Since detection rates are low, threats are getting through and as a result many enterprise don’t know how a threat got into a network or where it went. That’s where Sourcefire’s improved Network File Trajectory comes into play. Sourcefire first introduced file trajectory capabilities at the beginning of 2012 on its FireAMP malware device.
Going a step further, Sourcefire is now enabling Device Trajectory capabilities for FireAMP. This increases the ability to see file activity as it passes through a network.
Adding Depth to Malware Detection
“This allows you to drill very deeply into a device and determine the specifics of a malware infection,” Oliver Friedrichs, SVP of Cloud Technology and Strategy, at Sourcefire, told InternetNews.
Originally FireAMP offered a breadth-based approach to finding malware within an organization. As such, the system was able to pinpoint on which devices malware resided. With the device trajectory, Sourcefire has added a depth-based approach that enables enterprise admins to find malware within a given device in a very specific manner. The system is able to identify which application or action introduced the malware in the first place.