FireEye Helix is our organization's system for managing all security events and conducting behavioral analysis. We have deployed FireEye Agents to all desktops, laptops and servers which report into Helix. We also have a series of taps and other systems reporting into Helix and the associated SOC service. This gives us one place to review all security information and take the needed actions.
- Single location for all security event management.
- Detect advanced threats.
- Provide audit artifacts to ensure compliance.
- Overly complex platform.
- Multiple logins needed for various tools, leads to confusion.
- Costs can add up.
Overall we've had a great experience with FireEye Helix and would recommend to organizations looking to improve their operational security. We've found Helix to be a great way to collect and analyze revenant security events and take action. Having single pane of glass makes this process much more efficient, prior to moving to FireEye we had different teams sending data to different applications which resulted in confusion and critical data being missed.
FireEye Helix provides good actionability for all security threats. It all starts with the logging and audit trails created by sending all security information into a single source. Once we have all the information in a single place we only have one place to search, this leads to a much more efficient process for researching and resolving security threats. We find look into even minor issues which as before that was often too much effort to do.
We've been fairly happy with FireEye Support overall, most issues are resolved the same day the case is opened.