McAfee is integrating FireEye Helix with AWS' Inspector cloud security tool, to allow companies to more easily apply behavior analysis and machine learning techniques to risk detection for cloud workload data. Credit: CIS McAfee Enterprise and FireEye have integrated FireEye Helix with Amazon Web Services’ Inspector cloud security tool, in a move to offer behavior analysis and machine learning risk-analysis capabilities for enterprises running AWS cloud workloads.McAfee and FireEye have also announced that they are joining the AWS independent software vendor (ISV) Workload Migration Program (WMP). Symphony Technology Group (STG) completed the acquisition of FireEye in October 2021, and then combined FireEye with the enterprise business of McAfee, which had been previously acquired in July 2021.FireEye Helix enhances risk analysis for AWSFireEye Helix is a SaaS-based security operations platform developed on AWS for risk detection and response. FireEye Helix automatically ingests and processes Amazon Inspector EC2 and ECR vulnerability data from the user’s AWS infrastructure, correlating this information with data from hundreds of different security and business applications. FireEye Helix applies machine learning and behavior analysis to produce risks scores for compromised users and vulnerable infrastructure. The integration with AWS Inspector, which scans Amazon cloud workloads for software vulnerabilities and unintended network exposure, is intended to allow companies to replace and eliminate the overhead of separate, on-premises SIEM (security information and event management) or SOAR (security orchestration, automation and response) applications. “The integration with Amazon Inspector will give security professionals visibility within Helix into vulnerabilities on AWS workloads,” according to Forrester analyst Allie Mellen. “Enterprises are moving to the cloud — and because of this shift, security professionals need to adapt.”Having visibility into vulnerabilities on cloud workloads is important to protect business data, Mellen said. “For AWS customers, this will benefit those using both AWS and FireEye Helix, as they can use the two together to monitor for vulnerabilities in AWS workloads in the same place they likely perform much of the incident response lifecycle already,” Mellen added.FireEye’s integration with Amazon Inspector follows a series of previous FireEye-Amazon integrations including those with Amazon CloudWatch, Amazon VPC Flow Logs, Amazon Security Hub, AWS CloudTrail, AWS Network Firewall, Amazon GuardDuty, Amazon Simple Storage Service (Amazon 53) and Amazon Route 53. FireEye applications offered on AWS MarketplaceFireEye’s complete software as a service (SaaS) security suite is now available on AWS Marketplace. In addition to the integration of FireEye Helix with Amazon Inspector, Helix is also available separately on the marketplace.Other FireEye applications available on the marketplace include FireEye Endpoint Security, an endpoint detection and response program; FireEye Email Security, designed to stop phishing attacks; FireEye Detection on Demand, which protects files and detects threats, such as ransomware, in Amazon S3 buckets; and CloudVisory, a visibility tool designed to support compliance and governance, reducing the risk of attacks exploiting misconfigurations.McAfee and FireEye join ISV programMcAfee and FireEye also announced that they have joined the AWS ISV Workload Migration Program (WMP), which helps customers migrate ISV workloads to AWS. WMP works with AWS partners to create a repeatable migration process and methodology for their AWS offering.The program is designed to facilitate customer migration to AWS SaaS, PaaS and IaaS security products by providing funding, technology enablement and go-to-market support. Related content feature Looking outside: How to protect against non-Windows network vulnerabilities Security administrators who work in Windows-based environments should heed the lessons inherent in recent vulnerability reports. By Susan Bradley Apr 25, 2024 7 mins Windows Security Network Security Security Practices brandpost Sponsored by Palo Alto Networks Cloud security teams: What to know as M&A activity rebounds in 2024 Direct visibility is critical in M&A, and cloud-native application protection platforms (CNAPP) are ideal to provide this capability. By Amol Mathur, SVP & GM of Prisma Cloud, Palo Alto Networks Apr 25, 2024 4 mins Cloud Security news Salt Security adds defense against OAuth attacks The new offering is designed to mitigate vulnerabilities and misconfigurations associated with the open authentication (OAuth) authorization framework. By Shweta Sharma Apr 25, 2024 3 mins Authentication Security Software news Cisco urges immediate software upgrade after state-sponsored attack Hackers exploited previously undetected vulnerabilities in Cisco’s Adaptive Security Appliances — a product that combines multiple cybersecurity functions. By Prasanth Aby Thomas Apr 25, 2024 3 mins Vulnerabilities PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe