FireEye, Inc.

From Wikipedia, the free encyclopedia
  (Redirected from FireEye, Inc)
Jump to: navigation, search
FireEye, Inc.
Type Public company
Industry Computer security
Founded 2004
Founder(s) Ashar Aziz
Headquarters Milpitas, California, United States
Key people Dave DeWalt (CEO and Chairman of the Board), Ashar Aziz (Founder, Vice Chairman of the Board, CTO, and Chief Strategy Officer)
Products Network security products
Employees 1,000+ (2013)

FireEye, Inc. is a global network security company that provides automated threat forensics and dynamic malware protection against advanced cyber threats, such as advanced persistent threats and spear phishing. Founded in 2004, the company is headquartered in Milpitas, California. The company's main product line consists of the Malware Protection System for web security, email security, file security, and malware analysis.

The company has been involved with dismantling cybercriminal infrastructure, including some of the world's largest botnets as well as web hosting provider McColo, which was responsible for a significant amount of malware and botnets.[1] FireEye also produces "Malware Intelligence Lab",[2] an industry security blog covering the latest trends in cybercrime, Web 2.0 attacks, advanced persistent threats (APTs), and malware.

FireEye is a public company whose major investors include Sequoia Capital, Norwest Venture Partners, JAFCO Ventures, SVB Capital, DAG Ventures, Juniper Networks, and In-Q-Tel.[3] As of 2012, FireEye has raised over $51 million in venture capital funding.[4] FireEye customers include Sallie Mae, Equifax, Juniper Networks, Heartland Payment Systems,[5] Canaras Capital,[6] San Francisco State University, Santa Barbara City College, and Connecticut College.[7]

In 2012, the company was named Silicon Valley's hottest security start-up, and was ranked the fourth fastest growing company in North America on the Deloitte 2012 Technology Fast 500.[8][9]

In 2013, FireEye announced it raised a new round of $50 million in venture funding. This brings the total funding to-date to more than $100 million.[10] The latest funding round included new and existing investors — Sequoia Capital, Norwest Venture Partners, Goldman Sachs, Juniper Networks, Silicon Valley Bank, and others.

The company sold shares to the public on September 20, 2013.[11]

On December 30, 2013, FireEye acquired Mandiant in a stock and cash deal worth in excess of $1 billion.[12]


Dave DeWalt, CEO and Chairman of the Board of FireEye in South Korea, in June 2013

In 2004, Ashar Aziz, an engineer from Sun Microsystems, founded FireEye with venture capital provided by Sequoia Capital.[13] Aziz is the original inventor of the core set of technologies behind the company's main product line, the FireEye Malware Protection System.[14] In 2006, FireEye launched its first product—a switch-based network access control appliance.[15]

Throughout 2012, FireEye announced a number of industry partnerships with companies such as HP, Splunk, Blue Coat, McAfee, and RSA.[16] In June 2012, former CEO and President of McAfee, Dave DeWalt, announced that he had joined FireEye as Chairman of the Board of Directors.[16] DeWalt was later appointed CEO of the company in November 2012.[16][17][18] Upon joining as CEO, DeWalt announced that FireEye had more than 400 employees and more than $100 million in annual bookings.[17]


  • In 2007, the company was named a "Cool Vendor" in Gartner's 2007 "Cool Vendors in Infrastructure Protection for 2007" report.[19] The distinction highlights security technology providers that demonstrate innovation in adapting to new and ever more dangerous threats to enterprise infrastructure. In addition, it was named a Finalist in the Silicon Valley Business Journal's Emerging Tech Awards for Security[20] and in the Windows IT Pro Editor's Best in Networking.[21]
  • The company was named to the Bank Technology News The FutureNow List,[22] which short lists critical IT security technologies for financial institutions.
  • Kicking off 2009, FireEye was named "Startup of the Week"[23] as part of InformationWeek's Startup 50 editorial project that highlights the top 50 technology startups. The company was also selected by AlwaysOn as an OnDC Top 100 Winner.[24]
  • In 2010, the company was selected by Tech Awards Circle as a "Best of Tech 2010" winner.[25] FireEye was also recognized by the Security Innovation Network (SINET) as one of the most innovative cybersecurity solutions to meet the critical needs of Federal and commercial markets and presented at the SINET Showcase 2010 held at the National Press Club (USA).[26]
  • In 2011, the FireEye Malware Protection System was recognized by the Info Security Products Guide Global Excellence Awards and by Government Computer News as one of "The 11 Best Products of 2011." The FireEye Email Malware Protection System was named to Network World's "Hot Products at RSA 2011".[27] FireEye was also a winner of a TiE50 2011 award in the Internet category.[28]
  • In 2012, the company was named Silicon Valley's hottest security start-up by Forbes,[8] and went on to win a series of awards, including the Wall Street Journal Technology Innovation Award, the JPMorgan Chase Hall of Innovation Award, and three Stevie Awards at the 2012 American Business Awards.[29][30][31] In November 2012, FireEye was ranked the fourth fastest growing company in North America on the Deloitte 2012 Technology Fast 500.[9] FireEye is also a two-time winner of the TiE50 awards.[32]

