FireEye vows to expose 'truth' behind modern malware
- 06 May, 2010 04:38
- Comments
In his interview with CSO last week, FireEye Chief Security Architect Marc Maiffret lamented what he sees as the inability of security vendors to keep up with the malware innovations made in the pursuit of attacks against the likes of Adobe and Apple.
This week, his company launches a site designed to help companies keep better track of evolving malware architecture and mount a more effective defense.
ModernMalwareExposed.org, created and managed by FireEye, is described on the website as an "interactive, educational" site exposing the state and evolution of modern malware and its business implications. It will include tools, white papers and a blog where Maiffret tracks goings on among other vendors and the threats they are all tracking.
"Modern malware is becoming increasingly sophisticated in terms of what it can do and how it can be used," Maiffret said. "Relying on firewalls, antivirus, IPS and Web gateways will still leave you exposed."
Also see Inside the Global Hacker Service Economy
The site also includes a built-in e-book Maiffret wrote called "Modern Malware Exposed" as well as a malware protection assessment companies can take to measure their own risks.
In last week's interview, Maiffret praised Microsoft for bringing its security a long way since the days when he was at eEye uncovering a multitude of Windows zero-day flaws. But he came down hard on Adobe and Apple for repeating many of Microsoft's earlier mistakes. Adobe faces growing criticism for widely exploited flaws in its software while Apple is increasingly the focus of malware writers even though it hasn't seen the level of attacks Microsoft and Adobe have.
"When you look at the industry and the mainstay players, they'll even tell you that their [malware] signature technology doesn't work anymore but that hey, "we have this great behavior-anomaly technology." What they don't tell you, and what the IT community can see, is that with those technologies you are either at one end of the spectrum or the other. If you tune the technology up you may catch a lot of things, but that includes a lot of false positives."
Of course, FireEye isn't the first company to offer such a service. Kaspersky Lab offers, among other things, a site called SecureList, while vendors like WatchGuard release frequent white papers with essentially the same aim.
- Bookmark this page
- Share this article
- Got more on this story? Email TechWorld
- Follow TechWorld on twitter
- From eEye to FireEye: The Marc Maiffret interview - CSO Online - Security and Risk
- MME -- Home
- Inside the Global Hacker Service Economy - CSO Online - Security and Risk
- RSA 2010: Can Adobe Stop the Hate? - CSO Online - Security and Risk
- The Apple way of (in)security - CSO Online - Security and Risk
- Securelist - Information about Viruses, Hackers and Spam
- release frequent white papers
- CISO Guide to Next Generation Threats - Combating Advanced Malware, Zero-Day and Targeted APT Attacks
- Managing Trust - Data protection and compliance for financial services
- Security Threat Report 2012
- Magic Quadrant for Enterprise Disk-Based Backup/Recovery
- Oracle IT Modernization Series Modernization: The Path to SOA
-
Open source case study: SugarCRM at Footprints Recruiting
-
Eight easy extras for IE8
-
Coalition NBN better or worse?
-
CSIRO develops hands-free technology for mining repairs
-
Broadband Forum to improve IPTV performance with new spec
-
MYOB Software for Dummies 6E Australian Edition
-
Windows 7 for Dummies®
-
Teach Yourself Visually Windows 7
-
Excel 2007 All-In-One Desk Reference for Dummies
-
Office 2007 for Dummies
-
Windows 7 for Seniors for Dummies®
-
Microsoft Office
-
Windows 7 for Dummies® Dvd+book Bundle
-
Office 2007 All-In-One Desk Reference for Dummies
Comments
Post new comment