Security Program Controls/Technologies, Channel partners, Content

FireEye Introduces Threat Intelligence, Hunting Virtual Machine

FireEye has announced ThreatPursuit Virtual Machine (VM), an open-sourced Windows-based distribution focused on threat hunting and intelligence.

ThreatPursuit VM uses Boxstarter, Chocolatey and MyGet packages to install software that supports threat hunters and intelligence analysts, FireEye noted. It provides access to various threat hunting and intelligence tools, including:

  • Analytics
  • Statistics
  • Visualizations
  • Malware triage
  • Threat modeling

Threat hunters and intelligence analysts can use ThreatPursuit VM to assess security data and identify, study and triage previously undiscovered or emerging threats, according to FireEye. That way, they can gain security insights and find ways to optimize their threat detection mechanisms and response.

What Does ThreatPursuit VM Offer?

ThreatPursuit VM empowers threat hunters and intelligence analysts to:

  • Perform hunting activities or missions
  • Create adversarial playbooks
  • Evaluate forensic artifacts and elements
  • Emulate offensive security techniques
  • Gain situational awareness via intelligence sharing and reporting
  • Applied data science techniques and visualize security data
  • Leverage open intelligence sources to retrieve security insights

ThreatPursuit VM is now available, and FireEye recommends it be installed in a VM.

FireEye Launches SaaS Threat Intelligence Platform

Along with introducing ThreatPursuit VM, FireEye last month released Mandiant Advantage: Threat Intelligence, a SaaS platform that provides security data and insights into cyber threats from around the world.

Mandiant Advantage empowers security teams with breach data as threats emerge, according to FireEye. As such, it enables these teams to augment and automate their security activities.

In addition, Mandiant Advantage allows security teams to prioritize vulnerabilities and monitor the dark web, FireEye indicated. It also helps these teams generate insights that they can use to make informed security investments.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.