The FireEye Email Malware Protection System (MPS) combats advanced malware, zero-day and targeted APT attacks that aggressively evade signature-based defenses and compromise a majority of corporate networks. Targeted email attacks known as spear phishing have soared in popularity with the availability of user-specific information on social networks and other Internet resources. With a name, a title, and a few personal details about travel or business activities, a criminal can craft an email any user will click. Add a bogus URL or a PDF attachment with zero-day malware, and the criminal quickly collects control of a privileged system and user accounts.
To combat spear phishing, the FireEye Email Malware Protection System provides zero-day analysis of each email and accurate quarantine of malicious attachments. It goes beyond known signatures and blacklisted URLs to detonate suspicious attachments in a full-featured virtual execution environment. Used with the FireEye Web Malware Protection System, organizations can dynamically analyze links in email and block threats that blend Web and email techniques.
- Starts protecting in just 30 minutes – Deploys as an MTA, SPAN device, or BCC destination, inline (block/monitor-mode) or out-of-band (monitor-only), and offers optional third party gateway antivirus
- Thorough analysis and quarantine in real time – Assesses email attachments and URLs with a range of browsers, plug-ins, applications and operating environments, looking for any sign of unusual activity and any attempt to exploit a vulnerability. Confirms and quarantines polymorphic and zero-day malware and targeted attacks including malicious image, PDF, and Flash files.
- Enhances existing email control infrastructure – Layers dynamic malware and attachment analysis behind the static signature-based detections of antispam and antivirus gateways
- Attack correlation across Web and email – Works with FireEye Web MPS and FireEye Central Management System (CMS) to shut down communications with URLs used in targeted spear phishing and blended attacks and trace Web-based attacks back to the original spear phishing email