Products and services[edit]

Malware Protection System[edit]

The FireEye Malware Protection System (MPS) is the company's main product line, and comprises four appliance-based offerings. Each offering is geared towards a specific threat vector—web, email, and file—and intended to complement one another. In addition to being recognized as Most Innovative Hardware Security Product of the Year by Info Security, the FireEye MPS has also gained recognition from Government Computer News 11 Best Products of 2011, TiE50 Award, and SC Magazine Europe.[33]

Web Malware Protection System[edit]

The Web Malware Protection System (MPS) is an appliance that operates as a turnkey system that can be deployed inline at Internet egress points to block inbound Web exploits and outbound multi-protocol callbacks. It employs the FireEye Virtual Execution engine, which performs dynamic analysis of zero-day attacks within a virtual analysis environment. The Web MPS can also signal into incident response mechanisms, such as SIEM, and offers TCP resets for out-of-band blocking of TCP, UDP, or HTTP connections.

Email Malware Protection System[edit]

Released February 2011, the Email Malware Protection System (MPS) is an appliance that analyzes all email attachments coming through a network using the FireEye Virtual Execution engine.[34] Through the appliance, network administrators can quarantine emails with malicious content for further analysis or deletion. In June 2012, FireEye received the Interop Tokyo Best of Show Award for the Email MPS product.[35]

File Malware Protection System[edit]

Released February 2012, the File Malware Protection System (MPS) analyzes network file shares using the FireEye Virtual Execution engine in order to detect zero-day malicious code embedded in common file types. The File MPS performs recursive, scheduled, and on-demand scanning of accessible network file shares.[36]

Malware Analysis System[edit]

The Malware Analysis System (MAS) allows threat analysts to configure test environments where they can execute and inspect advanced malware, zero-day, and targeted APT attacks embedded in common file formats, email attachments, and Web objects.

Central Management System[edit]

The Central Management System (CMS) consolidates the management, reporting, and data sharing of Web MPS, Email MPS, File MPS, and Malware Analysis System (MAS) into a single network-based appliance by acting as a distribution hub for malware security intelligence.

Dynamic Threat Intelligence[edit]

The FireEye Cloud crowd-sources Dynamic Threat Intelligence (DTI) detected by individual FireEye MPS appliances, and automatically distributes this time sensitive zero-day intelligence globally to all subscribed customers in frequent updates. Content Updates include a combination of DTI and FireEye Labs generated intelligence identified through Research efforts.

Cyber actions[edit]


FireEye was closely involved in the forensic investigation of and effort to defeat the Srizbi botnet in 2008.[37][38]


In October/November 2009, FireEye participated in an effort to take down the Mega-D botnet (also known as Ozdok.)[39] Beginning with public disclosures on their blog, they then issued abuse notifications to the ISPs being used as hosts. Then, they worked with numerous domain registrars take down the primary CnC domains. The researchers also registered a number of domains that were hard-coded Mega-D CnC domains but were unregistered. This final move gave FireEye control of the botnet, which they pointed to a sinkhole server and subsequently re-routed to Shadowserver.[40]

In March 2009, FireEye helped victims of MS Antivirus, also known as Antivirus2009, a rogue anti-virus that encrypted users' files. A new version of scareware from the Antivirus2009 family tricked users using a fake Windows alert pop-up that files in the "My Documents" folder are corrupt. In fact, the scareware program actually encrypted the user's files, and then directs the victim to an extortion Web site where users pay a ransom to get a program called "FileFixerPro" to fix the "corrupt" files. FireEye offered a free Web service to decrypt files for users locked out of their own documents.[41][42][43]


