We just raised a $30M Series A: Read our story

FireEye Helix OverviewUNIXBusinessApplication

FireEye Helix is the #4 ranked solution in our list of top Security Incident Response tools. It is most often compared to Splunk: FireEye Helix vs Splunk

What is FireEye Helix?

FireEye Helix is a cloud-hosted security operations platform that allows organizations to take control of any incident from alert to fix. Available with any FireEye solution, FireEye Helix integrates your security tools and augments them with next-generation SIEM, orchestration and threat intelligence capabilities to capture the untapped potential of security investments. Designed by security experts, for security experts, it empowers security teams to efficiently conduct primary functions, such as alert management, search, analysis, investigations and reporting.

FireEye Helix is also known as FireEye Threat Analytics.

Buyer's Guide

Download the Security Information and Event Management (SIEM) Buyer's Guide including reviews and more. Updated: October 2021

FireEye Helix Customers

Police Bank, Verisk Analytics, Teck Resources

FireEye Helix Video

Pricing Advice

What users are saying about FireEye Helix pricing:
  • "The price could be better. But I think it's rightly placed when we buy everything in one shot, and we get some discount for that. That's how we basically plan our deployment, and it's holistic. We pay for the license yearly."
  • "It could be cheaper, but that applies to every product."

FireEye Helix Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
BiswabhanuPanda
Senior Technical Consultant at Hitachi Systems Micro Clinic
Consultant
Top 5
We can have an API connection with any cloud, the integration is very easy

Pros and Cons

  • "The integration is very useful and very easy. You can have an API connection with any cloud and I'll be able to do both ways of communication with the help of APA."
  • "We have certain challenges with integrating the SOAR platform with multiple vendors."

What is our primary use case?

We have evaluated great vendors like QRadar, Splunk, and all the big players, but they are certainly lacking at getting all the investigations done properly. With FireEye Helix, if a customer already uses any of the FireEye endpoint solutions, the response part is very fast and the investigation is also very fast. You can do a lot of investigation depending on what that product's like. If you want to clarify something on the endpoint, you have to do it manually but if you are a FireEye customer, you can do it right away. The email security offering around FireEye also directly integrates with your Helix. So if you have to investigate malware you can do it from Helix. It's very powerful and centered on the cloud. 

What is most valuable?

The integration is very useful and very easy. You can have an API connection with any cloud and I am able to do both ways of communication with the help of the API.

The local center can help you to address the network. We place a logger on-premises to send the logs of other appliances to FireEye Helix. So that the same appliance can also be used as a network endpoint solution, doing dynamic analysis.

What needs improvement?

Helix will do well after the pandemic because everybody will be looking for a cloud solution and it is cloud-native. There are certain changes we are bringing onto our endpoint and our ETP network security. So everything makes an impact on Helix because every log and every change you can manage through Helix. Helix is directly integrated into a single sign-on platform, which is free FireEye customers. They can log into any of their incentives like if they want to log into the ETP, email security, they use a third-party sandbox and intel and FireEye integrates nicely into it. There are a lot of issues because of GDPR but otherwise, it is a very good platform.

For how long have I used the solution?

I have been using FireEye Helix for six years. 

What do I think about the stability of the solution?

There are certain aspects that need to be addressed from the customer side. Parsing is free so if you want to parse third-party logs, FireEye does it for free. But there are times that we need to pull out certain information from applications and we need a lot of support from the customer. A lot of solutions have similar challenges. We are trying to address these challenges. 

Which solution did I use previously and why did I switch?

Integrating anything on QRadar is very hard. If you want to upgrade the EPS you have to consider upgrading the appliance but with FireEye, if the customer has to compute, FireEye gives them a file to install on his computer and he can send the logs to my computer. 

It is very easy to scale with FireEye. It can be upgraded to any number of EPS.

How was the initial setup?

If you just want to deploy Helix, it is subscription-based, you have to put in a request and it will be ready in a day. If you want to integrate third-party logs, it depends on how many devices you want to integrate. 

Setting it up won't take more than an hour.

What's my experience with pricing, setup cost, and licensing?

If a customer uses FireEye cloud-based network security solution, Helix is free for them no matter how many logs or EPS they use. But they need a license for third-party logs. Licensing is done per EPS. 

What other advice do I have?

Don't be afraid. Request a demo or POC. See the features and if you find it interesting, start implementing it for your use cases. I would recommend it because it really works. 

I would rate it a nine out of 10. We have certain challenges with integrating the SOAR platform with multiple vendors. 

Which deployment model are you using for this solution?

Private Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
MM
CTO & CISO at a tech vendor with 51-200 employees
Real User
Top 5Leaderboard
Easy to set up with strong automation and few false positives

Pros and Cons

  • "The product offers very strong automation. Our cyber security analysts don't have to correlate the information to detect problems. They only need to analyze problems that have been identified by the platform."
  • "The graphical user interface could be improved. It's not easy to handle and it's not easy for a customer or end-user to learn how to manage the solution."

What is our primary use case?

The solution is typically used for sub-services, managed detection, and response services as well as advanced sub-services. The solution was managed by the company where I worked and we offered the services to the customer.

What is most valuable?

The solution is very high-quality. It offers a very small number of false positives. We don't have to get distracted by checking up on false data and making sure nothing is wrong.

The product offers very strong automation. Our cyber security analysts don't have to correlate the information to detect problems. They only need to analyze problems that have been identified by the platform.

The initial setup is very easy.

What needs improvement?

The graphical user interface could be improved. It's not easy to handle and it's not easy for a customer or end-user to learn how to manage the solution. 

