25 February 2013

Continuous Analysis and Retrospective Security Address Malware Across the Entire Attack Continuum

London, UK – February 25, 2013 — Sourcefire, Inc. (Nasdaq: FIRE), a leader in intelligent cybersecurity solutions, today introduced its dedicated Advanced Malware Protection (AMP) appliance, which allows users to defend against sophisticated network malware – from the point of entry, through propagation, to post-infection remediation. Expanding Sourcefire’s AMP offering, the dedicated appliance is built on the industry-leading FirePOWER™ platform and provides increased deployment flexibility for organisations needing immediate protection against advanced malware.

“Given today’s threat landscape, advanced malware detection and protection discussions should extend beyond blocking/prevention and highlight security intelligence, analytics, incident detection/response and lessons learned,” said Jon Oltsik, Senior Principal Analyst, Enterprise Strategy Group. “Organisations need to shift from tools that are mere gateways to an enterprise network security approach for better protection against a broader range of threats and vulnerabilities over time.”

Deployed inline, the AMP appliance delivers network protection with malware detection and blocking, continuous file analysis and retrospective security. The solution creates forensic fingerprints of files to identify known malware, tracks file movement and identifies attack targets for focused remediation. Using Sourcefire’s big data analytics, this advanced malware protection delivers continuous file analysis and retrospective alerting, so that users can be notified of malicious files that have entered their environment, even if they were previously classified as safe.

In addition to the new dedicated appliance, Sourcefire offers AMP for FirePOWER, a license option for Next-Generation Intrusion Prevention Systems and Next-Generation Firewall solutions. The dedicated AMP appliance includes 100 seats of FireAMP,Sourcefire’s advanced malware protection solution for endpoints, mobile devices and virtual networks. The combination of the appliances and FireAMP connectors delivers unmatched visibility across the entire enterprise and all threat vectors. Users can see how malware enters, infects and moves through an environment, and can then respond decisively to threats and quickly remediate. Sourcefire is the only vendor to address all of these dimensions of the advanced malware problem.

Customers also have the flexibility to easily increase protection in the future by enabling application control and additional security functionality on the same device. Today’s announcement extends the company’s leadership in maximising security effectiveness while minimising total cost of ownership.

“Networks are constantly evolving and expanding and attackers are taking advantage of any gaps to permeate a network and accomplish their mission,” said Martin Roesch, Sourcefire founder and interim CEO. “Thwarting attacks isn’t just about blocking but also about using retrospective security to mitigate the impact once an attacker gets in. Sourcefire’s threat-centric approach to security gives organisations continuous visibility, analysis and control across their environment and along the full attack continuum – before, during and after an attack.”

In addition to its AMP offerings, Sourcefire also recently announced new Incident Response Professional Services that assist customers in addressing advanced malware challenges. The services enable customers to clearly identify an event, evaluate the risk and determine the most effective approach to remediate. Experienced in incident response techniques, methodology and the actions of malicious code, the Sourcefire Incident Response Team helps customers eliminate uncertainty and make educated decisions for better protection.