We would like to bring you up to date on the UCSB deployment of FireEye Endpoint Security, advanced endpoint detection and response (EDR).  FireEye ES is a powerful tool being deployed across the UC system to address more advanced threats posed to client devices.  The Security Operations Center (SOC) and our colleagues in various units have deployed over 4,300 agents across campus and responded to over 2,800 alerts.  There have been over 2000 agents deployed over the last 100 days alone.  We plan to complete UCSB’s deployment before the end of the 2022/23 fiscal year.  It is essential to understand that ETS will no longer purchase or provide Sophos licenses after May 2023.  

You can learn more about the FireEye Endpoint Service here:
●       FireEye Endpoint Security - Service FAQ
To help in this deployment process, we have added some informational articles to our knowledge base in ServiceNow.  You can find additional resources for multiple subjects concerning this initiative within this ServiceNow knowledge base:
●       FireEye Endpoint Security Knowledge Base
If your department has not already migrated, we recommend that you start planning for it now to ensure that you are not left without advanced malware protection.  Departments can begin the onboarding process here:
●       FireEye Endpoint Departmental Onboarding Request
The FireEye Endpoint Security deployment is an important campus initiative.  This product provides advanced, multi-level protection against complex malware, including ransomware and wiper malware.  If you have any questions or concerns, please reach out to Kip Bates, our Associate Chief Information Security Officer, at kip.bates@ucsb.edu
If you are intrigued, you can read more about the UC Office of the President Threat Detection and Identification initiative here:
●       UCOP Threat Detection and Identification