For how long have I used the solution?

I first started working with the solution at my previous company, in 2017, and I continue to work with it. It's been over two or so years.

What do I think about the stability of the solution?

The solution is very stable. It's reliable. There aren't issues with bugs or glitches. It doesn't freeze.

What do I think about the scalability of the solution?

From a technical point of view, it's quite scalable. You only need to have agents on the endpoint or devices. It's really just a little less scalable from the economic point of view as there's a huge cost. The cost was a limiting factor for our organization. We had a limited budget and therefore acquired less of the solution than we technically need. There are parts that are not monitored, not because it can't physically scale but due to the fact that budget-wise, it's not possible. 

How are customer service and technical support?

The technical support has been very good. We're quite satisfied with the level of support we get.

How was the initial setup?

The initial setup is not complex at all. It's a very straightforward implementation.

The deployment is also relatively quick. You can be online in about two or three days at the most. It does not require a lot of time.

What's my experience with pricing, setup cost, and licensing?

It's quite an expensive solution. FireEye is one of the top artificial intelligence solutions on the market. It's not made for, in my opinion, small businesses. It's more for leading enterprises.

There are no hidden costs. We don't have professional services because they are very, very expensive. 

What other advice do I have?

We're just customers. We don't have a business relationship with the company.

With FireEye, everything is managed by cloud artificial intelligence.

The solution is built to target larger enterprises. Their market's different from many other markets as it's made for 99% of mid-sized enterprises of 1,000 or so people. In Italy, that's quite a large-sized company. We're most likely not their target market as our businesses tend to be a bit smaller. 

If this solution would work for another company, I'd say it depends on the size of the company and the maturity level. For a small company that is not structured for security instruction and competencies, I wouldn't advise this solution. That said, it does offer a lot of features surrounding security and this is something that you can put on top of your security program if you have the right infrastructure in place.

I'd rate the solution nine out of ten. It does everything we need it to do. It's not really lacking in any regard.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Find out what your peers are saying about FireEye, Splunk, IBM and others in Security Information and Event Management (SIEM). Updated: October 2021.
540,984 professionals have used our research since 2012.
SB
Sr Manager - Information Security & Researcher at a tech services company with 1,001-5,000 employees
Real User
Top 5Leaderboard
A cloud-hosted security operations platform that's easy to use

Pros and Cons

  • "I like that it's easy. It's got the protection set up, and we can see whatever is required. We write our own rules and the rules that we can input. I think it is good."
  • "Sometimes the rules are disabled by FireEye, and we basically get it after the patch. I think there needs to be a better way of creating the application rules. I would like to see better pricing for our licensing."

What is our primary use case?

We use it for everything like our logs, data allocation, and ransomware. We basically do malware objects and malware callbacks. I think it's our integration tool. It's our centralized SIEM where we look at all the events, alerts and then do a tryout. The major playbooks that we use are ransomware and phishing campaigns. We basically use it for our PTI-based credit card fraud detection. 

What is most valuable?

I like that it's easy. It's got the protection set up, and we can see whatever is required. We write our own rules and the rules that we can input. I think it is good.

What needs improvement?

Sometimes the rules are disabled by FireEye, and we basically get it after the patch. I think there needs to be a better way of creating the application rules. I would like to see better pricing for our licensing. 

For how long have I used the solution?

I have been using FireEye Helix for three years.

What do I think about the stability of the solution?

FireEye Helix is a stable solution.

What do I think about the scalability of the solution?

FireEye Helix is a scalable solution. I have about nine users on my team.

How are customer service and technical support?

Technical support is good.

What's my experience with pricing, setup cost, and licensing?

The price could be better. But I think it's rightly placed when we buy everything in one shot, and we get some discount for that. That's how we basically plan our deployment, and it's holistic. We pay for the license yearly.

What other advice do I have?

I would recommend this solution to new users.

On a scale from one to ten, I would give FireEye Helix a nine.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
RM
SOC Services Manager at a healthcare company with 10,001+ employees
Real User
Top 20
Simple, reliable, and easily deployable

What is our primary use case?

It is used for correlating data.

What is most valuable?

It is kind of simple and very easily deployable. You can start working with it very fast.

What needs improvement?

It should have more cloud connectors. It could also be cheaper.

For how long have I used the solution?

I have been using this solution for almost three years.

What do I think about the stability of the solution?

It is reliable.

What do I think about the scalability of the solution?

It is scalable.

How are customer service and technical support?

Their support is okay. It is not bad.

How was the initial setup?

It is very easy to deploy. Most of its maintenance is automatic. We just get the notification that it is going to happen. So far, we haven't faced any…

What is our primary use case?

It is used for correlating data.

What is most valuable?

It is kind of simple and very easily deployable. You can start working with it very fast.

What needs improvement?

It should have more cloud connectors. It could also be cheaper.

For how long have I used the solution?

I have been using this solution for almost three years.

What do I think about the stability of the solution?

It is reliable.

What do I think about the scalability of the solution?

It is scalable.

How are customer service and technical support?

Their support is okay. It is not bad.

How was the initial setup?

It is very easy to deploy. Most of its maintenance is automatic. We just get the notification that it is going to happen. So far, we haven't faced any issues.

What about the implementation team?

It was FireEye itself.

What's my experience with pricing, setup cost, and licensing?

It could be cheaper, but that applies to every product.

What other advice do I have?

I would recommend this solution to others. I would rate FireEye Helix an eight out of 10.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Buyer's Guide
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about FireEye, Splunk, IBM, and more!