FireEye Security Orchestrator and Cross-Platform Updates Create the Future of Security Operations with Intelligence-led Detection, Automated Response, and Unification of Multivendor Environments

May 11, 2016

5 Min Read


MILPITAS, Calif. – May 5, 2016 – FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today’s advanced cyber attacks, today launched FireEye Security Orchestrator along with advanced features for Threat Analytics Platform (TAP), Email (EX/ETP) & Network (NX) Security, and Enterprise Forensics, simplifying and accelerating organizations’ abilities to detect and respond to threats.

“As cyber threats developed more complex operations to successfully carry out their attacks, the security industry has created even more complexity through the number of technologies and alerts our customers must deal with,” said David DeWalt, CEO and chairman of the board, FireEye. “FireEye Security Orchestrator addresses the resource strain all security teams currently face with automation and an open platform based on the best intelligence, technology, and expertise. Combined with the new intelligence-led detection and response functions of our Threat Management Platform, we are solving not just for today’s threats by creating the future of security operations.”

FireEye Security Orchestrator

The FireEye Security Orchestrator provides organizations a “single pane of glass” technology from recently-acquired Invotas to respond to incidents, and integrates it with the enhanced intelligence-led FireEye Threat Management Platform. By unifying workflows across different security technologies and automating repetitive, manual processes, FireEye Security Orchestrator helps organizations reduce response times by an average of 98 percent and eliminates 99 percent of process errors, ultimately reducing overall risk exposure by 40 percent[1].  

Features of FireEye Security Orchestrator include:

·         Courses of Action that act as codified incident response playbooks leveraging Mandiant Incident Response expertise to shrink incident response times;

·         Automation capabilities can initiate actions at the network and application levels, and even extends to physical access-control systems;

·         Attack lifecycle visualization to accelerate attack investigations and ensure comprehensive, intelligence-led responses;

·         Automation and documentation of manual processes to eliminate the majority of operational errors and ensure that policies are enforced automatically;

·         User-friendly reporting and analysis that allows for “single pane of glass” visibility into security operations;

·         Cyber Security Coalition (CSC) partnerships and deep integrations with technology providers such as Blue Coat, BMC, CyberArk, HPE, IBM, MobileIron, PhishMe, Splunk, and many more to ensure unified workflows across any security environment

“Blue Coat and FireEye are committed to protecting our shared customers by working together to address their needs," said [Blue Coat spokesperson]. "As a CSC partner, we will ensure simplicity for customers through interoperable technologies.”

Email Security (EX & ETP)

FireEye is continuing to innovate both the on premise and cloud options of its email security solutions. New, intelligence-led capabilities for detecting and blocking business disruption exploits that enter organizations through spear phishing emails such as ransomware, sender impersonation fraud and credential harvesting will be available on the EX series in June and on Email Threat Prevention Cloud (ETP) in July. These new capabilities are fueled by FireEye threat intelligence with correlation of data across the entire FireEye platform. EX and ETP provide organizations automatic, real time protection from email-borne threats, preventing costly breaches and remediation.

Threat Analytics Platform (TAP)

Further addressing the resource strains of security teams, TAP introduces the Guided Investigations feature to simplify the work of incident responders and decrease response time. Guided Investigations utilizes predictive analytics on security alerts, suggesting five or more queries the responder should use and prepopulating them for an even faster turn from search to action. The new predictive capabilities also offer visibility into different intelligence, providing new ways for the responder to take action.

To learn more about Guided Investigations in TAP, please visit [link to video].

Network Security (NX)

Updates to FireEye Network Security focus on two key areas of concern for customers today: detection for ransomware and uptime. As attacks deploying ransomware become more visible, FireEye has added new intelligence-led detection capabilities to its MVX engine that enable it to monitor files not just for malicious activity, but for behavioral patterns that signal malicious intent to help ensure uptime in the face of a ransomware attack. Greater security uptime is now a benefit of NX with the introduction of High Availability, functionality that allows for customers to deploy and rely on multiple NX appliances.

To learn more about updates to Network Security, please visit [link to blog].

Enterprise Forensics

The FireEye Network Forensics Platform and the Investigation Analysis system, the industry's fastest lossless network data capture and retrieval solution with centralized analysis and visualization, further accelerates the network forensics process with a new  intelligence-led forensics workbench, deeper integrations with FireEye NX, EX, and Endpoint Security , and support for new protocols that identify attackers’ lateral spread.

To learn more about updates to Enterprise Forensics, please visit [link to blog].

To learn more about recent updates to FireEye as a Service, please visit:

For more information about the latest Mandiant Consulting services, please visit:

About FireEye, Inc.
FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 4,400 customers across 67 countries, including more than 680 of the Forbes Global 2000.

© 2016 FireEye, Inc. All rights reserved. FireEye and Mandiant are registered trademarks or trademarks of FireEye, Inc. in the United States and other countries. All other brands, products or service names are or may be trademarks or service marks of their respective owners.


Kyrk Storer
FireEye, Inc.
[email protected]

Kate Patterson
FireEye, Inc.
[email protected]



Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights