FireEye TAPs Partners in Security Platform Expansion

FireEye's Threat Analytics Platform (TAP) expands beyond security information and event management (SIEM) capabilities.

FireEye Threat Analytics Platform

FireEye is hosting its Momentum 2015 conference this week (January 26-29) in Las Vegas, and the company's Threat Analytics Platform (TAP) product is front and center.

FireEye has announced multiple vendor partnerships for TAP in recent weeks, including ones with Adallom and Viewfinity on Jan. 27 and a partnership with ForgeRock announced on Jan. 21.

Additional partnerships for TAP will be announced in the coming weeks, said Grady Summers, senior vice president, cloud analytics at FireEye. "TAP is a cloud-based SIEM [security information and event management] product, and it's really an intelligence and analytics technology," Summers told eWEEK.

The FireEye TAP is designed to enable organizations to get better value from their SIEM investments, Summers said, adding that some organizations' SIEM products aren't properly updated with the right information and rules.

"It's great that we can connect with vendors like Adallom and Viewfinity and can view the data that they collect on the host or the cloud and incorporate that into TAP and build rules around that information," Summers said.

FireEye also works with its partners to do technical integration and develop rule packs.

"Adallom has got such great traction as a cloud security broker," Summers said. "Viewfinity has really neat whitelisting capabilities, and ForgeRock does some cool stuff with identity management."

Additional Capabilities

Though TAP is often classified as a SIEM product, initially the FireEye's product team did not want the product to be called a SIEM.

"We built the tool that we thought the market needed, but the reality is that customers understand the term SIEM and have budget for it," Summers said.

TAP offers the promise of responsive analytics and data that is actionable, he said.

As FireEye has been bringing TAP to market, more SIEM capabilities are being added to the product, including compliance reporting. As part of Payment Card Industry Data Security Standard (PCI DSS) compliance, organizations need to have a SIEM in place. TAP can meet the compliance requirement for PCI-DSS and will soon include specific reporting capabilities to help organizations achieve compliance objectives, Summers said.

FireEye TAP has a relatively rapid developer and release cycle. There are two-week development sprints, which lead to monthly milestone releases to customers, Summers said. FireEye's developers are working on a number of key features to enhance TAP in the months ahead.

"Right now, we're focused on reporting and compliance features, and that will be a big enhancement for us toward the end of the first quarter," Summers said. "We're also working on a low-cost collector that can help customers get data off their networks and into TAP."

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.