FAQ: FireEye Helix

Version 5

    What is FireEye Helix?

     

    FireEye HELIX is an end-to-end detection and response platform designed by practitioners to simplify, integrate and automate your security operations.

     

     

    What is included with Helix?

     

    The Helix subscription includes access to:

    • Cloud-Based Unified Console with containment and automatic triage
    • Virtual Network Security Smart Nodes
    • Cloud-based Endpoint Security

     

    You can further enhance Helix by adding on:

    • FireEye iSight Intelligence
    • Integrated Email Security
    • FireEye as a Service

     

     

    What are the key features of FireEye Helix?

    • Network Security (NX): MVX-driven detection to identify threats that others miss
    • Endpoint security (HX): Endpoint visibility to protect against threats and exploits using intelligence, behavioral and investigative visibility
    • Console:

    Visibility:

      • Custom dashboards: visual tracking capabilities across the entire security environment
      • Role-based access control: role-based groups and granular permissions to access the console
      • Device and policy management: FireEye devices, endpoint configurations, policies, and health status management capabilities across the entire security environment

    Speed:

      • Workflow management: organization and collaboration through the investigative process in a single UI
      • Context: intelligence, alerts, host and user data coalescence to drive faster decisions
      • Analytics: facilitates discovery of hidden patterns and anomalies in data from existing security investments
      • Investigative tips: User guidance through the investigative process with recommended next steps
      • Investigative workbench: full index, archive, and search to support flexible pivoting and active hunting
      • Intelligence matching: iSIGHT intelligence and rules and latest intelligence from FireEye in existing alert and event data

    Costs:

      • Tool consolidation: integration of data and capabilities across the diverse security environment
      • Investment protection: as-a-Service model for security that regularly delivers new capabilities to solution subscribers without requiring additional CAPEX purchases as the security program evolves.
      • APIs: support for open and flexible APIs for integration with 3rd party products
      • Compliance: predefined or custom dashboards and widgets to visually aggregate, present and explore the most important information while meeting compliance requirements