All FireEye Malware Protection Systems feature dynamic, real-time analysis for advanced malware using our patent-pending, multi-phase Virtual Execution (VX) engine. The VX engine captures and confirms zero-day and targeted APT attacks by detonating suspicious files, Web objects, and email attachments within instrumented virtual machine environments.
KEY TECHNOLOGY FEATURES:
- Actively analyzes unknown code and suspicious Web objects – Tests with a range of browsers, plug-ins, applications and operating environments, looking for any sign of unusual activity and any attempt to exploit a vulnerability. Confirms and blocks zero-day and targeted APT attacks utilizing malicious image, PDF, or Flash files.
- Proprietary virtualization technology – The VX engine analyzes and confirms true, zero-day malware, such as Trojans, targeted attacks, bots, VM-aware malware, and advanced, persistent threats
- Multi-stage inspection and blocking engine – Stops known and zero-day attacks while simultaneously eliminating false positives. The multi-stage inspection process unifies virtualization and network security to accurately block advanced malware that are used to penetrate networks and steal resources and sensitive data
Newly discovered malware is installed and executed to completion within the FireEye VX engine so that malware file locations, new registry keys, corrupted DLL's, etc. are all tracked in addition to outbound callback destinations. Now, analysis of polymorphic malware can be reliably automated to create dynamic blocking of inbound zero-day attacks and its outbound transmissions. Local zero-day malware intelligence is dynamically-generated by each VX engine to provide real-time malware forensics used to protect the local network. This analysis can be shared globally through the Malware Protection Cloud (MPC) network for use by all subscribers to stop inbound attacks and outbound data and resource thefts.