Hi [[ session.user.profile.firstName ]]

FireEye Helix Explained: Multi-stage Rules

Today’s security operations are often disjointed and constrained by limited visibility and false alerts. These issues can cost organizations valuable time, resources and effort, even as they increase the risk of an incident. FireEye Helix enables organizations to take control of any incident from alert to fix, and addresses traditional SIEM shortfalls while delivering highly efficient, low-maintenance security automation.

Join us for the next session in a series of webinars, as our experts highlight:

•Improving FireEye Rule coverage in your environment
•Tuning FireEye Rules to maintain a manageable flow of alerts
•Creating custom Rules for detection
•Creating multistage Rules to detect threats across multiple event logs

Follow along with a hands-on Helix demonstration of multistage Rules during the session and receive sample use cases used in the webinar. Stay with us after the presentation for an in-depth Q&A session with our experts.
Recorded Aug 25 2020 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
​Sarah Cox Sr. Instructional Designer FireEye and Mike Kizerian Principal Instructor, FireEye
Presentation preview: FireEye Helix Explained: Multi-stage Rules
  • Channel
  • Channel profile
  • Detection On Demand: A One Year Update Nov 9 2020 2:00 pm UTC 30 mins
    Rob Ayoub, Sr. Product Marketing Manager, FireEye; Alex Lanstein, Product Manager, Detection on Demand, FireEye
    This on demand session will be available starting at 6:00 a.m. PT.

    Detection On Demand was launched at CDS 2019. At the time it was the first API SaaS service offered by FireEye and targeted customers who needed to rapidly obtain verdicts on files and objects.

    As we look at the improvements made in the last year - Alex Lanstein, Product Manager for Detection on Demand and Rob Ayoub, PMM for Detection on Demand will guide us through the customer successes and improvements to the platform made in the last year.

    For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html
  • Best Practices for Rationalizing Your Security Investments Nov 9 2020 2:00 pm UTC 30 mins
    Major General Earl Matthews, VP of Strategy for Mandiant Security Validation
    This on demand session will be available starting at 6:00 a.m. PT.

    In the first half of the last decade, the rule of thumb for cyber security spending was roughly 3-4% of a total IT budget. By the end of that decade, average security spending had risen by 300%. Today, the typical organization uses 30-70 security tools, and spending in this area has gone through the roof. With so many controls deployed, there is often duplication. But without reliable evidence of security controls performance, it’s impossible to know where overlap exists or where technology is not delivering intended value so leaders can reliably remove unneeded controls without increasing risk.

    With increasing pressure on boards of directors and CEOs to provide evidence that business assets are protected from the fallout of a potential breach, the need to justify security investments is now a key performance metric.

    General Earl Matthews will discuss how to align a cyber security program with desired business outcomes, including cost-cutting demands, and teach attendees how to rationalize cyber security investments and prove their value to the C-suite. Attendees will learn a proven methodology to financially rationalize cyber security investments through security validation.

    For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html
  • Top 5 Attacks Thwarted by Managed Defense This Year Nov 9 2020 1:00 pm UTC 30 mins
    Nick Schroeder, Managed Defense Principle Consultant, Mandiant
    This on demand session will be available starting at 5 a.m. PT.

    In 2020, the battle-savvy defenders of Mandiant Managed Defense have seen and stopped sophisticated attacks including MAZE ransomware, APT 34 phishing, and credential harvesting.

    Join us as we walk through these and other impactful threats we've seen and stopped this year and show how managed detection and response can help you outplay your attacker.

    For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html
  • Expertise On Demand: Mandiant’s Solution to Security’s Biggest Problem Nov 9 2020 1:00 pm UTC 30 mins
    Nicole Cavaleri, Senior Director, Expertise On Demand, Mandiant
    With an estimated 3.5 million unfilled cyber security positions forecasted globally by 2021, and with research suggesting it’s only getting worse, it’s time to think differently about how to acquire cyber security expertise.

    Join Nicole Cavaleri, Senior Director with Mandiant, for an introduction to Expertise On Demand, an annual subscription that extends your security capabilities and capacity with flexible access to a wide range of industry-leading Mandiant security skills and experience, including investigations, intelligence, training and consulting.

