Hi [[ session.user.profile.firstName ]]

FireEye Helix Explained: Multi-stage Rules

Today’s security operations are often disjointed and constrained by limited visibility and false alerts. These issues can cost organizations valuable time, resources and effort, even as they increase the risk of an incident. FireEye Helix enables organizations to take control of any incident from alert to fix, and addresses traditional SIEM shortfalls while delivering highly efficient, low-maintenance security automation.

Join us for the next session in a series of webinars, as our experts highlight:

•Improving FireEye Rule coverage in your environment
•Tuning FireEye Rules to maintain a manageable flow of alerts
•Creating custom Rules for detection
•Creating multistage Rules to detect threats across multiple event logs

Follow along with a hands-on Helix demonstration of multistage Rules during the session and receive sample use cases used in the webinar. Stay with us after the presentation for an in-depth Q&A session with our experts.
Recorded Aug 25 2020 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
​Sarah Cox Sr. Instructional Designer FireEye and Mike Kizerian Principal Instructor, FireEye
Presentation preview: FireEye Helix Explained: Multi-stage Rules
  • Channel
  • Channel profile
  • Cloud Security: Not Just a Visibility Problem Anymore Recorded: Sep 24 2020 60 mins
    Earl Matthews, VP, Security Validation; Matt McWhirt Director, Consulting; Lisun Kung Sr. Director, Cloudvisory, FireEye
    Managing complex cloud environments is a reality for most organizations. They need to effectively see what’s occurring across multi-cloud environments, ensure that verification checks are met, and have the right enforcement mechanisms in place. Ultimately, they need to confirm that security controls are performing as expected at scale across distributed cloud platforms.

    Join us on Thursday, September 24 at 12 p.m. PT/3 p.m. ET to learn from frontline response experts and former CISOs about effective cloud security. This webinar covers cloud visibility, compliance, governance, controls validation and overall “health” of those environments. You’ll get answers to questions like:

    • How can I gain greater visibility across hybrid, public, private, and multi-cloud environments?
    • Is my organization prioritizing the correct information when monitoring cloud environments?
    • Is my team effectively stopping data leakage and protecting data integrity?
    • What side of the shared cloud responsibility model is my team accountable for?
    • Does my team have evidence to properly communicate key metrics to our executives?

    Expert panel includes:
    • Moderator: Brian Contos, VP, Technology Innovation, Mandiant Security Validation
    • Major General Earl Matthews, VP of Strategy, Mandiant Security Validation
    • Matt McWhirt Director, Mandiant Consulting
    • Lisun Kung, Sr. Director, Cloudvisory, FireEye

    Register Now
  • How Continuous Validation Helps Protect the Supply Chain Recorded: Sep 22 2020 59 mins
    Matt Shelton, Director, Technology Risk and Threat Intelligence, FireEye
    The Expanding Attack Surface: How Continuous Validation Helps Protect the Supply Chain

    Organizations are increasingly using third party providers to manage critical components of their infrastructure. The introduction of cloud services, managed service providers, and Software-as-a-Service (SaaS) has increased the size of an organization’s attack surface. A breach of proprietary and confidential information is just as impactful coming from the supply chain as it is from an organization’s infrastructure. Join Matt Shelton, Director, Technology Risk and Threat Intelligence, as he explains how intelligence-led validation can help tighten controls and reduce risk. In this webinar:

    -Hear about the realities of today’s threat landscape, sophisticated attackers and the implications on managing your security stack and processes
    -Learn how threat intelligence helps you take decisive action
    -Find out how continuous validation helps you understand the true measure of your security
    -Get insights into an actual use case where a company’s supply chain was breached to see how intelligence-led validation could have helped prevent it

