies, which combines inbound and outbound filtering to break the malware infection lifecycle.
KEY TECHNOLOGY FEATURES:
- Multi-stage inspection and blocking engine that stops known and zero-day attacks while simultaneously eliminating false positives. The multi-stage inspection process unifies virtualization and network security to accurately block Modern Malware that are used to penetrate networks and steal resources and sensitive data
- Malware-VM analysis utilizes proprietary and trade secret virtualization technology to analyze and confirm true, zero-day malware, such as Trojans, targeted attacks, bots, VM-aware malware, and advanced, persistent threats
- Malware-Callback filter blocks outbound callbacks based on local malware intelligence from the Malware-VM analysis as well as based on global malware intelligence provided by the MAX Cloud Intelligence network
Newly discovered malware is installed to completion within the FireEye Malware-VM filter so that malware file locations, new registry keys, corrupted DLL’s, etc. are all tracked in addition to outbound, callback destinations. Now, analysis of polymorphic Modern Malware can be reliably automated to create dynamic blocking of inbound zero-day attacks and its outbound transmissions. Local zero-day malware intelligence is dynamically-generated by each Malware-VM filter to provide real-time malware forensics used to protect the local network. This analysis can be shared globally through the MAX Cloud Intelligence network for use by all subscribers to stop data and resource thefts.
[media = 6]