    This unique service can help reduce the business and management risks associated with hiring, training and retaining cyber security talent by providing the expertise you need, when you need it.

    For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html
  • Maximizing Threat Intelligence Programs Step by Step Nov 9 2020 1:00 pm UTC 30 mins
    Renze Jongman, Principal Intelligence Enablement Consultant, Intel Capability Development, Mandiant
    This on demand session will be available starting at 5:00 a.m. PT.

    Demand for threat intelligence is in high demand and different organizational stakeholders have broad set of requirements.

    Learn from our enablement specialists how you can maximize threat intelligence investments and what the steps are in building out a global threat intelligence program that aligns stakeholders with ROI for the business.

    For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html
  • How Attribution Helps Security Teams to Become Proactive Nov 9 2020 1:00 pm UTC 30 mins
    Jon Heit, Senior Manager, Product Management, Threat Intelligence, Mandiant Solutions
    This on demand session will be available starting at 5:00 a.m. PT.

    Security Incidents or breaches are not a force of nature or don't happen in vacuum. Understanding who is behind an attack is an important competency and can prevent incidents.

    In this session we will explain the Mandiant attribution process and how your organization can proactive use this info to reduce threat risks and optimize existing resources.

    For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html
  • Mandiant Threat Intelligence Landscape for Higher Education Oct 29 2020 5:00 pm UTC 60 mins
    Luke McNamara, Principal Analyst, FireEye | Mandiant, joined by Mary Ann Blair, Assistant Vice President, CISO, CMU,
    Hosted by Carnegie Mellon University
    As cyber-attacks continue to grow in frequency and scope across higher education institutions, tracking threat actor behaviors, including those sponsored by nation-states, becomes increasingly challenging for security leaders.

    Carnegie Mellon University has partnered with frontline intelligence experts from Mandiant and FireEye for actionable intelligence to strengthen our cyber security posture.

    As part of our National Cyber Security Awareness Month activities, Carnegie Mellon’s Information Security Office is hosting a threat briefing for higher education. Experts from the Mandiant Threat Intelligence team will cover the following topics.

    • Advanced Persistent Threat: What we are seeing on the front lines
    • Threats to higher education with a deep dive into the biggest threats
    • Techniques for validating an institution’s ability to defend itself by using adversary behaviors

    Stay with us after the briefing for a Q&A session
  • FIN11: A Widespread Ransomware and Extortion Operation Oct 29 2020 3:00 pm UTC 60 mins
    Genevieve Stark, Threat Analyst, Mandiant Threat Intel; Andrew Moore, Sr. Technical Analyst, Mandiant Threat Intel
    FIN11 is a financially motivated threat group that delivers malware through widespread and highly successful phishing campaigns that have impacted organizations across sectors and geographies. Mandiant Threat Intelligence has observed FIN11 attempting to monetize their operations at least once using named point-of-sale (POS) malware and, more frequently, using ransomware combined with traditional extortion techniques. In addition to their high-volume spam campaigns, FIN11 is also notable due their consistent evolvement of malware delivery tactics and techniques.

    Join Genevieve Stark and Andy Moore from Mandiant Threat Intelligence for a look into the motivations, tactics and operations of this newly “graduated” threat group, including the group’s previous activity, common TTPs, and anticipated future focus.
  • Secure Access Service Edge - The Convergence of Security & Network Architectures Recorded: Oct 28 2020 49 mins
    David Batty, Principal Engineer, FireEye; Paul Martini, iboss’ CEO, CTO, and Chief Architect
    The traditional network perimeter has eroded while end users and devices are accessing cloud applications remotely, from virtually any location. To complicate matters further, users need access to applications that exist in public cloud destinations as well as resources that reside within private cloud networks, increasing the challenge to secure connectivity. To better protect the evolving cloud environment, users need a multi-vector defense solution.

