What is FireEye Helix?
FireEye HELIX is an intelligence-led security operations platform that makes it simple to deliver advanced security to any organization.
What are FireEye Helix’s key benefits?
Key benefits include:
- Expand Visibility:
- Prioritize threats hidden in existing alert volume by overlaying intelligence, rules and analytics onto existing alerts and event data from both FireEye solutions and the rest of your security infrastructure
- Accelerate Response:
- Respond to threats faster with automated workflows, pre-built playbooks, and best practices from Mandiant Security to quickly pivot from detection to remediation
- Simplify threat alert monitoring with a single console across major SOC use cases
- Enhance Existing Investments / Reduce Operational Costs:
- Streamline operations and reduce infrastructure and management cost to get the most out of existing but disconnected tools
- Make a log source more valuable with broad support for hundreds of solutions
- Prevent costly manual errors and maintain operational consistency with automated correlations
What is included with Helix?
The Helix subscription includes access to:
- Cloud-Based Unified Console with containment and automatic triage
- Virtual Network Security Smart Nodes
- Cloud-based Endpoint Security
You can further enhance Helix by adding on:
- FireEye iSight Intelligence
- Integrated Email Security
- FireEye as a Service
What are the key features of FireEye Helix?
- Custom dashboards: visual tracking capabilities across the entire security environment
- Role-based access control: role-based groups and granular permissions to access the console
- Device and policy management: FireEye devices, endpoint configurations, policies, and health status management capabilities across the entire security environment
- Workflow management: organization and collaboration through the investigative process in a single UI
- Context: intelligence, alerts, host and user data coalescence to drive faster decisions
- Analytics: facilitates discovery of hidden patterns and anomalies in data from existing security investments
- Investigative tips: User guidance through the investigative process with recommended next steps
- Orchestration: automated response with pre-built playbooks created by frontline practitioners
- Investigative workbench: full index, archive, and search to support flexible pivoting and active hunting
- Intelligence matching: Threat intelligence and rules and latest intelligence from FireEye in existing alert and event data
- Tool consolidation: integration of data and capabilities across the diverse security environment
- Investment protection: as-a-Service model for security that regularly delivers new capabilities to solution subscribers without requiring additional CAPEX purchases as the security program evolves.
- APIs: support for open and flexible APIs for integration with 3rd party products
- Compliance: predefined or custom dashboards and widgets to visually aggregate, present and explore the most important information while meeting compliance requirements