FireEye Threat Monitoring Defends Businesses Against Dark, Open Web

The depth and breadth of collection sources used by FireEye Digital Threat Monitoring allows businesses to gain control over what were traditionally perceived to be inaccessible portions of the internet.

FireEye unveiled a new tool that monitors the deep, dark and open web, allowing customers to defend their digital footprint across otherwise inaccessible parts of the internet.

The Milpitas, Calif.-based cybersecurity vendor said FireEye Digital Threat Monitoring automatically collects and analyzes content on the dark and open web, alerting organizations whenever a potential threat is detected. By exposing threats early, FireEye said businesses are able to more effectively identify breaches, exposures, and digital threats before they escalate.

“Digital Threat Monitoring serves as a natural starting point for organizations looking to add intelligence capabilities to their security portfolio,” FireEye Senior Vice President of Global Intelligence Sandra Joyce said in a statement. “We’re reducing risk by helping internal security teams extend their reach so they can focus on the most immediate threats to their organizations.”

[Related: FireEye Mulls Sale To Private Equity Firm, Hires Goldman Sachs: Report]

Digital Threat Monitoring doesn’t add any operational complexity for the customer’s current security team, FireEye said, and protects organizations from risks such as leaked credentials, public data exposure, social media impersonations, and phishing attempts. The service can also provide visibility into threats against brand reputation, personnel, and data through a customer’s partner community.

The managed service is powered through a combination of advanced technology and threat intelligence. In fact, Joyce said the depth and breadth of FireEye’s collection sources means the company holds the most mature underground monitoring capabilities in the business, making it possible for businesses to gain control over what were traditionally perceived to be inaccessible portions of the internet.

Digital Threat Monitoring can be delivered in several different ways depending on the monitoring timeframe and the level of analyst support needed, according to FireEye. Service subscriptions include access to an Alerts Dashboard within the FireEye Intelligence Portal where further details are available, the company said.

The Alerts Dashboard allows users to filter information by date range or severity level, and provides situational awareness around which alerts are firing from what sources, as well as which keywords are seeing the most hits. Service options for FireEye Digital Threat Monitoring are: digital threat assessment; digital threat monitoring; digital threat monitoring advanced; and digital threat monitoring enterprise.

The first is a one-time, point-in-time assessment performed over 30 days using customer-selected keyword queries. At the end of the period, FireEye said it delivers a single report containing insight and analysis around all the identified threats.

Meanwhile, FireEye said the subscription-based digital threat monitoring service provides continuous monitoring and alerting to customer-selected keyword queries. Alert investigations aren’t included at this subscription tier, but can be requested by customers on an as-needed basis through Expertise on Demand.

Digital Threat Monitoring Advanced builds on the basic offering by including 40 annual investigations performed by FireEye intelligence analysts. And Digital Monitoring Enterprise doubles the number of FireEye intelligence-led investigations to a total of 80 annually.

Digital Threat Assessments and the investigation of digital threat monitoring alerts are available both as a standalone service as well as in exchange for prepaid units via Expertise on Demand, FireEye said. Combining Expertise on Demand’s training, capability development, and custom intelligence with Digital Threat Monitoring can support and extend the value of the service.

FireEye’s intelligence really sets the company apart from the pack, and the company has extraordinary skills in both monitoring the dark web as well as responding to breaches or other security incidents, according to BAI Managing Partner Ryan Morris.

Operationalizing and productizing that knowledge makes a lot of sense for FireEye, Morris said, and should make it easier for customers to remediate and takedown fraudulent domains. When dealing with risk, Morris said companies need to determine if they’re most focused on protecting the brand, their people, the data, or a combination of all three.

The opportunity for the Annapolis, Md.-based solution provider around Digital Threat Monitoring is primarily associated with building out a pipeline and process to help customers adopt the service, Morris said. Enterprises often struggle with adopting and making good use out of new security products given the sheer number of tools available in the space, Morris said.

“FireEye has ended up accumulating this intelligence that’s second to none,” Morris said. “This is an easy market for them to move into sideways and become dominant.”