    The iboss + FireEye Cloud Network Security provides advanced threat protection and data breach prevention in the cloud regardless of the end user’s location or form factor (desktop, laptop, tablet, server, IoT, and other mobile devices). Join this webinar to learn about:

    • Cloud Security that Enables Work from Anywhere: Designed for a world where virtually everyone is mobile, the iboss + FireEye Cloud Network Security solution provides direct-to-cloud secure connectivity to all applications regardless of user location to enable security administrators to easily protect their end traffic, users, devices, networks, assets, data

    • Detects Threats Others Miss: FireEye intelligence-driven Multi-Vector Execution (MVX) paired with iboss Malware Defense and analysis provide state of the art, signatureless detection and protection against a variety of threats, including advanced attacks and zero-days that other solutions miss

    • Alerts That Matter: Utilize intelligence earned from the frontlines of the world’s biggest breaches, receiving high-fidelity alerts when it matters most

    Stay with us after the webinar for a live Q&A session with our experts.

    Register Now!
  • Descubriendo y cAPTurando Amenazas en el Directorio Activo Recorded: Oct 21 2020 124 mins
    Omar Orozco and David Bernal
    ¡Participe en una demostración de 2 horas en vivo cAPTurando Amenazas, a cargo de Omar Orozco y David Bernal, Consultores Principales de Mandiant Managed Defense!

    Adquiera conocimiento de primera mano sobre cómo los adversarios avanzados se mueven dentro del directorio activo de Windows, incluyendo herramientas, técnicas y procedimientos. Aprenda a detectar y contener este tipo de ataques donde fracasan las tecnologías basadas en firmas.

    Además, ponga a prueba sus nuevas capacidades en un ejercicio de entrenamiento interactivo de captura de bandera en vivo (CTF), luego del evento.

    Inscrîbase hoy!
  • FireEye Chat | Front and Center on Ransomware Recorded: Sep 29 2020 22 mins
    Sandra Joyce, EVP, Threat Intelligence; Kimberly Goody, Sr. Mgr., Threat Intelligence; Charles Carmakal, SVP/CTO, Mandiant
    Ransomware continues to be one of the most disruptive cyber threats facing organizations today and has been further underscored by the COVID-19 pandemic. Attackers have more aggressively pivoted their targets and tactics, techniques and procedures (TTPs) to broaden their impact to affect public infrastructure trickling down to individuals and their day-to-day lives.

    In this latest episode of FireEye Chat, we’ll bring together Mandiant experts to further discuss:
    • How ransomware has transitioned from business risk to national security risk
    • The wider implications of ransomware in today’s environment observed from the frontlines
    • How threat intelligence is vital in identifying trends and informing decisions that will help to better protect organizations

    Expert panel:
    • Sandra Joyce, EVP, Head of Mandiant Threat Intelligence
    • Kimberly Goody, Sr. Manager, Mandiant Threat Intelligence
    • Charles Carmakal, SVP and CTO, Mandiant

    Watch Now
  • Cloud Security: Not Just a Visibility Problem Anymore Recorded: Sep 24 2020 60 mins
    Earl Matthews, VP, Security Validation; Matt McWhirt Director, Consulting; Lisun Kung Sr. Director, Cloudvisory, FireEye
    Managing complex cloud environments is a reality for most organizations. They need to effectively see what’s occurring across multi-cloud environments, ensure that verification checks are met, and have the right enforcement mechanisms in place. Ultimately, they need to confirm that security controls are performing as expected at scale across distributed cloud platforms.

    Join us on Thursday, September 24 at 12 p.m. PT/3 p.m. ET to learn from frontline response experts and former CISOs about effective cloud security. This webinar covers cloud visibility, compliance, governance, controls validation and overall “health” of those environments. You’ll get answers to questions like:

    • How can I gain greater visibility across hybrid, public, private, and multi-cloud environments?
    • Is my organization prioritizing the correct information when monitoring cloud environments?
    • Is my team effectively stopping data leakage and protecting data integrity?
    • What side of the shared cloud responsibility model is my team accountable for?
    • Does my team have evidence to properly communicate key metrics to our executives?

