Adaptive, Intelligent, Scalable Defense Against Email-borne Threats.
Most cyber attacks begin with a single email. And traditional email security systems often fail to detect ransomware, sender impersonation, credential harvesting, and other malicious links and malware-laden attachments in those emails.
FireEye Email Security:
With 2.6 billion emails exchanged every day, cyber criminals increasingly choose to hide malicious links and attachments in email to evade spam filters, antivirus (AV) software and traditional email security measures. In fact, 91% of cyber crimes begin with a single email.
Many email security products cannot detect or prevent spear-phishing email campaigns. Using email, threat actors can gain access to an organization’s most sensitive and important information and people. From ransomware and exfiltrating proprietary data, to harvesting credentials throughout the organization, email is a reliable and effective delivery method for advanced, targeted attacks. The malware that email leads to can stealthily establish a foothold in companies and operate for months before being detected.
Outdated email defenses such as commodity intelligence, spam filters and AV software give companies a false sense of security. Attackers take advantage of their overconfidence. Through well-researched social engineering, they craft spear phishing messages that can convince even the most knowledgeable users to click on a link or open an attachment. Spear phishing is the tool of choice of sophisticated criminals and the first step of targeted attacks that may include ransomware, sender impersonation and credential harvesting.
Ransomware attacks via email are becoming more prominent and effective. Ransomware, once activated, encrypts victim data or computing resources, preventing the victim from accessing those resources until a ransom is paid, usually with untraceable cyber currency such as Bitcoin. The custom encryption used in these attacks can frustrate even law enforcement agencies. FireEye Email Security automatically protects organizations from ransomware by preventing malicious email from reaching intended targets.
Highly advanced threat actors will also often devise attacks that shift from email traffic to internet or intranet traffic to quietly infect other machines or communicate with command and control servers. These multi-flow, multi-stage attacks are nearly impossible for traditional security solutions to pinpoint. Such solutions only look for specific bits of code or obvious signs of a compromise. A critical individual step in the attack process may be completely ignored as innocuous.
Without the ability to identify, analyze and expose targeted campaigns, attacks cannot be stopped before they reach their victims. FireEye email security solutions close this security gap. They are powered by up-to-the-minute, comprehensive FireEye intelligence and proactive inspection of emails for zero-day exploits, malware hidden in archive attachments, malicious URLs and behavior anomalies.
FireEye email security solutions reduce the risk of email-borne cyber attacks on your people, data and assets to protect your brand and reputation. Because FireEye email security solutions are easy to deploy and configure, they enable you to reduce operational costs and increase the effectiveness of your security teams.
The FireEye EX series is an on-premise appliance that protects organizations from advanced email attacks. To block spear-phishing emails, FireEye Email Security analyzes every attachment and URL using the purpose-built FireEye Multi-Vector Virtual Execution (MVX) engine.
Email Security can include comprehensive FireEye threat intelligence as an option, which includes real-time updates from the entire FireEye security ecosystem combined with attribution of alerts to known threat actors — valuable context that only FireEye can provide.
Email Security also supports importing custom YARA rules to analyze organization-specific threats.
With no hardware or software to install, FireEye Email Threat Prevention Cloud (EPT) is an ideal solution for organizations migrating their email — either partially or completely — to the cloud. It eliminates complexity, supports business agility and can be deployed in minutes.
FireEye ETP integrates seamlessly with cloud-based email systems, allowing businesses to easily move from an on-premise email system to a cloud solution such as Office 365 with Exchange Online Protection. While Exchange Online Protection does includes basic security at nominal cost, today’s targeted attacks require a stronger email defense. When combined with Exchange Online, FireEye ETP provides comprehensive protection from targeted attacks faster and more accurately than Exchange Online Protection alone.
FireEye email security solutions integrate with the entire FireEye platform to share real-time threat intelligence that only FireEye provides.
The FireEye MVX engine performs over 50 billion virtual machine analyses daily and updates the FireEye global ecosystem every 60 minutes with its findings. The FireEye Dynamic Threat Intelligence (DTI) gathers and distributes this new threat intelligence to the MVX engine every hour to catch evolving threats.
The EX Series products can be configured to include Advanced Threat Intelligence (ATI), which delivers information correlating validated alerts to known threat actors. This context gives your security teams the information and guidance they need to respond to threats far more quickly than they could with an isolated alert.
FireEye Email Security protects people, data and assets from ransomware, spear phishing, impersonation fraud and credential harvesting. The FireEye MVX engine analyzes emails for hard-to-detect exploits and attacks hidden attachments and URLs. This detection takes place in real time, immediately blocking attacks while providing security practitioners with relevant insights into cyber attacks and the criminals that launch them.
FireEye Email Security also integrates easily with FireEye Network Security to protect organizations from blended attacks. Together, they correlate email leading to malicious content with network traffic to link web-based attacks back to an original spear-phishing email and threat actor.
“FireEye platforms detect compromises within minutes and quarantine malicious files or emails, and then enable us to quickly track down affected machines and contain the threat, even when devices are off-network.”
- Government Research Firm