On March 16, 2011, the Rustock botnet was taken down through what was initially reported as a coordinated effort by Internet service providers and software vendors.[44] It was revealed the next day that the take-down, called Operation b107,[45][46] was the action of Microsoft, US federal law enforcement agents, FireEye, and the University of Washington.[45][47]


In July 2012, FireEye published an analysis[48] of the Grum botnet's command and control servers located in the Netherlands, Panama, and Russia. One week following their initial analysis, FireEye researchers reported that the Dutch Colo/ISP soon after seized two secondary servers responsible for sending spam instructions after their existence was made public.[49]


  1. ^ Markoff, John (2008-12-06). "Thieves Winning Online War, Maybe Even in Your Computer". The New York Times. Retrieved 2010-10-18. 
  2. ^ "". Retrieved 2014-04-12. 
  3. ^ Hoover, J.Nicholas (November 19, 2009). "In-Q-Tel Joins Forces With FireEye To Fight Cyberthreats". DarkReading. Retrieved 2009-11-30. 
  4. ^ Cohan, Peter (2012-06-19). "Wheeler-dealer DeWalt Casts Eye on FireEye". Wall Street Journal. Retrieved 2012-07-18. 
  5. ^ "FireEye Testimonials". January 8, 2013. Retrieved 2013-01-08. 
  6. ^ Gage, Deborah (November 30, 2007). "Simulate Traffic, Find Botnets". Baseline. Retrieved 2009-11-30. 
  7. ^ Schaffhauser, Dian (2009-03-27). "3 Institutions Deploy FireEye Appliances To Battle Breaches". Campus Technology. Retrieved 2009-11-30. 
  8. ^ a b Cohan, Peter (2012-05-24). "FireEye: Silicon Valley's Hottest Security Start-up". Forbes. Retrieved 2012-12-04. 
  9. ^ a b "FireEye Ranked Fourth Fastest Growing Company in North America on the Deloitte 2012 Technology Fast 500" (Press release). FireEye. 2012-11-15. Retrieved 2012-12-04. 
  10. ^ Lomas, Natasha (2013-01-10). "Security Firm FireEye Raises Extra $50M, Says It’s Preparing Ground For IPO". TechCrunch. Retrieved 2013-01-10. 
  11. ^ Geron, Tomio (2013-09-20). "FireEye Founder Banks Hundreds Of Millions In IPO". Forbes. Retrieved 17 October 2013. 
  12. ^ Perlroth, Nicole; Sanger, David E. (2014-01-02). "FireEye Computer Security Firm Acquires Mandiant". The New York Times. 
  13. ^ Mitra, Sramana (January 29, 2009). "Barriers To Innovation". Forbes. Retrieved 2009-11-30. 
  14. ^ "Crunchbase — Ashar Aziz". Crunchbase. 2012-07-18. Retrieved 2012-07-18. 
  15. ^ Messmer, Ellen (2006-05-02). "Start-up FireEye debuts with virtual-machine security approach". Network World. Retrieved 2010-10-18. 
  16. ^ a b c "FireEye Appoints Board Chairman David DeWalt as Chief Executive Officer" (Press release). FireEye. 2012-11-28. Retrieved 2012-11-30. 
  17. ^ a b Robertson, Jordan (2012-11-28). "Former McAfee Chief DeWalt Named FireEye CEO, Aims for 2013 IPO". Bloomberg. Retrieved 2012-11-30. 
  18. ^ Clark, Don (2012-11-28). "Security Startup FireEye Lands Dave DeWalt as CEO". Wall Street Journal. Retrieved 2012-11-30. 
  19. ^ "FireEye Named 'Cool Vendor' by Leading Analyst Firm" (Press release). PRNewswire. 2007-05-01. Retrieved 2013-01-11. 
  20. ^ "Emerging tech award winners honored". 2007-11-02. Retrieved 2013-01-11. 
  21. ^ "Editor's Best". Windows IT Pro. 2007-07-25. Retrieved 2013-01-11. 
  22. ^ "The FutureNow List". American Banker. 2008-04-01. Retrieved 2013-01-08. 
