IT Central Station is now PeerSpot: Here's why

FireEye Helix OverviewUNIXBusinessApplication

FireEye Helix is #3 ranked solution in top Security Incident Response tools and #21 ranked solution in top Security Information and Event Management (SIEM) tools. PeerSpot users give FireEye Helix an average rating of 8.6 out of 10. FireEye Helix is most commonly compared to Splunk: FireEye Helix vs Splunk. FireEye Helix is popular among the large enterprise segment, accounting for 63% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 27% of all views.
Buyer's Guide

Download the Security Information and Event Management (SIEM) Buyer's Guide including reviews and more. Updated: July 2022

What is FireEye Helix?

FireEye Helix is a cloud-hosted security operations platform that allows organizations to take control of any incident from alert to fix. Available with any FireEye solution, FireEye Helix integrates your security tools and augments them with next-generation SIEM, orchestration and threat intelligence capabilities to capture the untapped potential of security investments. Designed by security experts, for security experts, it empowers security teams to efficiently conduct primary functions, such as alert management, search, analysis, investigations and reporting.

FireEye Helix was previously known as FireEye Threat Analytics.

FireEye Helix Customers

Police Bank, Verisk Analytics, Teck Resources

FireEye Helix Video

Archived FireEye Helix Reviews (more than two years old)

Filter by:
Filter Reviews
Filter Unavailable
Company Size
Filter Unavailable
Job Level
Filter Unavailable
Filter Unavailable
Filter Unavailable
Order by:
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Showingreviews based on the current filters. Reset all filters
BiswabhanuPanda - PeerSpot reviewer
Senior Technical Consultant at Hitachi Systems Micro Clinic
We can have an API connection with any cloud, the integration is very easy
Pros and Cons
  • "The integration is very useful and very easy. You can have an API connection with any cloud and I'll be able to do both ways of communication with the help of APA."
  • "We have certain challenges with integrating the SOAR platform with multiple vendors."

What is our primary use case?

We have evaluated great vendors like QRadar, Splunk, and all the big players, but they are certainly lacking at getting all the investigations done properly. With FireEye Helix, if a customer already uses any of the FireEye endpoint solutions, the response part is very fast and the investigation is also very fast. You can do a lot of investigation depending on what that product's like. If you want to clarify something on the endpoint, you have to do it manually but if you are a FireEye customer, you can do it right away. The email security offering around FireEye also directly integrates with your Helix. So if you have to investigate malware you can do it from Helix. It's very powerful and centered on the cloud. 

What is most valuable?

The integration is very useful and very easy. You can have an API connection with any cloud and I am able to do both ways of communication with the help of the API.

The local center can help you to address the network. We place a logger on-premises to send the logs of other appliances to FireEye Helix. So that the same appliance can also be used as a network endpoint solution, doing dynamic analysis.

What needs improvement?

Helix will do well after the pandemic because everybody will be looking for a cloud solution and it is cloud-native. There are certain changes we are bringing onto our endpoint and our ETP network security. So everything makes an impact on Helix because every log and every change you can manage through Helix. Helix is directly integrated into a single sign-on platform, which is free FireEye customers. They can log into any of their incentives like if they want to log into the ETP, email security, they use a third-party sandbox and intel and FireEye integrates nicely into it. There are a lot of issues because of GDPR but otherwise, it is a very good platform.

For how long have I used the solution?

I have been using FireEye Helix for six years. 

Buyer's Guide
Security Information and Event Management (SIEM)
July 2022
Find out what your peers are saying about Trellix, Splunk, IBM and others in Security Information and Event Management (SIEM). Updated: July 2022.
622,358 professionals have used our research since 2012.

What do I think about the stability of the solution?

There are certain aspects that need to be addressed from the customer side. Parsing is free so if you want to parse third-party logs, FireEye does it for free. But there are times that we need to pull out certain information from applications and we need a lot of support from the customer. A lot of solutions have similar challenges. We are trying to address these challenges. 

Which solution did I use previously and why did I switch?

Integrating anything on QRadar is very hard. If you want to upgrade the EPS you have to consider upgrading the appliance but with FireEye, if the customer has to compute, FireEye gives them a file to install on his computer and he can send the logs to my computer. 

It is very easy to scale with FireEye. It can be upgraded to any number of EPS.

How was the initial setup?

If you just want to deploy Helix, it is subscription-based, you have to put in a request and it will be ready in a day. If you want to integrate third-party logs, it depends on how many devices you want to integrate. 

Setting it up won't take more than an hour.

What's my experience with pricing, setup cost, and licensing?

If a customer uses FireEye cloud-based network security solution, Helix is free for them no matter how many logs or EPS they use. But they need a license for third-party logs. Licensing is done per EPS. 

What other advice do I have?

Don't be afraid. Request a demo or POC. See the features and if you find it interesting, start implementing it for your use cases. I would recommend it because it really works. 

I would rate it a nine out of 10. We have certain challenges with integrating the SOAR platform with multiple vendors. 

Which deployment model are you using for this solution?

Private Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about Trellix, Splunk, IBM, and more!
Updated: July 2022
Buyer's Guide
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about Trellix, Splunk, IBM, and more!