In this installment of the Tips and Insights series, Todd Bane demonstrates how to enable the evidence collector and comm broker features on the FireEye NX appliance in order to feed in metadata and third party log event information into your Helix instance.
FireEye Helix is a security operations platform that makes it simple to deliver advanced security to any organization. FireEye Helix surfaces unseen threats and empowers expert decisions with frontline intelligence, to help organizations take back control and capture the untapped potential of their security investments.
FireEye Helix collects event data from FireEye and non-FireEye components of a security infrastructure and overlays frontline intelligence, rules, and analytics to give organizations the context to determine which threats present the greatest risk and how to subsequently respond. From within a single interface, FireEye Helix facilitates all Security Operation Center (SOC) functions including alert management, search, analysis, investigations, and reporting.
For more information about FireEye Helix, visit https://www.fireeye.com
To watch more FireEye videos like this one, visit https://www.youtube.com/user/FireEyeInc
For FireEye product training, visit https://www.fireeye.com/services/training.html