    Register Now
  • Gain Visibility and Boost Security in Azure Hosted Operations Recorded: Sep 16 2020 59 mins
    ​Frank Rubio, WW Technology Alliances Director, Gigamon; Rob Ayoub, Sr. PMM., FireEye; Chris Unick, Director, FireEye
    Public Cloud and Infrastructure as a Service (IaaS) providers such as Microsoft Azure and AWS emphasize mutual responsibility in the cloud. Providers are expected to safeguard the security of the cloud infrastructure, but you are accountable for ensuring that the assets within the cloud don’t open the door for attackers. To prevent breaches, organizations require visibility into all workloads and to deploy critical security solutions with dynamic threat intelligence. Join experts from FireEye and Gigamon as they present a webinar on how to:

    • Utilize cloud-native network packet brokers to derive complete network traffic visibility into all cloud-located VMs
    • Leverage multi-pronged security solutions to rapidly and proactively identify and eliminate malware
    • Aggregate all compute node traffic, centrally process and distribute optimized flows to specific tools
    • Automatically deploy a fully virtualized, holistic solution with deep orchestration suite integration

    Register Now.
  • Cyber Best Practices: Hygiene for a Remote Government Workforce Recorded: Sep 9 2020 64 mins
    Jason Atwell, Mandiant Threat Intelligence; Dr. Daniel Ragsdale, Department of Defense; Kevin Stine, NIST; Dr. Lerone Banks,
    Cyber crimes spiked 400 percent by April during the novel coronavirus pandemic, according to FBI reports. Phishing attacks continue to target users; ransomware and malware attacks remain threats keeping your agency from its critical data. With more essential services moving online than ever before, health care systems, online commerce, and, pressingly, government agencies have all seen upticks in cyber criminals looking to exploit vulnerabilities in a time of turbulence. For government agencies, maintaining proper cyber hygiene is essential to the mission.

    How can agencies keep their IT protected across disparate networks? What training is needed to ensure security is prioritized regardless of where their workforce is located? How frequently should an agency patch? And what steps can you take today to secure your office’s digital infrastructure?

    Join Nextgov’s discussion with federal leaders and government experts to find out cyber best practices for challenging times and beyond.
  • FireEye Helix Explained: Multi-stage Rules Recorded: Aug 25 2020 59 mins
    ​Sarah Cox Sr. Instructional Designer FireEye and Mike Kizerian Principal Instructor, FireEye
    Today’s security operations are often disjointed and constrained by limited visibility and false alerts. These issues can cost organizations valuable time, resources and effort, even as they increase the risk of an incident. FireEye Helix enables organizations to take control of any incident from alert to fix, and addresses traditional SIEM shortfalls while delivering highly efficient, low-maintenance security automation.

    Join us for the next session in a series of webinars, as our experts highlight:

    •Improving FireEye Rule coverage in your environment
    •Tuning FireEye Rules to maintain a manageable flow of alerts
    •Creating custom Rules for detection
    •Creating multistage Rules to detect threats across multiple event logs

    Follow along with a hands-on Helix demonstration of multistage Rules during the session and receive sample use cases used in the webinar. Stay with us after the presentation for an in-depth Q&A session with our experts.
  • Opening the Books on Ghostwriter Recorded: Aug 19 2020 37 mins
    Lee Foster, Senior Manager of Analysis, Mandiant Threat Intelligence
    Mandiant Threat Intelligence has identified a broad influence campaign that is closely aligned with Russian security interests. These operations have primarily targeted audiences in Lithuania, Latvia, and Poland with narratives critical of the North Atlantic Treaty Organization’s (NATO) presence in Eastern Europe while also leveraging anti-U.S. and COVID-19 themes. Mandiant Threat Intelligence has dubbed this campaign “Ghostwriter” based on its use of compromises news sites and fake personas to disseminate fabricated content.

    Join Lee Foster, Senior Manager of Analysis with Mandiant Threat Intelligence as he describes how Mandiant discovered the Ghostwriter campaign and details the various TTPs it employs.

