Enricher Module

The Enricher Module for FireEye Endpoint Security allows MD5 data to be automatically submitted to FireEye’s intelligence for verification on Endpoint Security alerts and unique process launches. Verification through FireEye intelligence on the file is then added into an existing alert. If FireEye intelligence does not have any data about the file, then an additional option to automatically submit the binary to your local AX, VX or Detection on Demand subscription for an MVX analysis is available. After the MVX analysis is completed, an OS change report is then returned. Enricher is also used for additional validation on Real Time Indicator alerts, where detected binaries can be automatically submitted for further evaluation through the AX, VX or Detection On Demand subscription and an OS change report returned into the alert. All data submitted to the Enricher will be displayed in a user interface within your Endpoint Security console, so results can be filtered.

Enricher can be used without an AX, VX or Detection On Demand subscription as MD5 information will still be evaluated through FireEye’s intelligence repository.

This general availability release of Enricher is supported on Endpoint Security 5.0.2.

Note: Enricher 1.4.2 will NOT work on Endpoint Security 5.0.1 or lower.

Authentication RequiredDownloading this app requires a FireEye subscription to use and is only accessible for FireEye users with an active FireEye Support account. If you already have an account, please . Otherwise, please Request Support Access or Contact Sales to learn more about becoming a FireEye customer.


Supported By:FireEye
Resources:Enricher Module User Guide
Enricher Module Release Notes

Module Info

Last Updated:December 16, 2020
Requirements:FireEye Endpoint Security 5.0.2
Size:27.59 MB

Similar Apps

Endpoint Security Module
Endpoint Security Module
Endpoint Security Module
Endpoint Security Module