Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Sourcefire expands malware protection with new incident services

Veronica C. Silva | Jan. 18, 2013
Sourcefire’s services complement its malware protection solutions to bring best practices and methodologies to minimise potential cyber threats.

To better prepare organisations against potential malware threat, cyber security solutions provider Sourcefire recently introduced a new professional services offering that includes an incident response component.

Sourcefire, Inc. said its new Incident Response Professional Services can help organisations respond promptly and intelligently to advanced malware challenges by integrating incident response best practices with Sourcefire's cyber security solutions.

The new professional services banks on the track record of its Incident Response Team in providing the most appropriate techniques, methodology and knowledge regarding behaviours of malicious code. Hence, the team is expected to help its customer make effective decisions in all phases of a malware attack.

Sourcefire said the specific services include incident investigation to determine the methods of attack employed by the attacker throughout the course of the incident; countermeasure development to detect and stop attacks; assistance in deploying countermeasures according to best practices; and validation of countermeasure effectiveness and recalibration as needed to ensure ongoing protection.

Jon Oltsik, senior principal analyst, Enterprise Strategy Group (ESG), a market analysis firm, said that aside from having advanced malware detection and prevention, large organisations must also have "effective and efficient incident response policies, processes and metrics."


"Many security solutions were designed for advanced malware detection and blocking alone, and lack the intelligence and integration necessary for incident detection and response," Oltsik said. However, he singled out Sourcefire as the company with the "notable exception of products and services".

The Sourcefire Incident Response Team uses Sourcefire's FirePOWER and FireAMP advanced malware protection with data analytics and intelligence capabilities to help customers diagnose, identify and remediate risks posed by cyber security threats.

The Sourcefire professional team can work with any organisation's IT security team to help mitigate risks from such threats.

"Advanced malware protection is not just about having the right technologies in place but also the right response when the technologies identify an event," said Jonathan Goldberger, vice president of professional services, Sourcefire. "Our incident response service helps our customers bridge the knowledge and experience gap so that they can take a more proactive stance to identifying, mitigating and eliminating risks using the intelligence from FireAMP and advanced malware protection for FirePOWER." 


Sign up for Computerworld eNewsletters.