Texture Top Left Grey 01
FireEye Helix pictogram

Security Analytics

Surface answers from your data with next generation security analytics

Security analytics with real-time threat intelligence, continuously updated rules, and behavior based machine learning to identify advanced attacks.

Continuously updated rules

Receive continuously updated rules and tuned security modules from a specialized team of engineers and security analysts. FireEye’s unique ecosystem of managed security professionals, intelligence analysts, and incident responders provide near real-time updates from the field on attacker tactics, techniques and procedures.

Integrated intelligence

Inform your advanced threat analytics with intelligence from our intelligence analysts. Whether it’s the latest malware hashes, command and control domains, or methodologies, you’ll get additional context on an attack, allowing your organization to take proactive steps to avoid compromise.

Behavior based detection

Identify insider threats with user behavior and network traffic analytics before malicious actors can exfiltrate data. Identify when attackers gain access to your environment by analyzing inbound and outbound network traffic patterns, port scanning attempts, VPN access and encryption of key data. Alert analysts when attackers compromise network devices or leverage commonly abused protocols and applications.

How Helix security analytics works

FireEye Helix works by collecting data from across on-prem or cloud environments and analyzing billions of data points for both known and unknown attacker indicators. Helix uses machine learning and statistical methods to baseline an organization's 'normal' behavior. It then uses mathematical predictions to calculate the risk of deviant actions and create alerts.

TESTIMONIAL

“Orchestration and automation are already configured within Helix, so there is no need to spend time or dedicate resources to replicate those functions. Helix streamlines our security so we can spend its time solving security problems.”

- Rob Labbe, Director of Information Security, Teck Resources

Features

User and Entity Behavior Analytics

User and Entity Behavior Analytics

Track users accessing data across your environment, detect behavioral anomalies and identify insider threats with UEBA capabilities.

Compromised Account Detection

Compromised Account Detection

Identify threats by monitoring privilege escalation, credential abuse and login attempts.

Identify stolen accounts

Identify stolen accounts

Shared or stolen accounts can be identified by examining whether the distance between two physical login locations is feasibly travelled within the specific time window.

Cloud Misconfiguration Detection

Cloud Misconfiguration Detection

Automatically notify your analysts when security devices go silent, detect third-party cloud misconfigurations and alert security teams to changes in policy configurations.

Lateral Network Movement Detection

Lateral Network Movement Detection

Identify when attackers gain access to your environment including connected devices. Prevent attacker privilege escalation by identifying compromised services and applications.

Related features within Helix

UEBA

UEBA

Detect insider threats
and advanced attacks.

SIEM

SIEM

Next-generation security information
and event management tools.

SOAR Security

SOAR Security

Simplify threat response with Security Orchestration and Automation Response.

Ready to get started?

Learn more about the FireEye Helix platform or contact sales to schedule a demo.

+1 888-227-2721 +61 281034308 +32 28962867 +1 877-347-3393 +971 45501444 +358 942451151 +33 170612726 +49 35185034500 +852 3975-1882 +91 80 6671 1566 +353 (0)216019160 +39 0294750535 +81 3 4577 4401 +03 77248276 +52 5585268207 +31 207941289 +64 32880234 +48 223072296 +7 4954658084 +65 31585101 +27 105008408 +82 7076860238 +34 932203202 +94 788155851 +46 853520870 +886 2-5551-1268 +27873392 +44 2036087538 +842444581914