FireEye Managed Defense
A Real-Time Global Exchange of Threat Data Helps Preempt Emerging, Zero-Day Attacks
In today's threat landscape, organizations are routinely targeted by sophisticated and well-funded attackers. When it comes to threat protection, FireEye helps you focus on what matters, what you need to do to quickly contain the threat, and how to immediately pivot to incident response when needed. Managed Defense brings together all of the expertise, intelligence, and technology required to monitor threats, find attackers at any stage of an attack, and respond aggressively before they complete their mission.
FireEye Managed Defense is a subscription-based service that offers continuous threat protection to help enhance your security team. Managed Defense extends the value of the FireEye Security Platform with 24x7 expertise and monitoring from FireEye expert analysts. Beyond alerts, receive tailored guidance about the threats that matter the most to your business. Find out who is behind the threat, what needs to happen to contain it, and how you should respond. Managed Defense provides a range of subscription services that complement a customer’s security operations with lean-forward capabilities. Available in three tiers of engagement, Managed Defense enables you to align the chosen service(s) with your team’s skills and risk tolerance.
To help scale your security team FireEye constantly monitors subscribed systems for threats and informs you when alerts require follow up. Not only do you have a second set of eyes making sure nothing slips by, our expert analysts deliver context and guidance around the threats in your environment. With Continuous Monitoring, you will receive FireEye Cybercon reports that warn you of advanced persistent threat (APT) campaigns and zero-day attacks. This service ensures that your FireEye deployment is configured and operating to maximum efficacy.
Accelerate your response with expert analysts from FireEye that evaluate and triage alerts. By investigating network traffic and analyzing live response data collected from endpoints, this service delivers detailed compromise reports that provide definitive recommendations for each confirmed threat. In addition, Continuous Protection automatically contains compromised devices on or off your network, and can pivot to incident response as needed.
Actively pursue adversaries in your network with expert analysts that use capabilities beyond what technology can offer. Expert analysts and incident responders use advanced analytical techniques based on a deep understanding of attacker tactics, techniques, and procedures (TTPs) to find attackers hiding on your network. FireEye extends their exceptional insight into threat actors and their modus operandi based on extensive intelligence research and over 100,000 hours of incident response activity annually to your security team and infrastructure. This service brings this knowledge to bear in the form of intelligence reports that helps your organization understand its position in the threat landscape.
FireEye Managed Defense Sample Reports
Features and Benefits:
FireEye® Managed Defense combines 24x7 continuous monitoring with intelligence, advice, and context about today’s advanced threats. Find out who is attacking you, why, and what you need to do to quickly contain the incident and pivot to incident response when necessary. Managed Defense provides three subscription levels so you can appropriately supplement your team’s skills and risk tolerance.
- Improves threat protection and enhances the value of the FireEye Platform with 24x7 expertise from FireEye analysts
- Identifies who is attacking you, what their intention is, and how you should respond
- Assesses the risk of each attack and rapidly contains compromised devices FireEye® Managed Defense combines 24x7 continuous monitoring with intelligence, advice, and context about today’s advanced threats. Find out who is attacking you, why, and what you need to do to quickly contain the incident and pivot to incident response when necessary. Managed Defense provides three subscription levels so you can appropriately supplement your team’s skills and risk tolerance.
- Offers three service levels to align with your team’s skills and risk tolerance
- Provides Global Security Operations Centers for follow-the-sun service
|Continuous Monitoring||Continuous Protection||Continuous Vigilance|
|Proactive APT and Zero-Day Alerts|
|System Health Monitoring|
|On-Demand “Live Response”|
|Incident Response and Containment|
|Proactive Hunting for Adversaries|
|Advanced Investigative Techniques|
|Attacker Context and Risk Assessment|
Proactive APT and Zero-Day Alerts—when FireEye detects an APT and/or a zero-day attack, our analysts provide a proactive notification with intelligence context so you can follow up on this attack as soon as possible.
Intelligence Reporting—subscribers receive monthly reports and alerts about emerging industry-specific threats. The FireEye Cybercon™ report communicates the risk severity and alerts subscribers to heightened industry- or region-specific risks.
System Health Monitoring—for continuous assurance, customers receive proactive notifications of potential issues that could compromise detection efficacy for all subscribed systems.
Analyst Investigation—the FireEye team of expert analysts evaluate detected attacks 24x7. When a potential compromise is detected, the team performs an in-depth analysis on affected systems to confirm the attack and delivers detailed reporting with actionable recommendations for threat protection.
On-Demand “Live Response”—FireEye analysts leverage system and network forensics on live systems to investigate, classify, and analyze the risk in real time. Information on what exactly happened and recommendations on how to contain the threat is immediately provided.
Incident Response and Containment—FireEye provides validated compromise reports with technical advice, contextual intelligence, and the ability to automatically contain compromised devices. In addition, the service will automatically pivot to incident response and remediation support at no additional cost for most incidents.
Proactive Hunting for Adversaries—based on the latest intelligence about attacker tactics, techniques, and procedures (TTPs), expert analysts and forensics specialists proactively hunt for signs of compromise and investigate your systems for attackers on your network.
Advanced Investigative Techniques—FireEye analysts use proprietary technologies and methodologies to investigate system artifacts, perform full-packet capture, conduct netflow analysis, and reverse-engineer malware to detect indicators of compromise (IOC).
Attacker Context and Risk Assessment—gain deeper insights by leveraging exceptional insight into threat actor tactics, modus operandi, and geo-political context gleaned from front-line incident response work, extensive intelligence research, and 100,000+ hours of incident response activity every year.
Download the FireEye Managed Defense Datasheet (PDF).