June 10, 2014

Fidelis XPS Extends YARA-powered Capabilities to Enhance Real-time Malware Command and Control Prevention

General Dynamics Fidelis Cybersecurity Solutions' industry-leading implementation of technology enables organizations to quickly prevent and detect advanced threats across the entire threat lifecycle.

WALTHAM, Mass., June 10, 2014 /PRNewswire/ -- General Dynamics Fidelis Cybersecurity Solutions has expanded the capabilities of its flagship network security solution, Fidelis XPS(TM), by building on its unique application of YARA technology. Fidelis XPS' implementation of YARA technology now extends beyond the infiltration phase and into the command and control (C2) communication and lateral propagation phases, delivering a continuous response posture across the entire threat lifecycle.


General Dynamics Fidelis' use of the malware discovery and classification tool, traditionally used with static data, is an industry-first application of the technology for data-in-motion. Enabling both the real-time detection and prevention of malicious cyber activity, Fidelis XPS enables customers to quickly leverage existing, community-driven YARA intelligence to strengthen their security posture, while freeing time and resources for other cybersecurity initiatives.


    --  Copy, paste, protect(TM). Fidelis XPS provides an easy-to-use, intuitive
        user interface for implementing YARA rules quickly. This allows security
        analysts to immediately defend their enterprise with a simple copy and
    --  Find advanced threats. The Fidelis Threat Research Team uses the
        flexibility of YARA-powered malware detection to discover new advanced
        threats, while continuously sharing this knowledge with the entire
        Fidelis community via Fidelis Insight policy.
    --  Enhance situational awareness. Fidelis XPS augments YARA rules with
        situational awareness, applying context to the content, making the rule
        more intelligent and actionable. Due to the open nature of YARA, which
        allows analysts to collaborate and share rules, analysts can easily
        provide the added context with the security community as it happens,
        constantly refining and improving upon this collective intelligence.
    --  Detect malicious C2 communication. The capabilities of the Fidelis XPS
        YARA decoder has been expanded to detect and prevent malicious C2
        communication, including remote access trojan (RAT) communication, from
        exiting the enterprise in real-time.
    --  Analyze all network traffic. A key differentiator of Fidelis XPS is that
        it analyzes all network traffic, not simply portions (e.g., only mail
        and web), allowing it to identify strange, undocumented communications
        happening in real-time. With YARA, analysts are also able to quickly
        classify this malicious traffic and associate it with certain malware C2
    --  Detect, classify and prevent. By incorporating YARA, which is typically
        employed against data-at-rest, with the Deep Session Inspection, which
        is designed to operate on data-in-motion, Fidelis XPS offers
        extraordinary file detection, classification and control over objects
        entering the enterprise, crossing boundaries in the company and leaving
        the network. Moreover, these real-time capabilities allow Fidelis XPS to
        do so with the speed needed to prevent an attack.

According to Tom Lyons, vice president of product management for General Dynamics Fidelis Cybersecurity Solutions, "With today's advanced, intelligent and persistent adversaries, it's vital that an organization's defense is one step ahead. However, security analysts do not have the time or resources to do it all on their own, so they must look to the collective intelligence of the security community to strengthen their defenses. We are taking the benefits of YARA one step further by eliminating the time needed to translate rules, instead enabling them to be plugged directly into Fidelis XPS. Through our copy, paste, protect feature we are expanding the reach and effectiveness of the analyst team to immediately go on the offensive against today's threat actors."

Supporting Resources

    --  NSS Security Value Map and Breach Detection Test Results
    --  Targeted, Wire Speed YARA Analysis for Real Time Malware Prevention
    --  Fidelis XPS Power Tools: Network YARA Implementation Whitepaper
    --  Threat Geek

About General Dynamics Fidelis Cybersecurity Solutions

General Dynamics Fidelis Cybersecurity Solutions offers a comprehensive portfolio of products, services and expertise to combat today's sophisticated advanced threats and prevent data breaches. Our commercial enterprise and government customers around the globe can face advanced threats with confidence through use of our Network Defense and Forensics Services, delivered by a team of security professionals with decades of hands-on experience, and our award-winning Fidelis XPS Advanced Threat Defense products, which provide visibility and control over the entire threat lifecycle. To learn more about General Dynamics Fidelis Cybersecurity Solutions, please visit www.fidelissecurity.com.

General Dynamics Fidelis Cybersecurity Solutions is a part of General Dynamics Advanced Information Systems, a business unit of General Dynamics (NYSE: GD).

Logo - http://photos.prnewswire.com/prnh/20140428/81320

SOURCE General Dynamics Fidelis Cybersecurity Solutions