Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?


Incident Response

FireEye Unveils Helix Platform to Streamline Security Operations

Just weeks after launching new cloud-based network security and threat intelligence offerings, FireEye on Tuesday unveiled a new platform designed to help customers efficiently integrate and automate security operations functions.

Just weeks after launching new cloud-based network security and threat intelligence offerings, FireEye on Tuesday unveiled a new platform designed to help customers efficiently integrate and automate security operations functions.

Dubbed FireEye Helix, the platform leverages FireEye’s threat detection capabilities combined with technologies and expertise gained from its investments in iSIGHT Partners, Invotas and Mandiant.

FireEye Logo

Deployed via public or private cloud, or on premise, Helix helps accelerate incident response with automation and orchestration by leveraging detection capabilities from FireEye’s Endpoint Security (HX) and Network Security (NX) engines, along with FireEye iSIGHT Intelligence.

Described by FireEye as an “intelligence-led” platform, the Company says Helix was designed to dramatically reduce the resources required to manage false alerts (false positives) generated from security solutions such as next generation firewalls, endpoint security, and intrusion prevention systems (IPS).  

Shortly after snapping up threat intelligence firm iSIGHT Partners for roughly $275 million in January 2016, FireEye announced its acquisition of Invotas International, a privately held provider of security automation and orchestration software. In May, FireEye announced Security Orchestrator, the first product resulting from the union of the two firms. 

As FireEye’s own Joshua Goldfarb noted in a recent SecurityWeek column, the “alert-driven model” for security operations isn’t working anymore for anyone. This is something FireEye hopes to address with the release of Helix.

“After more than two decades responding to the largest breaches in the world, it is clear that threats have evolved to actively exploit the detection and process failures in security operations that slow response,” Kevin Mandia, CEO of FireEye, said in a statment.

Advertisement. Scroll to continue reading.

The Helix platform was unveiled at FireEye’s Cyber Defense Summit this week in Washington, D.C., and is currently available through a limited early adopter program with general availability scheduled for late Q1 2017.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Artificial Intelligence

Two new surveys stress the need for automation and AI – but one survey raises the additional specter of the growing use of bring...