FireEye Updates Email Security with New Threat Detection and Evasion Defenses Based on Insights from the Front Lines
On-premises email enhancements include executive impersonation protection, expanded URL protection, a new machine learning engine to detect emerging threats, password-protected image analysis, and guest image customization
“FireEye continues to keep pace with the most sophisticated attackers,”
Adding Executive Impersonation Protection to FireEye Email Security – Server Edition
Malware-less attacks are becoming an increasingly prevalent concern. In
“While executive impersonation protection has become a commonplace feature within cloud-based email security solutions, this has not been the case on-premises,” continued Bagnall. “We’ve added executive impersonation protection to FireEye Email Security – Server Edition as a direct response of customer feedback that they are seeing more impersonation emails getting through their existing security services. This update is designed to catch what other security solutions are missing.”
Executive names are commonly used as display names in fraudulent emails
to fool employees into taking action. This new
In addition to the executive impersonation protection capabilities, FireEye Email Security – Server Edition incorporates several other new features designed to combat emerging threat vectors while enhancing performance. These include:
- Attachment Detonation Customization (Guest Images): There is an increasing amount of malware programmed to execute under certain circumstances to evade sandbox detection. These evasion techniques typically limit file execution to behavior relating to the target organization. Administrators can now create a guest image which can ‘fool’ the file into executing, for example, creating browser history or defining ‘recently opened files’.
- Full URL Rewrite: This new security capability better protects end users from malicious links by rewriting all URLs contained in an email.
- Passwords in Images: In direct response to the latest attack
techniques seen by
FireEyeincident response teams, and a rapid innovation cycle, the advanced detection Multi-Vector Virtual Execution™ (MVX™) engine can now use passwords embedded as images within emails to analyze the related password-protected files. Most sandboxes are unable to analyze password-protected files.
- New Machine Learning Engine: FireEye’s recently launched
machine learning engine, MalwareGuard™, is now available for
FireEyeEmail Security – Server Edition. Under development for two years, this detection engine helps defend against emerging and new threats that often bypass traditional security solutions. Using machine learning models trained with data sets collected and labeled by FireEyeand Mandiant researchers from real-world attacks, MalwareGuard intelligently classifies malware without human involvement and before signatures are available.
These new features are now available in the latest version of
Combining a FireEye Threat Intelligence subscription with FireEye Email Security is the best way for organizations to establish the agility that is needed to stay one step ahead of attackers. Organizations can learn more about FireEye Threat Intelligence at www.fireeye.com/intelligence.