Trellix
| File:FireEye, Inc. logo.png | |
| Company type | Privately owned |
|---|---|
| Industry | Computer security |
| Founded | 2004 |
| Founder | Ashar Aziz |
| Headquarters | Milpitas, California, United States |
Key people | Ashar Aziz (CEO, CTO, & Founder), Bahman Mahbod (VP of Engineering and Security Research), Stuart Staniford (Chief Scientist), Zane Taylor (VP of Customer Care and IT), Jeffrey Williams (VP of Worldwide Sales & Business Development), Alex Menea (VP of Manufacturing Operations) |
| Products | Network security products |
Number of employees | 100+ (2011) |
| Website | FireEye.com |
FireEye is a Milpitas, California-based network security company that provides dynamic malware protection and automated threat forensics. Its main product line is the Malware Protection System with versions for Web security, Email security, and Malware Analysis researchers.
History
FireEye was founded in 2004 by Ashar Aziz, an engineer from Sun Microsystems, with venture capital provided by Sequoia Capital.[1]
FireEye is privately owned and its major investors include Sequoia Capital, Norwest Venture Partners, JAFCO Ventures, SVB Capital, DAG Ventures, Juniper Networks, and In-Q-Tel.[2] FireEye customers include Canaras Capital,[3] San Francisco State University, Santa Barbara City College, and Connecticut College.[4]
The company has been involved with dismantling cyber criminal infrastructure, such as McColo, and botnets[5] (including taking them offline) as well as publishing papers in the field. It was launched in 2006[6] and released its latest version of the appliance in May, 2010[7]
FireEye's "Malware Intelligence Lab" is an industry security blog covering the latest trends in cybercrime, Web 2.0 attacks, Advanced Persistent Threats (APTs), and malware.[8]
Cyber actions
2011
On March 16, 2011, the Rustock botnet was taken down through what was initially reported as a coordinated effort by Internet service providers and software vendors.[9] It was revealed the next day that the take-down, called Operation b107,[10][11] was the action of Microsoft, US federal law enforcement agents, FireEye, and the University of Washington.[12][13]
2009
In October/November 2009, FireEye participated in an effort to take down the Mega-D botnet (also known as Ozdok.)[14] Beginning with public disclosures on their blog, they then issued abuse notifications to the ISPs being used as hosts. Then, they worked with numerous domain registrars take down the primary CnC domains. The researchers also registered a number of domains that were hard-coded Mega-D CnC domains but were unregistered. This final move gave FireEye control of the botnet, which they pointed to a sinkhole server and subsequently re-routed to Shadowserver.[15]
In March, 2009, FireEye helped victims of MS Antivirus, also known as Antivirus2009, that encrypted users' files. A new version of scareware from the Antivirus2009 family tricked users using a fake Windows alert pop-up that files in the "My Documents" folder are corrupt. In fact, the scareware program actually encrypted the user's files, and then directs the victim to an extortion Web site where users pay a ransom to get a program called "FileFixerPro" to fix the "corrupt" files. FireEye offered a free Web service to decrypt files for users locked out of their own documents.[16][17][18]
2008
FireEye was closely involved in the forensic investigation of and effort to defeat the Srizbi botnet in 2008.[19][20]
References
- ^ Mitra, Sramana (January 29, 2009). "Barriers To Innovation". Forbes. Retrieved 2009-11-30.
- ^ Hoover, J.Nicholas (November 19, 2009). "In-Q-Tel Joins Forces With FireEye To Fight Cyberthreats". DarkReading. Retrieved 2009-11-30.
- ^ Gage, Deborah (November 30, 2007). "Simulate Traffic, Find Botnets". Baseline (magazine). Retrieved 2009-11-30.
- ^ Schaffhauser, Dian (March 27, 2009). "3 Institutions Deploy FireEye Appliances To Battle Breaches". Campus Technology. Retrieved 2009-11-30.
- ^ Markoff, John (2008-12-06). "Thieves Winning Online War, Maybe Even in Your Computer". The New York Times. Retrieved 2010-10-18.
- ^ Messmer, Ellen (2006-05-02). "Start-up FireEye debuts with virtual-machine security approach". NetworkWorld. Retrieved 2010-10-18.
- ^ Brenner, Bill (2010-05-05). "FireEye vows to expose 'truth' behind modern malware". CSO Magazine. Retrieved 2010-10-18.
- ^ "FireEye Blog". FireEye, Inc. Retrieved 2011-08-04.
- ^ Hickins, Michael (2011-03-17). "Prolific Spam Network Is Unplugged". Wall Street Journal. Retrieved 2011-03-17.
- ^ Williams, Jeff. "Operation b107 - Rustock Botnet Takedown". Retrieved 2011-03-27.
- ^ Bright, Peter. "How Operation b107 decapitated the Rustock botnet". Ars Technica. Retrieved 2011-03-27.
- ^ Wingfield, Nick (2011-03-18). "Spam Network Shut Down". Wall Street Journal. Retrieved 2011-03-18.
- ^ Williams, Jeff. "Operation b107 - Rustock Botnet Takedown". Retrieved 2011-04-06.
- ^ Cheng, Jacqui (November 11, 2009). "Researchers' well-aimed stone takes down Goliath botnet". Ars Technica. Retrieved 2009-11-30.
- ^ Kirk, Jeremy (November 17, 2009). "Shadowserver to take over as Mega-D botnet herder". Network World. Retrieved 2009-11-30.
- ^ Krebs, Brian (March 20, 2009). "Antivirus2009 Holds Victim's Documents for Ransom". Washington Post. Retrieved 2009-11-30.
- ^ Hooper, Adam (March 27, 2009). "Computer hacking causes potential problems". NBC 7 KPLC. Retrieved 2009-11-30.
- ^ "Filefix free Web service". FireEye, Inc. Retrieved 2009-11-30.
- ^ Keizer, Gregg (November 26, 2008). "Massive botnet returns from the dead, starts spamming". Computerworld. Retrieved 2009-11-30.
- ^ Kiriyama, George (November 11, 2008). "SJ-Based Spammer Unplugged". NBC 11 KNTV. Retrieved 2009-11-30.