FireEye introduces new FireEye App for Splunk Enterprise

Johannesburg, 30 Sept 2014

Exponant Information Security Solutions (EISS), a company that is focused on the provision of data-centric security solutions based on world-class technologies and proven methodologies and an authorised reseller for FireEye and Splunk, recently announced FireEye's new app for Splunk Enterprise. The FireEye App for Splunk Enterprise leverages Splunk's unique big data capabilities to more rapidly detect advanced threats targeted against organisations of all sizes.

Drawing on data from the FireEye Threat Prevention Platform; network, e-mail, content and endpoint security, as well as FireEye Forensic Analysis; the FireEye App for Splunk Enterprise allows organisations to visualise internal and external threats and unearth threat patterns in FireEye data by leveraging Splunk Enterprise's ability to correlate multiple data sources from across their IT infrastructure.

"As the threat landscape becomes even more layered and complex, FireEye and Splunk are expanding their relationship and accelerating collaboration around advanced threat protection," explained Deon La Grange, Country Manager Southern Africa Region, FireEye. "Together, FireEye and Splunk give organisations the expertise and intelligence to make organisations more resilient to modern attacks."

"Analysing machine data from across an entire organisation and utilising advanced threat intelligence is key to strong security," added Wolfgang Selzer, Managing Director of EISS. "The alliance between Splunk and FireEye helps our joint customers better identify malicious activities, potentially reducing the impact of breaches from months to minutes."

"As threat groups become more sophisticated, the need to provide visibility across both IT and security systems so that a complete picture of any potential attack is possible, is very important," continued La Grange. "The combination of Splunk and FireEye provides our customers' incident responders with the capability to rapidly analyse incident data, correlate the indicators to identify affected systems, and respond in near-to-real-time."

The FireEye App for Splunk Enterprise is designed to help secure enterprises with the following features:

* A holistic view on the security posture. It combines, integrates and correlates FireEye data with all other data, including FireEye meta-data, malware events, and data on known and new threats. Data in Splunk Enterprise includes machine data from IT and business systems distributed across the enterprise.
* The shortening of incident detection and reporting. It responds to incidents faster and streamlines reporting by aggregating FireEye original data and long-time horizon events.
* A unified interactive user experience. It visualises and analyses data across multiple FireEye platforms through a single Splunk interface with extensive search capabilities, risk prioritisation and threat trends to shorten security response times and streamline reporting needs.
* The ability to determine malware impact in the organisation. The FireEye App for Splunk Enterprise provides insight into raw data about malware, allowing customers to drill down into patterns, alerts and data across the enterprise and show the impact of malware events on the rest of the organisation.

For further information, please contact Wolfgang Selzer; tel. 012 663 0160; fax 012 663 5678; e-mail wolf@exponant.com

FireEye

FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber-attacks. These highly sophisticated cyber-attacks easily circumvent traditional signature-based defences, such as next-generation firewalls, IPS, anti-virus and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organisation across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber-attacks in real time. FireEye has over 2 500 customers across 65 countries, including over 150 of the Fortune 500.

2014 FireEye, Inc. All rights reserved. FireEye is a registered trademark or trademark of FireEye in the United States and other countries. Splunk is a registered trademark of Splunk in the Unites States and other jurisdictions. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.

EISS

Exponant Information Security Solutions (EISS) is a software, services and consulting company that includes a significant focus on monitoring and detection solutions in the areas of security, operations and application management.

In this regard, it is an authorised reseller for many global security brands such as AlienVault, Check Point Software Technologies, FireEye, Imperva, Splunk, Trend Micro and WebSense.

Although not exclusively focused on any specific markets, it is very strong in the financial, telecommunications, mining and engineering sectors and has customers from both the private and public sectors.

Editorial contacts