Product Id: 29859877
Description: Dynamic Threat Intelligence cloud 2-way - Subscription license renewal (1 year)
Mfr Part #: RN-4400NX-2WDTI1Y
The FireEye Dynamic Threat Intelligence (DTI) cloud interconnects FireEye threat prevention platforms deployed within customer networks, technology partner networks, and service providers around the world. This worldwide cloud efficiently shares auto-generated threat intelligence, such as covert callback channels, as well as new threat findings from FireEye Labs.
When a platform confirms an attack locally, it generates dynamic and anonymized threat intelligence of the attack and distributes it through the DTI cloud to warn other users. Unlike reputation and risk-based threat intelligence networks, which make assumptions about potentially risky code and broadcast signatures that may either falsely block or falsely allow traffic, FireEye systems confirm malicious activity. The assessments captured by the FireEye systems are conclusive because suspicious code is fully tested in a virtual execution environment.
- Malware attack profiles, including identifiers of malware code, exploit URLs, and other sources of inbound infections and attacks
- Analysis of email attachments and URLs
- Fully qualified malware callback destinations (destination IP address, protocols used, ports used) that identify malicious websites and email sources
- Malware communication protocol characteristics, such as custom commands used to instantiate transmission sessions
- Third-party threat intelligence feeds from many different sources