We have evaluated great vendors like QRadar, Splunk, and all the big players, but they are certainly lacking at getting all the investigations done properly. With FireEye Helix, if a customer already uses any of the FireEye endpoint solutions, the response part is very fast and the investigation is also very fast. You can do a lot of investigation depending on what that product's like. If you want to clarify something on the endpoint, you have to do it manually but if you are a FireEye customer, you can do it right away. The email security offering around FireEye also directly integrates with your Helix. So if you have to investigate malware you can do it from Helix. It's very powerful and centered on the cloud.
The solution is typically used for sub-services, managed detection, and response services as well as advanced sub-services. The solution was managed by the company where I worked and we offered the services to the customer.
If a customer uses FireEye cloud-based network security solution, Helix is free for them no matter how many logs or EPS they use. But they need a license for third-party logs. Licensing is done per EPS.
It's quite an expensive solution. FireEye is one of the top artificial intelligence solutions on the market. It's not made for, in my opinion, small businesses. It's more for leading enterprises. There are no hidden costs. We don't have professional services because they are very, very expensive.