    Register Now!
  • Extend Network Protection & Forensics to Microsoft Azure with Keysight & FireEye Recorded: Aug 18 2020 56 mins
    ​Dennis Carpio, Sr. Director, Technology Partnerships​, Keysight Rob Ayoub, Sr. PMM, Network Security, FireEye
    With increased reliance on remote workers, more organizations are using the cloud for mission critical services. Microsoft Azure has emerged as a leading platform for enterprise cloud computing with a projected run-rate of $50 billion in 2020. Your defenders likely work with the platform in some way and need to be confident that they can spot attacks, assess the extent of breaches and protect their workloads.

    Join Keysight and FireEye to learn the latest best practices for network and cloud security and forensics, especially in Microsoft Azure environments. Through real-life scenarios delivered by Mandiant experts you’ll see how FireEye Network Security in hybrid environments helps expose the source and scope of any threat or attack. Keysight visibility experts will explain exactly what data you need to conduct and accelerate network security in cloud environments, and the fastest way to get it.

    Register Now!
  • Mitigate Ransomware Risks With An Enterprise Content Firewall Recorded: Aug 12 2020 45 mins
    Tim Gallo, Security & Intel Architect, FireEye; Cliff White, CTO, Accellion; Chris Unick, Director, FireEye
    When you have to choose between paying a cyber ransom or losing your IP and customer content and taking a hit to your reputation, it’s really no choice at all. Ideally, you should avoid the problem entirely—detect and quarantine incoming files that contain ransomware before they do damage.

    Attend this webinar to learn how to combine Accellion’s enterprise content firewall with FireEye Malware Analysis and Helix to protect all your communication channels with a unified infrastructure, unified security and unified visibility.

    Key Takeaways:
    • Detect and quarantine ransomware with FireEye detection capabilities with Accellion’s content firewall
    • Use a content firewall to unify governance and security of traffic from all content communication channels
    • Use FireEye Helix to monitor and analyze the clean, pre-normalized security logs of all the consolidated content flows

    Reserve your seat for our live event on Wednesday, August 12, 2020 at 11am Pacific. l 2pm Eastern

    Tim Gallo | Global Security and Intelligence Architect, FireEye
    Cliff White | CTO, Accellion
    Christopher Unick | Director Technical Partnerships, FireEye
  • Modern Cyber Risk Management for Better Decision Making Recorded: Aug 11 2020 42 mins
    Matt Keane, Principal Consultant at FireEye Mandiant, & Jennifer Guzzetta, Product Marketing Manager at FireEye Mandiant
    Most C-suite leaders believe their investment decisions in security risk management is not keeping up with the new and heightened levels of cyber risks. This is often due to their use of the decade old, top-down approach in leveraging risk models, which leaves gaps between attacker and defender behaviors.

    Transformation of your risk management processes, plus the people behind them, can solve for this.

    Aligning your organization’s security efforts with the risk appetite of data owners and business leaders must become a priority.

    This webinar spotlights a transformational model that operationalizes security risk management to improve and optimize decision making by:

    •Identifying challenges in your current cyber risk management program
    •Establishing a modern cyber risk management strategy
    •Shifting the players and processes involved in your cybersecurity decision support
    •Integrating risk management priorities across the entire security function
    •Monitoring progress with the right kind of security metrics

    Join Matt Keane, Principal Consultant at FireEye Mandiant, for his expertise on transforming your security risk management approach by bridging the gap between vital security teams and improving their decision making.
  • Educause Webinar: Community Resilience: Working Together to Improve Cybersecurit Recorded: Aug 10 2020 48 mins
    Monte Ratzlaff, University of California, Chris Schreiber, FireEye
    Higher education has a history of collaboration that’s unique compared to other verticals. Join FireEye and the University of California Office of the President to explore how cyberthreat intelligence and peer collaboration can extend cyber resilience capabilities beyond a single campus boundary.
    •Understand concepts for applying cyberthreat intelligence to your campus
    •Learn how UC applies these concepts across their campuses and medical centers
    •Discuss potential methods for enhancing collaboration across the broader community
  • Top 5 Cloud Security Myths: Busted Recorded: Aug 5 2020 55 mins
    Martin Holste, CTO, FireEye
    Through 2022, organizations are expected to be responsible for at least 95% of their cloud security failures (Gartner). But change how you think about cloud security, and you can be a success story.