    Expert panel includes:
    • Moderator: Brian Contos, VP, Technology Innovation, Mandiant Security Validation
    • Major General Earl Matthews, VP of Strategy, Mandiant Security Validation
    • Matt McWhirt Director, Mandiant Consulting
    • Lisun Kung, Sr. Director, Cloudvisory, FireEye

    Register Now
  • Gain Visibility and Boost Security in Azure Hosted Operations Recorded: Sep 16 2020 59 mins
    ​Frank Rubio, WW Technology Alliances Director, Gigamon; Rob Ayoub, Sr. PMM., FireEye; Chris Unick, Director, FireEye
    Public Cloud and Infrastructure as a Service (IaaS) providers such as Microsoft Azure and AWS emphasize mutual responsibility in the cloud. Providers are expected to safeguard the security of the cloud infrastructure, but you are accountable for ensuring that the assets within the cloud don’t open the door for attackers. To prevent breaches, organizations require visibility into all workloads and to deploy critical security solutions with dynamic threat intelligence. Join experts from FireEye and Gigamon as they present a webinar on how to:

    • Utilize cloud-native network packet brokers to derive complete network traffic visibility into all cloud-located VMs
    • Leverage multi-pronged security solutions to rapidly and proactively identify and eliminate malware
    • Aggregate all compute node traffic, centrally process and distribute optimized flows to specific tools
    • Automatically deploy a fully virtualized, holistic solution with deep orchestration suite integration

    Register Now.
  • Cyber Best Practices: Hygiene for a Remote Government Workforce Recorded: Sep 9 2020 64 mins
    Jason Atwell, Mandiant Threat Intelligence; Dr. Daniel Ragsdale, Department of Defense; Kevin Stine, NIST; Dr. Lerone Banks,
    Cyber crimes spiked 400 percent by April during the novel coronavirus pandemic, according to FBI reports. Phishing attacks continue to target users; ransomware and malware attacks remain threats keeping your agency from its critical data. With more essential services moving online than ever before, health care systems, online commerce, and, pressingly, government agencies have all seen upticks in cyber criminals looking to exploit vulnerabilities in a time of turbulence. For government agencies, maintaining proper cyber hygiene is essential to the mission.

    How can agencies keep their IT protected across disparate networks? What training is needed to ensure security is prioritized regardless of where their workforce is located? How frequently should an agency patch? And what steps can you take today to secure your office’s digital infrastructure?

    Join Nextgov’s discussion with federal leaders and government experts to find out cyber best practices for challenging times and beyond.
  • FireEye Helix Explained: Multi-stage Rules Recorded: Aug 25 2020 59 mins
    ​Sarah Cox Sr. Instructional Designer FireEye and Mike Kizerian Principal Instructor, FireEye
    Today’s security operations are often disjointed and constrained by limited visibility and false alerts. These issues can cost organizations valuable time, resources and effort, even as they increase the risk of an incident. FireEye Helix enables organizations to take control of any incident from alert to fix, and addresses traditional SIEM shortfalls while delivering highly efficient, low-maintenance security automation.

    Join us for the next session in a series of webinars, as our experts highlight:

    •Improving FireEye Rule coverage in your environment
    •Tuning FireEye Rules to maintain a manageable flow of alerts
    •Creating custom Rules for detection
    •Creating multistage Rules to detect threats across multiple event logs

    Follow along with a hands-on Helix demonstration of multistage Rules during the session and receive sample use cases used in the webinar. Stay with us after the presentation for an in-depth Q&A session with our experts.
  • Opening the Books on Ghostwriter Recorded: Aug 19 2020 37 mins
    Lee Foster, Senior Manager of Analysis, Mandiant Threat Intelligence
    Mandiant Threat Intelligence has identified a broad influence campaign that is closely aligned with Russian security interests. These operations have primarily targeted audiences in Lithuania, Latvia, and Poland with narratives critical of the North Atlantic Treaty Organization’s (NATO) presence in Eastern Europe while also leveraging anti-U.S. and COVID-19 themes. Mandiant Threat Intelligence has dubbed this campaign “Ghostwriter” based on its use of compromises news sites and fake personas to disseminate fabricated content.

    Join Lee Foster, Senior Manager of Analysis with Mandiant Threat Intelligence as he describes how Mandiant discovered the Ghostwriter campaign and details the various TTPs it employs.

    Register Now!
  • Extend Network Protection & Forensics to Microsoft Azure with Keysight & FireEye Recorded: Aug 18 2020 56 mins
    ​Dennis Carpio, Sr. Director, Technology Partnerships​, Keysight Rob Ayoub, Sr. PMM, Network Security, FireEye
    With increased reliance on remote workers, more organizations are using the cloud for mission critical services. Microsoft Azure has emerged as a leading platform for enterprise cloud computing with a projected run-rate of $50 billion in 2020. Your defenders likely work with the platform in some way and need to be confident that they can spot attacks, assess the extent of breaches and protect their workloads.

