FireEye as a Service Datasheet

Extend your security program operations with industry-leading expertise, threat intelligence and technology

Today’s security threats are increasingly sophisticated in the ways they target, attack and infiltrate organizations to steal their core assets. Technology alone will not defeat a determined attacker. And it’s difficult and costly to hire, train and retain security experts. You need a trusted partner to monitor your network and systems around the clock with an advanced technology platform and the latest threat intelligence from around the world. You need FireEye as a Service.

FireEye as a Service

FireEye as a Service provides answers through real-time threat protection via rapid investigation and incident response. FireEye as a Service analysts provide around-the-clock compromise assessment and in-depth response recommendations aimed at disabling vulnerabilities and threat actors found in your environment.

FireEye thoroughly investigates FireEye alerts and proactively hunts for signs of compromise that evade most technology defenses. In most cases, detection occurs within hours, drastically minimizing the scope, impact, and cost of a breach.

How it Works

FireEye as a Service integrates people, technology and intelligence to operationalize the detection and investigation of attackers in an organization’s network.

FireEye as a Service leverages your existing investments in both FireEye and third party technology to provide real-time visibility across the enterprise, including your most remote locations.

Expert FireEye threat analysts go beyond traditional security monitoring, using proprietary techniques powered by adversary, victim and machine-based threat intelligence to detect, investigate and proactively hunt for previously undetected threats.

When we validate signs of compromise, you’ll be notified immediately and receive a full report that provides context about the threat — who, what, when, how — to inform an effective response. In some cases, we’ll provide recommendations to immediately quarantine systems and prevent attackers from moving laterally in your organization. If required, FireEye incident responders with forensic expertise can be engaged to help resolve the incident quickly and assess impact for prompt, accurate disclosure.

Highlights

  • Unprecedented Situational Awareness: Real-time visibility into the ongoing assessment and response to emerging threats via our community protection dashboards.
  • Answers, Not Just Alerts: In-depth compromise reports that assess attacker activity and display evidence in terms of the kill chain and include rich context and response recommendations so you can quickly assess risk and take action.
  • Team of Experts: Thousands of threat analysts, malware experts, incident responders, intelligence curators and forensic experts.
  • Advanced Hunting Techniques: FireEye threat assessment analysts provide in-depth behavioral insight that cannot be replicated.

 

  • Global Advanced Threat Response Centers:(ATRCs) in the United States (Virginia and California), Ireland, Germany, Singapore, Sydney and Japan provide 24x7 coverage.
  • Applied Threat Intelligence: Security analysts apply the latest machine, victim and adversary intelligence to locate and detail threats in your environment faster.
  • Ability to Leverage Existing Investments:Integrate with any security operation on premise, in the cloud or in a hybrid environment.
  • Engagement Managers:Facilitation of additional support such as analysis of malware samples, in-depth forensic analysis or on-site incident response.

Capabilities

Fully Managed Service

With FireEye as a Service, you have a trusted partner providing powerful technology, actionable intelligence and skilled expertise as a fully managed service focused on advanced threat prevention.

Expert Monitoring

The FireEye team of expert threat analysts monitors your networks and endpoints 24x7, applying the latest intelligence and proprietary methodologies to look for signs of compromise.

Investigation

When an alert is triggered, our threat analysts investigate to determine the scope of the attack by thoroughly inspecting the network traffic or endpoint to determine the extent of the compromise. Using FireEye intelligence, these analysts can identify the timeline across the kill chain to reveal the when and how an attack occurred, who was behind it and what it was targeting.



Applied Threat Intelligence

New intelligence is generated and applied through expert human analysis and automated intelligence sharing, providing global visibility of emerging threats.

Answers, Not Alerts

Industry leading analysts and incident response experts leverage system and network forensics to investigate, classify, and analyze the risk in real time, providing detailed reports on exactly what happened and recommendations on how to contain the threat are immediately provided.

Powerful Defense

FireEye technologies, which perform 50 billion+ virtual machine analyses and process 400,000 unique malware samples each day, may be deployed in your environment. Millions of sensors collecting new intelligence around the globe are then layered with rich contextual intelligence and update the FireEye ecosystem every 60 minutes, providing a powerful detection and prevention defense.

Coverage That Meets Your Needs

FireEye as a Service provides two service level options to provide you the flexibility to adapt as your needs change:

Continuous Guidance is a managed detection service that leverages FireEye and third-party security information to help customers identify, validate and prioritize known and emerging threats.

After detecting a potential threat, our analysts validate and triage the incident, assigning a severity based on accumulated threat intelligence, experience and insight regarding how attackers operate. Our Incident Advisories provide comprehensive information, including evidence discovered and relevant threat intelligence to help you understand the attack.

If further investigation is required, Continuous Guidance provides recommended steps to help determine the scope of the attack. For known threats, we provide remediation recommendations to expedite your response.

Continuous Vigilance adds to Continuous Guidance with a thorough investigation of known and emerging threats.

We couple our extensive knowledge of threat group behavior with proprietary investigation methods to discover signs of intrusion, learn how attackers are operating and assess the scope of their capabilities. We also use analyst driven detection techniques to proactively hunt for covert indicators of an active or attempted compromise that evades traditional technology defenses.

Our Compromise Assessments deliver the definitive, action oriented context you need to fully understand threats, assess risk and take recommended action.

Technical specifications

Capability Continuous Guidance Continuous Vigilance
Provide Community ProtectionProvide Community Protection YesYes YesYes
Ingest FireEye alerts Ingest FireEye alerts Yes Yes Yes Yes
Ingest 3rd party alertsIngest 3rd party alerts with TAP or FireEye Helixwith TAP or FireEye Helix with TAP or FireEye Helixwith TAP or FireEye Helix
Resolve duplicate, false positive and benign alerts Resolve duplicate, false positive and benign alerts Yes Yes Yes Yes
Validate and prioritize incidents Validate and prioritize incidents Yes Yes Yes Yes
Threat intelligence Threat intelligence Enriches incident only Enriches incident only Access to FireEye Intelligence portal Access to FireEye Intelligence portal
Investigate suspicious and confirmed alerts Investigate suspicious and confirmed alerts Client has access to Guided Investigations via TAP Client has access to Guided Investigations via TAP FireEye conducts investigation FireEye conducts investigation
Conduct analyst-driven detection (proactive hunting) Conduct analyst-driven detection (proactive hunting) No No Yes Yes
Deliver critical reports Deliver critical reports Incident Advisory
(with investigation recommendations)
Incident Advisory
(with investigation recommendations)
Compromise Report
(with remediation recommendations)
Compromise Report
(with remediation recommendations)
Provide Engagement Managers Provide Engagement Managers Pool Pool Dedicated Dedicated

Ready to get started?

Ask about FireEye solutions, implementation or anything else. Our security experts are standing by, ready to answer your questions.

+1 888-227-2721 +61 281034308 +1 877-347-3393 +358 942451151 +33 170612726 +49 35185034500 +852 69630370 +39 0294750535 +81 345888169 +03 77248276 +52 5585268207 +64 32880234 +48 223072296 +7 4954658084 +65 31585101 +27 105008408 +82 7076860238 +34 932203202 +94 788155851 +028 7933558 +27873392 +44 2036087538