    Our webinar helps debunk several common myths that jeopardize your fast, secure, migration to the cloud:

    • The cloud is unsafe
    • My organization doesn’t use the cloud
    • My cloud provider will keep me secure
    • The cloud is just someone else’s computer
    • Advanced adversaries aren’t attacking the cloud

    You’ll also learn how to identify a trusted advisor for cloud migration so you can confidently take advantage of cloud advancements.

    Presented by: Martin Holste, Cloud CTO at FireEye
  • Adopting a Proactive, Intelligence-Led Cyber Mission Recorded: Jul 27 2020 58 mins
    Major General Earl Matthews USAF (Ret) Vice President, Strategy Mandiant Security Validation, Chris Cleary Chief Information,
    Government agencies and public sector organizations are at high risk from a variety of threats, everything from nation-state reconnaissance to data theft and ransomware. The best defense today still requires a combination of powerful tools and current threat intelligence, tuned to your organization’s needs.

    Register today to join this discussion on the unique challenges facing government IT leaders and hear innovative ways to measure cybersecurity performance across network, email, endpoint, and cloud-based security controls. During this digital event we will cover:

    • How to manage the pace of change to IT systems and applications to ensure security control systems are keeping up

    • Understanding and communicating the effectiveness of your cybersecurity strategy with quantifiable, evidence-based data

    • How automated security validation, integrated with the latest threat intelligence and frontline expertise can validate the health of your infrastructure by testing against relevant threats
  • Cybersecurity Expertise and Female Leadership: Why Boardrooms Need Both Recorded: Jul 22 2020 62 mins
    Coco Brown, Founder and CEO, Athena Alliance; Alexa King, EVP, General Counsel, FireEye
    Although diversity in the c-suite and the boardroom is improving, there is more work to be done. Through its Elevate initiative, FireEye looks to continue to help connect, educate and enable cyber security leaders to assume responsibilities within today’s boards.
    During this discussion, Alexa King, FireEye EVP, General Counsel and Board Member, and Coco Brown, the founder and CEO of the accomplished Athena Alliance platform, will share details and key learnings from their own personal journeys. They will highlight some of the opportunities that exist for women in cyber security as they identify and prepare for board level roles, as well as the best ways to go about advocating for others.

    Alexa and Coco strongly believe in the power of women as executives in cyber security, and how important it is to have different perspectives on a board. Making connections, bringing opportunities to more women and offering support along the way will help benefit all women leaders in cyber.
  • Measure What Matters - Enhancing Cybersecurity with Metrics Recorded: Jul 7 2020 62 mins
    John Hultquist, Senior Director, Intelligence Analysis,FireEye; Kevin Cox, Program Manager, Continuous Diagnostics and Mitiga
    With high profile breaches threatening operations, ransomware attacks on the rise, and a myriad of laws and regulations guiding cybersecurity initiatives, federal, state and local governments have prioritized shoring up their cyber defenses across the board. However, as organizations work to enhance their cybersecurity, how can they ensure these efforts are effective and in compliance with federal standards and regulations? During this webcast, Nextgov and Route Fifty explored how to develop effective cybersecurity metrics and the ways agencies are being measured. Panelists discussed how to identify what to measure when it comes to cybersecurity, how to measure it, and how to turn these metrics into actionable intelligence.
  • Building a Ransomware Defense Recorded: Jul 7 2020 62 mins
    Luke McNamara, Principal Analyst, FireEye, Jon Ford, Director of Global Strategy and Operations for Government, Dan Lohrmann
    Ransomware is a remote, digital shakedown. It is disruptive and expensive, and it affects organizations of all sizes and in many industries. Government, however, faces greater risks and impact. Infections have shut down entire operations, forcing law enforcement agencies to drop cases and hospitals to turn away patients. But there may be a silver lining. Focusing defensive efforts in key areas and with practiced response planning may allow organizations to stop ransomware before it is deployed.