  23. ^ "Startup Of The Week: FireEye". InformationWeek. 2009-01-31. Retrieved 2013-01-08. 
  24. ^ "FireEye Selected by AlwaysOn as an OnDC Top 100 Winner" (Press release). 2009-10-13. Retrieved 2013-01-08. 
  25. ^ "Tech Awards Circle Winners Represent Best of Tech 2010". 2010-07-10. Retrieved 2013-01-11. 
  26. ^ "SINET Showcase 2010 Presenting Companies". Security Innovation Network. 2010-10-26. Retrieved 2013-01-08. 
  27. ^ "Hot products from RSA 2011". 2011-02-17. Retrieved 2013-01-08. 
  28. ^ "2011 TiE50 Internet/Social Networking Winners". TiE50. 2012-05-12. Retrieved 2013-01-08. 
  29. ^ "FireEye Earns The Wall Street Journal Technology Innovation Award" (Press release). FireEye. 2012-10-18. Retrieved 2012-12-04. 
  30. ^ "FireEye Earns JPMorgan Chase Hall of Innovation Award" (Press release). FireEye. 2012-10-17. Retrieved 2012-12-04. 
  31. ^ "FireEye Honored with Three Stevie Awards at 2012 American Business Awards" (Press release). FireEye. 2012-09-19. Retrieved 2012-12-04. 
  32. ^ "FireEye Wins TiE50 2012 Award" (Press release). FireEye. 2012-05-12. Retrieved 2012-07-18. 
  33. ^ "FireEye Named Winner in Info Security Products Guide Awards 2012" (Press release). FireEye. 2012-03-13. Retrieved 2012-12-04. 
  34. ^ "FireEye Announces Next-Generation Email Security Appliances Using Signature-less Malware Protection Engine To Stop Spear Phishing Attacks" (Press release). FireEye. 2011-02-14. Retrieved 2012-12-04. 
  35. ^ "FireEye Wins Interop Tokyo Best of Show Award For Email Malware Protection System" (Press release). FireEye. 2012-06-19. Retrieved 2012-12-04. 
  36. ^ "FireEye Announces the File Malware Protection System to Detect and Eliminate Malware Resident on File Shares" (Press release). FireEye. 2012-02-27. Retrieved 2012-12-04. 
  37. ^ Keizer, Gregg (November 26, 2008). "Massive botnet returns from the dead, starts spamming". Computerworld. Retrieved 2009-11-30. 
  38. ^ Kiriyama, George (November 11, 2008). "SJ-Based Spammer Unplugged". NBC 11 KNTV. Retrieved 2009-11-30. 
  39. ^ Cheng, Jacqui (November 11, 2009). "Researchers' well-aimed stone takes down Goliath botnet". Ars Technica. Retrieved 2009-11-30. 
  40. ^ Kirk, Jeremy (November 17, 2009). "Shadowserver to take over as Mega-D botnet herder". Network World. Retrieved 2009-11-30. 
  41. ^ Krebs, Brian (March 20, 2009). "Antivirus2009 Holds Victim's Documents for Ransom". Washington Post. Retrieved 2009-11-30. 
  42. ^ Hooper, Adam (March 27, 2009). "Computer hacking causes potential problems". NBC 7 KPLC. Retrieved 2009-11-30. 
  43. ^ "Filefix free Web service". FireEye. Retrieved 2009-11-30. 
  44. ^ Hickins, Michael (2011-03-17). "Prolific Spam Network Is Unplugged". Wall Street Journal. Retrieved 2011-03-17. 
  45. ^ a b Williams, Jeff. "Operation b107 - Rustock Botnet Takedown". Retrieved 2011-03-27. 
  46. ^ Bright, Peter. "How Operation b107 decapitated the Rustock botnet". Ars Technica. Retrieved 2011-03-27. 
  47. ^ Wingfield, Nick (2011-03-18). "Spam Network Shut Down". Wall Street Journal. Retrieved 2011-03-18. 
  48. ^ "FireEye Blog | Threat Research, Analysis, and Mitigation". Retrieved 2014-04-12. 
  49. ^ Steve Ragan (2012-07-17). "Dutch Police Takedown C&Cs Used by Grum Botnet". Security Week. Retrieved 2012-07-17. 

External links[edit]