FireEye to Offer Security Analysts as-a-Service
FireEye, Inc. has announced a new service tier from FireEye as a Service (FaaS) called Continuous Guidance, which offers managed services and expertise from FireEye analysts delivered via seven global Advanced Threat Response Centers (ATRCs) and over a thousand security professionals. The new service is generally available as of May 1, 2017.
“Our customers are looking to amplify Fortune-50-grade security in action as they struggle to find the expertise and act on the intelligence necessary to detect emerging threats with the speed necessary to defend against today’s threats,” said Tony Kolish, EVP of customer services, FireEye. “With Continuous Guidance, organizations looking to enhance their existing teams or service provider support will benefit from the threat detection and validation, coupled with unprecedented visibility into emerging threats that enable them to investigate and respond to threats faster.”
According to a release, Continuous Guidance uses machine, adversary, and victim intelligence to “identify missed threats and quickly deliver new protections at scale.” Upon detecting a potential threat, FaaS analysts will validate and triage the incident, assigning a severity rating that helps customers prioritize response and resources to detect threat earlier in the kill chain and reduce overall costs. Continuous Guidance customers are notified via Incident Advisories that provide information on how FireEye as a Service analysts reached their conclusion, artifacts discovered, and relevant threat intelligence to help understand the attack. For known incidents, FaaS analysts provide remediation recommendations to expedite a team’s response. If further investigation is required, Continuous Guidance provides recommended steps to help customers determine the scope of the attack.
Continuous Guidance can also leverage capabilities of the newly launched FireEye Helix platform such as Guided Investigation. Guided Investigation uses predictive analytics to lead users through investigative methods, pre-populating five or more scenarios specific queries, streamlining the pivot from detection to investigation.