The Latest FireEye News
Product and Solution Information, Press Releases, Announcements
|FireEye Combines Next-Generation SIEM with Advanced Orchestration and Cloud Security in Helix Security Operations Platform|
|Posted: Wed Oct 03, 2018 09:32:32 AM|
Helix improves upon SIEM by combining security orchestration and cloud security with threat intelligence, case management, and compliance reporting
Washington D.C. – FireEye Cyber Defense Summit – Oct. 3, 2018 – FireEye, Inc. (NASDAQ: FEYE), the intelligence-led security company, today announced a new milestone release of FireEye® Helix™. With the new release, FireEye Helix moves toward automating security operations by combining integrated security information and event management (SIEM) capabilities with advanced security orchestration. Delivered via the cloud, FireEye Helix offers customers one central platform to detect threats, automate response, and simplify compliance reporting.
Also new, customers can now monitor their cloud infrastructure with FireEye Helix. This provides one dashboard for visibility and response capabilities across cloud platforms such as Amazon Web Services (AWS), Microsoft® Azure and Oracle® Cloud.
“Legacy SIEM tools have lost focus on detection and response. FireEye Helix brings true security back to SIEM,” said Paul Nguyen, VP of product strategy and product management at FireEye. “We’re on the frontlines of the cyberwar and to keep pace with the adversaries, we have to automate as much as possible and give analysts the intel to make smarter decisions at key points in the response. These insights and capabilities are built into Helix to close the gap from detection to resolution and mitigate the impact of an attack.”
Rapid Detection and Investigation
To protect against fast-moving threats, organizations need the right mix of technology, expertise and processes. FireEye Helix integrates customers’ disparate security tools into a single, automated security operations platform. By applying User Behavior Analytics (UBA), Helix surfaces threats missed by legacy tools and non-malware attacks. With integrated frontline threat intelligence, users have access to FireEye expertise and the context to improve threat awareness, and integrated case management and investigative workflow to empower all SOC processes from one interface.
Legacy SIEM vendors take a static rule approach to detection, often leaving customers with an excess of alerts and no adequate tools available to cloud users to respond to them. For organizations concerned about efficient response, the platform now applies pre-built playbooks, helping analysts minimize manual, repetitive and error-prone steps, such as alert validation or enrichment. These new orchestration capabilities of FireEye Helix encompass over 150 integrations and 400 playbooks, and let users create their own unique playbooks, and modify existing ones, allowing for greater flexibility and continuous improvement of security processes.
Centralized Visibility in the Cloud
Visibility and detection don’t end with the data stored on-premise. For organizations that are adopting cloud infrastructures, such as AWS, Microsoft Azure and Oracle Cloud, the cloud can be as vulnerable to attack as on-premise technology, but with fewer tools available to protect it. Poorly configured authentication, ineffective key management and unsecured APIs are just a few of the ways threat actors gain access to these infrastructures. FireEye Helix provides centralized visibility, configuration monitoring and user behavior analytics to detect advanced attacks both in the cloud and on-premise.
Over 150 Integrations and 400 Playbooks to Make Better Security Simpler
The combination of SIEM capabilities with advanced orchestration and cloud security makes FireEye Helix a compelling detection and response solution for a security operation of any complexity and scale. More notably, the new additions provide greater customer value with no changes to Helix’s pricing. With more than 300 plug-ins, the platform integrates with FireEye’s own and other companies’ security tools to bring FireEye’s leading frontline intelligence to data sent into the platform. The streamlined case management system is purpose built for security operators with a focus on displaying the right level of information to help organizations surface unseen threats and empower expert decisions.