Quick navigation

FireEye

FireEye EndPoint Security

Integrated endpoint protection platform to maximize threat prevention automation and facilitate proactive endpoint protection against known and advanced threats

Website

Main categories

Data Security

Endpoint Security

Security Operations & Incident Response

Sub categories

Endpoint Data Loss Prevention (DLP)

Endpoint Detection and Response (EDR)

Endpoint Intrusion Prevention

Content, File and Endpoint Forensics

behavioral threat detection

behavioral analytics

behavioral user analytics

Deployment modus

On-premise

Cloud

Hardware Appliance

Virtual Appliance

Value Proposition

Problem

Although endpoint protection platforms (EPP) continue to rely on the decades-old technology that was part of their original design, cyber threats are forcing a change. You cannot afford to settle for standard endpoint security products. As attack methodologies have evolved, endpoint security has continued to adapt based on several insights: The static, reactive approach of signature-based security and machine learning programming are no longer sufficient. Encryption, vulnerability assessment and data loss prevention (DLP) capabilities add value, but don’t close the security gap. Comprehensive visibility, intelligence, behavior analysis and automation are critical to the future of endpoint security.

Solution

FireEye Endpoint is an integrated endpoint protection platform designed to maximize threat prevention automation and facilitate proactive endpoint protection against known and advanced threats. It reduces alert fatigue enabling analysts focus on responding to critical alerts by utilizing details on the who, what, where, when and how of a threat. FireEye Endpoint collects detailed endpoint event data providing analysts necessary information regarding any endpoint threat. It’s an integrated endpoint solution for analysts to conduct detailed inspection and analysis of threat activity, create appropriate responses in real-time, all within a unified management workflow that utilizes a powerful single endpoint agent

Features

Fully integrated malware protection (antivirus (AV) defenses), remediation, behavior analysis, intelligence and endpoint visibility
Detect and prevent hidden endpoint exploit processes
Extend threat intelligence to every endpoint
Complete endpoint visibility to identify the root cause of an alert and conducting deep analyses of a threat to determine its threat state
Allows you to inspect and analyze present and past alerts at any endpoint for thorough forensic investigation and the best response

Provides integrated protection to onsite and remote endpoints with a tamper proof agent as well as on-access scanning (real-time) of all file types using signatures, heuristics, generic detection and emulation (sandbox) and on-demand (scheduled) scans for full, quick memory and MBF scanning.
Immediately isolate compromised devices with a single click to stop an attack and prevent it from spreading laterally or becoming a greater threat in some other way

Supporting Technology

Fully integrated malware protection (antivirus (AV) defenses), remediation, behavior analysis, intelligence and endpoint visibility
Triage and Audit Viewer to conduct exhaustive inspection and analysis of threat indicators with integrated
Enterprise Security Search to rapidly search for, find and determine actions of suspicious activity and threats

Data Acquisition to conduct detailed in-depth endpoint inspection and analysis over specific time frame
Exploit Guard: a flexible, data-driven exploit behavioral intelligence
Lookback cache that allows you to inspect and analyze present and past alerts at any endpoint for thorough forensic investigation and the best response