Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    FireEye Boosts Endpoint Security With MalwareGuard Machine Learning

    By
    SEAN MICHAEL KERNER
    -
    July 31, 2018
    Share
    Facebook
    Twitter
    Linkedin
      FireEye Endpoint Security

      FireEye announced the addition of its new MalwareGuard machine learning capability for endpoint threat detection to the FireEye Endpoint Security 4.5 update on July 31.

      The MalwareGuard feature provides organizations with a new method to autonomously detect and classify malware. MalwareGuard complements behavior-based ExploitGuard, signature-based MalwareProtection and intelligence-based IOC detection capabilities in FireEye Endpoint Security.

      “MalwareGuard really provides another added level of protection against both known and unknown attacks, and it’s a result of a multiyear research project where we’ve trained the system on unique real-world public and private data,” John Laliberte, senior vice president of engineering at FireEye, told eWEEK. 

      The machine learning behind MalwareGuard is able to make predictions on potential malware without the need for human involvement, he said.

      “The way we think about MalwareGuard technology is that it automates and reduces the time from when a new threat is discovered and it eliminates the human component of the analysis, allowing for automatic protection,” Laliberte said.

      Adversarial Intent

      The use of machine learning to help detect malware is not a new idea, though Laliberte said the approach that FireEye took in building the MalwareGuard engine is different.

      “We focused on building autonomous mechanisms that really identify and predict what the actual intent of the adversary behavior is,” he said. “Through our research project, we proved that we can train machines to identify attacks on a large majority of cases, when using our unique data that predicts the intent of the adversary tools, as well or better than our human experts.”

      During the research phase to build the MalwareGuard engine, FireEye used between 3,000 and 5,000 systems in parallel, with over 20,000 compute cores, to produce the model. The data that the model trained on was also highlighted by Laliberte, as it was taken from FireEye sensors as well from incident response investigations.

      “Our people have been on the front lines discovering the new threats and figuring out how other technologies were bypassed,” he said. “In addition, we have managed services and what they do is label a lot of the data for us, which is actually one of the hardest problems to solve.”

      Multistage Attacks

      Many modern attacks are not just simple malware payloads; they often involve multiple steps in an attack chain. The combination of detection engines and the various points at which FireEye examines process on the endpoint helps to detect multistage attacks, Laliberte said. He added that the MalwareGuard machine learning engine is invoked at various points on an endpoint, including initial execution as well as post-execution actions.

      Part of the FireEye Endpoint Security 4.5 suite is the Helix security operations platform, which will also benefit from the MalwareGuard model. With Helix, an organization can identify that a given piece of malware is present in different parts of an organization, and distributed remediation actions can be executed.

      Looking forward, Laliberte said FireEye will continue to build out capabilities on the Endpoint Security platform.

      “You’ll see significant improvements in prevention, investigation, detection and response across the board,” he said. “We’re really looking to enable the Helix platform to make it very simple for customers to go from alert to fix, tying together all the information.”

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×