Enricher Module

The Enricher Module for FireEye Endpoint Security allows MD5 data to be automatically submitted to FireEye’s intelligence for verification on Endpoint Security alerts and unique process launches. Verification through FireEye intelligence on the file is then added into an existing alert. If FireEye intelligence does not have any data about the file, then an additional option to automatically submit the binary to your local AX product for an MVX analysis is available. After the MVX analysis is completed, an OS change report is then returned. If the file is malicious, a new alert will appear in the Endpoint Security console labeled as PRO. Enricher is also used for additional validation on Real Time Indicator alerts, where detected binaries can be automatically submitted for further evaluation through the AX product and an OS change report returned into the alert. All data submitted to the Enricher will be displayed in a user interface within your Endpoint Security console, so results can be filtered.

Support for VX and Detection on Demand will available in a future release.

Enricher can be used without the Malware Analysis product as MD5 information will still be evaluated through FireEye’s intelligence repository.

As this is a tech preview module, the usual support SLAs don’t apply to the module. You can also provide feedback to the module team through the email listed below.

Authentication RequiredDownloading this app requires a FireEye subscription to use and is only accessible for FireEye users with an active FireEye Support account. If you already have an account, please . Otherwise, please Request Support Access or Contact Sales to learn more about becoming a FireEye customer.

Support

Developer:FireEye
Supported By:FireEye
Contact:Email
Resources:Module User Guide
FireEye Endpoint Security

Module Info

Version:1.1.11
Requirements:FireEye Endpoint Security Server 4.9+ and Agent 30+
Size:23.96 MB
MD5:9536968a2ce18b0420c0d15980efc4bf
SHA1:b93c1ecaaef94de707ec959d05b10c9ae67e8a63660c90fc224b517cf147a4b6
SHA256:b3a42cc10939acb90337d95faf40ff03e2f34964fdcb4e2d853709ab98602b6a

Similar Apps

Endpoint Security Module
Endpoint Security Module
Endpoint Security Module
Endpoint Security Module