FireEye iSIGHT now available in Windows Defender ATP
Integration to help customers identify more attacks and gain valuable information about activity groups targeting them
Cybersecurity firm FireEye has announced that FireEye iSIGHT threat intelligence is now accessible to Microsoft customers through Windows Defender Advanced Threat Protection (WDATP).
As part of their subscription to WDATP, Microsoft enterprise customers can gain valuable insight about the threat actors that are targeting them, helping improve their security posture and prioritise identified threats strengthening their overall situational awareness with the help of iSIGHT.
FireEye iSIGHT threat intelligence is a means of qualifying threats poised to disrupt business based on the intents, tools and tactics of the attacker. This adversary-focused intelligence is designed to deliver a view of the global threat landscape, extending visibility beyond the typical cyber-attack lifecycle by prioritising and contextualising risks before, during and after attack.
WDATP customers have access to a set of FireEye-iSIGHT technical indicators, or IoCs (Indicators of Compromise) that enable WDATP to alert when these indicators are found on their customers’ computers or networks and then display a profile of the involved attacker. This profile includes valuable information such as: the main motivation of the attacker; related tools; target sectors and geographies, and; a description of the actor and how they operate
For security teams that want more contextual intelligence, the full set of FireEye iSIGHT IoCs and all related reports and technical information, a direct link is available to subscribe to FireEye iSIGHT threat intelligence. This subscription can also be consumed programmatically through the FireEye iSIGHT API. WDATP customers can apply for a free trial of the broader iSIGHT threat intelligence.
“FireEye has invested in nation-state grade threat intelligence and we are strategically partnering with industry leaders to operationalise this high-quality intel," said Ken Gonzales, senior vice president of corporate development at FireEye. “By working with Microsoft we’re able to offer differentiated threat intelligence within WDATP and together help make organisations more secure.”
“With the Windows 10 Anniversary Update, we added this new layer of defence with WDATP – a new built-in OS sensor combined with powerful cloud-powered behavioural detection analytics – in order to help enterprises, detect, investigate and respond to targeted attacks and data breaches on their endpoints quicker and easier,” said Moti Gindi, general manager, Windows Cyber Defense. “As two security leaders working together, the combined Microsoft and FireEye adversary-based security intelligence ensures WDATP detections can provide the right context needed to prepare for and simplify response to attacks.”