








FireEye Announces Availability of Splunk for FireEye, a New Application to Enable Customers to Further Consolidate and Correlat
Published in Science and Technology on Thursday, September 13th 2012 at 5:16 GMT by Market Wire

September 13, 2012 08:00 ET
FireEye Announces Availability of Splunk for FireEye, a New Application to Enable Customers to Further Consolidate and Correlate Analytics on Cyber Attacks
Application Gives Businesses Long-Term Trending and Analytics With FireEye Data
MILPITAS, CA--(Marketwire - Sep 13, 2012) - [ FireEye®, Inc. ], the leader in stopping advanced cyber attacks, and [ Splunk Inc. ] (
With this application, Splunk Enterprise provides real-time continuous monitoring and trending of FireEye customer data, along with support for real-time alerting. This allows users to visualize and express long-term trends that aid with the prioritization of incident response activities, as well as set and monitor key performance metrics.
"With our next-generation threat protection, critical information gleaned from our appliance is crucial for security professionals to make informed decisions," said Ashar Aziz, FireEye founder and CEO. "This application is a win for our joint customers by saving them time and increasing their visibility into their security operations."
"Enterprises demand tools that give them insight into events as they occur. FireEye is a leader in providing dynamic analysis and blocking of zero-day attacks," said Bill Gaylord, senior vice president of business development at Splunk. "There is an incredible amount of security data generated by FireEye's products that companies can use to improve their security posture. Splunk software can ingest a comprehensive analysis of malware to ultimately provide security professionals the ability to correlate this data with other activity in their environment to proactively monitor for and detect these elusive threats."
The Splunk for FireEye application provides comprehensive reports for monitoring malware distribution and callbacks, infection types over time, and the number of infected systems. Included in the reports are dashboards that show the number of inbound infections by host IP over time and the number of callbacks over time by malware name. Users are able to examine a discovered piece of malware in a number of ways, including:
- Malware: provides an overview of a specific piece of malware including its name, number of callbacks, source and destination, and port and protocol used.
- Transactions: provides a view of each of the callbacks as a transaction, identifying the source and destination, the severity, and the infection source port.
- C2 (callback information): includes HTTP (layer-7) information along with the URI, HTTP version, user agent (browser version), and the action (GET or POST).
- Trends: provides an "over-time" graphical view of communication (ports and IPs) between the malware and its C2 destination.
- Correlation: passes the time of a particular malware activity to Splunk, which launches a search for other activities happening at that same time.
Visit [ www.fireeye.com ] for more information on FireEye next-generation threat protection.
About FireEye, Inc.
FireEye is the [ leader in stopping advanced cyber attacks ] that use advanced malware, zero-day exploits, and APT tactics. The [ FireEye solutions ] supplement traditional and next-generation firewalls, IPS, anti-virus, and gateways, which cannot stop advanced threats, leaving security holes in networks. FireEye offers the industry's only solution that detects and blocks attacks across both Web and email threat vectors as well as latent malware resident on file shares. It addresses all stages of an attack lifecycle with a signature-less engine utilizing stateful attack analysis to detect zero-day threats. Based in Milpitas, California, FireEye is backed by premier financial partners including Sequoia Capital, Norwest Venture Partners, and Juniper Networks.
About Splunk Inc.
[ Splunk Inc. ] (
FireEye is a registered trademark of FireEye, Inc. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.