FireEye has introduced FireEye Helix, a platform it says will simplify, integrate, and automate security operations for organisations of all sizes and industries. This intelligence-led platform unifies network, endpoint and third-party product visibility with FireEye iSIGHT Intelligence and Mandiant expertise.
FireEye Helix is designed to dramatically reduce the time, effort, and cost associated with managing low quality or false alerts from traditional security offerings like next generation firewalls, endpoint, and intrusion prevention systems. FireEye Helix launches with a limited early adopter program today, and will be generally available in late Q1 2017.
“After my more than two decades responding to many of the largest breaches in the world, it is clear that threats have evolved to actively exploit the detection and process failures in security operations that slow response,” said Kevin Mandia, CEO, FireEye. “FireEye Helix is a revolutionary approach that builds on our best in class detection solutions and investments in Mandiant, iSIGHT Partners, and Invotas, creating the first intelligence-led platform that enables simple, integrated, and automated security operations from the cloud or on-premise.”
“The business benefits of moving IT resources to the cloud – efficiency, agility and reduced costs – often overshadow the risks and unintended consequences that follow cloud adoption,” said Rob Ayoub, Research Director at IDC. “Therefore it becomes imperative businesses deploy advanced security solutions that provide flexible, agile, and distributive protection at a low cost.”
The security operations experience today is disjointed, with alerts generated across dozens of low fidelity products and siloed management consoles that lack the contextual intelligence needed to accelerate response via automation and orchestration. This causes IT and security leaders to spend more time on manual processes and infrastructure management, bottlenecks the business and leaves the organisation less secure.
FireEye Helix is announced to be engineered to deliver capabilities that reduce the time, effort, and cost associated with security operations by addressing three key areas of customer demand:
- Detection and alerts: Helix integrates FireEye’s award-winning MVX™ detection capabilities from FireEye Endpoint Security (HX) and Network Security (NX). Visibility is further enhanced with FireEye Helix integrating and analysing alerts from all third-party products within customer environments with FireEye iSIGHT Intelligence. In doing so, low quality or false positive alerts are removed; presenting only actionable information that speeds up response and ultimately increases the value of all security tools.
- Single user interface: A redesigned user experience – built by security analysts for security analysts – is designed to accurately correlate and prioritise threats for appropriate response. Customisable dashboards, search and reporting capabilities enable investigations as well as help with adhering to compliance regulations.
- Response with automation & orchestration: Built-in playbooks developed using over a decade of Mandiant experience can orchestrate and automate response and remediate threats in real-time. FireEye Helix can take action in minutes – not days, weeks, or months – lowering time to protection and freeing resources for more proactive advanced security practices.
FireEye Helix reportedly enables customers to take advantage of these benefits through the unification of Network Security (NX), Endpoint Security (HX), Threat Analytics Platform (TAP), Advanced Threat Intelligence (ATI) and FireEye Security Orchestrator (FSO).
In addition to these core capabilities, customers can subscribe to integrated, premium additions providing: