FireEye adds machine learning engine for threat detection

FireEye MalwareGuard uses machine learning to detect and block unseen threats

Tags: FireEye (www.fireeye.com)Machine learning
  • E-Mail
FireEye adds machine learning engine for threat detection Machine learning-driven detection will help to protect customers from attackers who increasingly are able to overcome traditional signature-based detection methods, says Laliberte.
By  Mark Sutton Published  August 2, 2018

FireEye has developed a new machine learning-based cyber threat detection and prevention engine.

The MalwareGuard engine, is designed to help detect and block cyber-threats including never-before-seen threats.

FireEye MalwareGuard is the result of a two-year research project from FireEye data scientists and testing in real-world incident responses. The MalwareGuard model is trained using advanced machine learning techniques to enable MalwareGuard to make intelligent malware classifications on its own and without human involvement. The machine learning model is trained with both public and private data sources, including data gathered from over 15 million endpoint agents, attack analyses based on more than one million hours spent responding to attacks to date, over 200,000 consulting hours every year and adversarial intelligence collected from a global network of analysts that speak 32 languages.

FireEye analyzes hundreds of millions of malware samples resulting in first-hand knowledge of the threat landscape that's not available to any other organization. The FireEye data science team has real-world experience analyzing cyber-threats and they use FireEye's unique data to train MalwareGuard to detect new threats that often bypass competitors' machine learning and signature-based solutions.

The engine has been added to FireEye's Endpoint Security solution, as is available as a free upgrade for existing customers and free trial. With the addition of MalwareGuard, FireEye Endpoint Security now includes four integrated engines machine learning (MalwareGuard), behavior-based (ExploitGuard), signature-based (Malware Protection) and intelligence-based (IOC), to detect threats.

"Attackers are constantly innovating and outmaneuvering legacy, signature-based technology," said John Laliberte, senior vice president of engineering, FireEye. "Reducing the window of time from discovery, to analysis, and deployment of protection is critical to reducing risk in your enterprise. By combining our unique frontline knowledge of the adversaries with our in-house machine learning expertise, we can now better protect our customers against cyber-threats including never-before seen threats by automating the discovery, analysis, and deployment of protection through our endpoint solution."

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code