    Join Keysight and FireEye to learn the latest best practices for network and cloud security and forensics, especially in Microsoft Azure environments. Through real-life scenarios delivered by Mandiant experts you’ll see how FireEye Network Security in hybrid environments helps expose the source and scope of any threat or attack. Keysight visibility experts will explain exactly what data you need to conduct and accelerate network security in cloud environments, and the fastest way to get it.

    Register Now!
  • Mitigate Ransomware Risks With An Enterprise Content Firewall Recorded: Aug 12 2020 45 mins
    Tim Gallo, Security & Intel Architect, FireEye; Cliff White, CTO, Accellion; Chris Unick, Director, FireEye
    When you have to choose between paying a cyber ransom or losing your IP and customer content and taking a hit to your reputation, it’s really no choice at all. Ideally, you should avoid the problem entirely—detect and quarantine incoming files that contain ransomware before they do damage.

    Attend this webinar to learn how to combine Accellion’s enterprise content firewall with FireEye Malware Analysis and Helix to protect all your communication channels with a unified infrastructure, unified security and unified visibility.

    Key Takeaways:
    • Detect and quarantine ransomware with FireEye detection capabilities with Accellion’s content firewall
    • Use a content firewall to unify governance and security of traffic from all content communication channels
    • Use FireEye Helix to monitor and analyze the clean, pre-normalized security logs of all the consolidated content flows

    Reserve your seat for our live event on Wednesday, August 12, 2020 at 11am Pacific. l 2pm Eastern

    Speakers:
    Tim Gallo | Global Security and Intelligence Architect, FireEye
    Cliff White | CTO, Accellion
    Christopher Unick | Director Technical Partnerships, FireEye
  • Modern Cyber Risk Management for Better Decision Making Recorded: Aug 11 2020 42 mins
    Matt Keane, Principal Consultant at FireEye Mandiant, & Jennifer Guzzetta, Product Marketing Manager at FireEye Mandiant
    Most C-suite leaders believe their investment decisions in security risk management is not keeping up with the new and heightened levels of cyber risks. This is often due to their use of the decade old, top-down approach in leveraging risk models, which leaves gaps between attacker and defender behaviors.

    Transformation of your risk management processes, plus the people behind them, can solve for this.

    Aligning your organization’s security efforts with the risk appetite of data owners and business leaders must become a priority.

    This webinar spotlights a transformational model that operationalizes security risk management to improve and optimize decision making by:

    •Identifying challenges in your current cyber risk management program
    •Establishing a modern cyber risk management strategy
    •Shifting the players and processes involved in your cybersecurity decision support
    •Integrating risk management priorities across the entire security function
    •Monitoring progress with the right kind of security metrics

    Join Matt Keane, Principal Consultant at FireEye Mandiant, for his expertise on transforming your security risk management approach by bridging the gap between vital security teams and improving their decision making.
  • Educause Webinar: Community Resilience: Working Together to Improve Cybersecurit Recorded: Aug 10 2020 48 mins
    Monte Ratzlaff, University of California, Chris Schreiber, FireEye
    Higher education has a history of collaboration that’s unique compared to other verticals. Join FireEye and the University of California Office of the President to explore how cyberthreat intelligence and peer collaboration can extend cyber resilience capabilities beyond a single campus boundary.
    Outcomes
    •Understand concepts for applying cyberthreat intelligence to your campus
    •Learn how UC applies these concepts across their campuses and medical centers
    •Discuss potential methods for enhancing collaboration across the broader community
The leading provider of next generation threat protection
FireEye is the world leader in combating advanced malware, zero-day and targeted attacks that bypass traditional defenses, such as firewalls, IPS and antivirus.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: FireEye Helix Explained: Multi-stage Rules
  • Live at: Aug 25 2020 4:00 pm
  • Presented by: ​Sarah Cox Sr. Instructional Designer FireEye and Mike Kizerian Principal Instructor, FireEye
  • From:
Your email has been sent.
or close