Says they address ‘advanced’ malware threats
Cybersecurity software and appliance vendor Sourcefire announced it has expanded its malware protection offerings to include new Incident Response Professional Services that it says assist customers in addressing advanced malware challenges.
The services enable customers to identify an event, evaluate the risk and determine the most effective approach to remediate, Sourcefire said. Experienced in incident response techniques, methodology and the actions of malicious code, the Sourcefire Incident Response Team helps customers eliminate uncertainty and make educated decisions for better protection – before, during and after an attack – the company claimed.
"Advanced malware protection is not just about having the right technologies in place but also the right response when the technologies identify an event," said Jonathan Goldberger, vice president of professional services for Sourcefire. "Our incident response service helps our customers bridge the knowledge and experience gap so that they can take a more proactive stance to identifying, mitigating and eliminating risks using the intelligence from FireAMP and advanced malware protection for FirePOWER."
"Given the inevitability of a security breach, large organisations must supplement Advanced Malware Detection/Prevention network and host-based controls with effective and efficient incident response policies, processes and metrics," said Jon Oltsik, senior principal analyst, Enterprise Strategy Group (ESG). "Many security solutions were designed for advanced malware detection and blocking alone, and lack the intelligence and integration necessary for incident detection and response. One notable exception of products and services comes from network security leader Sourcefire."
According to Sourcefire, FirePOWER and FireAMP use big data analytics and collective intelligence to deliver integrated malware protection from the network to end-devices. The Incident Response team helps customers use the intelligence these solutions provide, including forensic data, continuous file analysis, and visibility into file trajectory and behaviour, to make more informed security and incident response decisions across the malware lifecycle.
Read our 2012 Q&A with Sourcefire founder Marty Roesch here.