Fireeye launches new endpoint security option

The cyber threat landscape is a constantly changing one and keeping systems safe demands constant evolution of security tools. With the launch of its latest endpoint protection product, US security firm FireEye is integrating detection and prevention with threat intelligence technologies to offer comprehensive protection.

Image Credit

With an ongoing skills crisis in information security,, businesses are increasingly turning to technological solutions like FireEye Endpoint 4.0 to bridge the gap and keep their systems safe.

Behavioural analysis

Endpoint security from FireEye uses behavioural analysis to monitor the network traffic from a device and identify unusual behaviour, thus preventing malware from contacting its command and control servers.

The software available from is able to contain attacks and prevent them from spreading to other devices, as well as stopping information from leaking out of the organisation. It is able to scan all the endpoint systems on a network in order to identify existing and new threats. Devices identified as compromised can be isolated with just one click to allow for further analysis.This is combined with dynamic threat intelligence so the software can learn from threats detected elsewhere across tens of thousands of endpoints, allowing it to quickly respond to new and previously unseen attacks.

Greater visibility

One of the keys to protecting a network is to understand what is attached to it. FireEye Endpoint can scan all devices on the network and look at their present and past activity. This makes it possible to spot unusual patterns of behaviour and to produce forensic analysis timelines if required.

Image Credit

Thanks to its use of a single agent across all devices and an easy-to-use interface, even non-technical staff can respond quickly to suspicious activity. This makes it an ideal solution for smaller businesses that may not have the resources to run a dedicated IT security team.

If an attack does occur the software is able to identify the attack vector as well as any other devices that it may have spread to. It can also tell you if the attack is still active on the network, how long specific devices have been compromised, what actions have been taken and whether or not information has been exported. It can then identify which systems need to be quarantined in order to prevent the attack from spreading or doing further damage.