Threat Analytics Platform Datasheet
Built by Security Practitioners
FireEye built TAP from the ground up — by security practitioners, for security practitioners. TAP combines threat insights gained from responding to the worlds’ most consequential breaches with big data security analytics and codified security expertise so you can quickly identify and investigate cyber threats.
Your attackers can enter anywhere. You need visibility everywhere. TAP provides enterprise-wide visibility by aggregating alerts from the diverse range of security technologies throughout your organization. Our thin network sensors provide real-time visibility to distributed environments, aggregating events from remote locations and sending them to a centralized location for log retention, threat analysis and investigation.
Your adversaries are constantly changing. Your detection and investigation capabilities must evolve just as quickly. FireEye has a dedicated TAP team made up of data scientists and security researchers that codify extensive front-line incident response experience into detection rules, behavioral analytics and guided investigations. Within hours of discovering an emerging attack, they create new rules and perform retrospective analysis of your environment to determine the potential impact and feed these rules back into the TAP product. Upon discovering malicious activity, TAP generates alerts enriched with supporting data, such as attacker context, to aid the investigator in validating and scoping the incident.
Accelerate Threat Investigations
Your team’s ability to respond to an ever-increasing number of cyber
attack is stretched to the breaking point. You need a dramatic
increase in security operations productivity and effectiveness that
will accelerate your incident response lifecycle.
TAP expedites investigation by enriching alerts with supporting data. Threat intelligence, point-in-time context regarding users affected, actions taken and hosts involved help you validate and scope the incident.
TAP also offers Guided Investigations to help amplify the investigation efficiency of incident responders. Our Guided Investigation capability leads analysts through industry-leading investigative strategies by providing pre-populated queries based on FireEye knowledge from specific attack scenarios.
Upon receiving an alert, TAP selects and presents the relevant next step queries providing a best practice workflow to guide and inform your threat investigation.