ForgeRock Blog

ForgeRock and FireEye: Breaking Down Barriers to Security

We live in the “Age of the Hack” where malicious attacks are becoming more and more prevalent.  As a result, companies are at greater risk than ever of experiencing a breach, doing significant damage to brand reputation. (Just ask Sony!)

As the volume of threats increases on a global basis, it’s increasingly imperative that threat detection systems not only handle real-time discovery of an attack, but also communicate with identity and access management platforms to lock down access when an attack is underway. Thus, ForgeRock and FireEye are extremely proud to announce the integration of the ForgeRock Identity Platform™  with the FireEye® Threat Analytics Platform (TAP)™ .

This announcement is significant for the industry and our customers because ForgeRock and FireEye are breaking down barriers between network security and identity and access management, working together to collaborate on a fully integrated security solution.

In most enterprises, the IT teams that handle security at the perimeter and the teams that handle network security are separate and rarely communicate.  Unsurprisingly, the technologies they deploy also do not communicate.   This fragmented approach to cyber security leaves inherent gaps and weaknesses that are ripe for malicious attack.  With this partnership and product integration, FireEye and ForgeRock address these gaps, charting new approaches to cyber security. To hear more from FireEye and ForgeRock, register for the joint webinar.

When FireEye TAP, a cloud-based security incident detection and response management platform, combines with ForgeRock’s real-time intelligence on end-users, the integrated solution allows organizations to make timely security decisions based on location, IP address, time of day, known device and other context clues, providing a more comprehensive picture of when and how advanced attackers are targeting an organization. Actionable intelligence is prioritized according to risk, enabling organizations to more quickly detect advanced attacks and insider threats, and as a result, stop incidents before they become widespread. Find out more about how it works here.

This is important because most cyber security threats stem from compromised credentials such as stolen passwords.  This means that merely relying on a user’s password isn’t sufficient; security needs to too look for clues that indicate that someone other than the password owner is using this credential.  For example, FireEye recently disclosed an advanced threat group called FIN4 that relied exclusively on compromised credentials to break into US companies with the intent of stealing confidential information that could be used to gain an advantage in the stock market.

Armed with the FireEye and ForgeRock integration, security teams would have been better able to identify the type of attacks that FIN4 executed (compromised credentials), and could have helped keep confidential information from being used to manipulate the stock market.

At core, our new partnership with FireEye is further evidence of the importance of identity at the center of everything online–security included!