Ride the Lightning

Does FireEye Have a Black Eye?

September 14, 2015

Depends on who you ask, but there sure is an energetic debate. As WIRED reported last week, there was an unpleasant battle involving two security firms, FireEye and ERNW, based in Germany. ERNW disclosed in a blog post that FireEye had obtained a court injunction to prevent its researchers from publicly disclosing certain information about three vulnerabilities they had discovered in one of FireEye's security products.

FireEye had agreed that ERNW could disclose the vulnerabilities in a report they intended to publish and present at a conference, but objected to the amount of information the researchers planned to reveal – information that ERNW said was necessary to understand the context for the vulnerabilities. FireEye said it was proprietary source code and would have exposed its product and customers to risk.

ERNW understandably felt strong-armed by the legal threat. But if you read the article and FireEye's blog post on this matter, I'm not sure that FireEye earned the black eye that some researchers have given it. There is necessarily tension between revealing vulnerabilities and potentially giving away proprietary data that may do harm to the company and its customers.

It is important to note that FireEye did not object to the disclosure of the vulnerabilities themselves. Right or wrong, the spirited debate is a good thing – and one hopes that going to the courts is very much a last resort in sorting out how much data needs to be made public when security vulnerabilities are discovered.

E-mail:    Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
http://www.senseient.com
http://twitter.com/sharonnelsonesq
www.linkedin.com/in/sharondnelson