FireEye's DeWalt: 10 Ways Channel Could Transform Threat Detection

DeWalt: Firewall, IPS Sandboxing Competitors Limited

Firewall and intrusion prevention system vendors add sandboxing capabilities using virtual machine sandboxes, but they miss important communications protocols widely used by attackers, DeWalt said. An appliance that specializes on one protocol often can't read network traffic on another protocol. Attackers take advantage of this by sending multiprotocol attacks. Spearphishing attacks via an email message and malicious web link have been wildly successful and at the core of many data breaches, say security experts. DeWalt said FireEye can cut across protocols. "I see this technology commoditizing the last generation of detection engines," DeWalt said. "Virtual machines, especially hardened hypervisors, are the next-generation engines that are commoditizing the previous versions."

Get a roundup of CRN's security coverage right to your inbox with the Security Advisor newsletter.