Effective server-protection and “intelligence” from FireEye and SecuriOT
To understand the threat against your production systems, advanced technology and deep “intelligence” must be combined, and it is precisely FireEye’s DNA. 1 million hours – that is the number of hours FireEye has helped customers with “Incident Response” tasks in 2017. It provides insight, and at the same time, FireEye keeps track of “threat actors “and hacker groups.
This information is correlated and reported to the overall threat image that FireEye has the insight to and becomes an active part of FireEye’s technologies.
The knowledge and feedback answer you to the threats you have to deal with. This “intelligence” is also used in the technology to detect malware and protect your critical servers in the production environment and other critical components.
It gives the opportunity to answer questions as to how did this happen and why?
SecuriOT works with FireEye in 3 different areas:
One integrated platform from FireEye: HELIX
Helix is an integrated platform for detecting and managing events from both FireEye technologies and 3rd party solutions. Helix can automate the handling of your security incidents and correlate it with the “threat intelligence” that FireEye beholds and finally has features to build a “workflow” in the organization, so “Time to Respond”-time becomes as short as possible.
- Great visibility and threat intelligence around IoC’s from a number of technologies.
- Adding additional value to a SIEM solution, as alarms are correlated with “context” information.
- One management platform for FireEye technologies
Further information: https://www.fireeye.com/solutions/helix.html
FireEye TAP – Threat Intelligence Portal – Your Security Event Insight
FireEye Threat Analytics Portal (TAP) is an application that can be added to the top of the FireEye Helix platform, providing advanced security team investigation and reporting features. FireEye Helix works with warnings, while FireEye TAP focuses on event and log data.
With its advanced “Incident” analysis tools, FireEye Threat Analytics should be viewed as a next-generation security information and Event Management (SIEM) solution.
TAP integrates with Nozomi Network, SecuriOT HoneyPot NET and FireEye “Endpoint Security” and provide “contextual” information about these events. A number of other logs and alarms can be integrated from. Eg. Firewall, DNS security, Active directory and of course other FireEye Products.
Test FireEye in your infrastructure?
SecuriOT offers a “Proof of Concept” (PoC) installation, where we install the solution in a limited part of our infrastructure.
Price for the PoC starts from 5.000 euro excl. VAT. Contakt us, if you want to try it out.