    Listen to Government Technology and FireEye to hear how advanced detection and prevention and front line response practices -- supported by actionable threat intelligence -- are the best defense against ransomware and other advanced attacks. View the webcast to better understand:
    •Ransomware trends and landscape – NEW actors on the scene!
    •The “after hours” factor
    •Common initial infection vectors and dwell time
    •Potential threats to government, elections and more
    •How to defend and respond
  • Swimming with sharks: Understanding & countering threats in higher education Recorded: Jun 29 2020 58 mins
    Chris Schreiber, Christian Schreiber, CISM, PMP Cybersecurity Platform Strategist, FireEye
    Hosted by University Business:
    An interactive discussion about cyber threats facing higher education and how you can prioritize your limited resources to most effectively protect your digital assets.

    Topics will include:
    •Review common cyber threats facing higher education
    •Learn about cyber threat intelligence (CTI) concepts
    •Explore how CTI can improve your information security
  • BrightTALK Local California: The Future of Events Recorded: Jun 25 2020 61 mins
    Riadh Dridi, CMO, Automation Anywhere; Vasu Jakkal, EVP & CMO, FireEye; Simon Lees, CBO, BrightTALK
    The future of events is unclear. Many marketers are leaning into entirely virtual strategies, while others are cautiously planning for a new breed of in-person and hybrid events in 2021. Join this webcam panel to hear how two of the Golden State’s top CMOs are adapting their strategies to drive results during and after the pandemic. They’ll cover:
    * Predictions for events in 2021 and beyond
    * Pivoting your in-person event strategy online
    * Inspiring your audience in the digital realm
    * Benefits and challenges of virtual events
    * Planning for an uncertain future
    * Keeping your marketing team focused while working from home
  • Ransomware Legal Implications and Proactive Solutions Recorded: Jun 24 2020 64 mins
    Experts from Mandiant, McDermott Will & Emery, Blake Cassels & Graydon LLP & Chubb
    In the 2020 M-Trends report, we noted that successful monetization of ransomware attacks and the availability of ransomware as a service have contributed to an increase in ransomware cases.

    In this session, Mandiant experts will be joined by speakers from US-based law firm McDermott Will & Emery, Canadian-based law firm Blakes, and global insurance partner Chubb, to discuss:

    •The threat profile of a ransomware attack
    •Best practices for ransomware recovery and response
    •The legal implications of a ransomware attack across the US and Canada
    •How to minimize the legal impact of a ransomware breach
    •The reactive and proactive insurance measures you can take to minimize business impact

    We encourage you to attend this session with your team to understand the impact of a breach on various business units, and the mitigation tactics that can be employed by all stakeholders within an organization.

    Reserve your spot today!
  • Security Effectiveness Strategies Recorded: Jun 16 2020 58 mins
    Maj.General Earl Matthews, VP of Strategy, Mandiant Security Validation& Jeff Compton, Global Head, Mandiant Intel Consulting
    Security Effectiveness Strategies: How to Validate and Improve Your Security Posture

    To stay ahead of an evolving threat landscape, security teams must continuously improve their processes and technology. But even with their investments, security professionals still need answers to pressing questions:
    -Who are the attackers that target my industry and what techniques do they use?
    -Which alerts matter most and how do I respond?
    -Are my tools, controls, processes working as expected?
    -Where should I focus improvement efforts?

    Join Major General Earl Matthews USAF (Ret), VP of Strategy, Mandiant Solutions and Jeff Compton, Senior Manager, Global Head of Intelligence Consulting, FireEye Mandiant Threat Intelligence for our upcoming webinar to:

    -Learn how cyber threat intelligence can inform which attackers target your industry and understand the techniques they employ
    -Find out how continuous validation can pinpoint where you have gaps so you can target improvements where they are needed
    -Understand how validation technology powered by relevant intelligence can generate proof of effectiveness and reduce risk

    Register Now
  • 5 Steps to Security Validation Recorded: Jun 15 2020 60 mins
    Major General Earl Matthews (USAF)
    Organizations have been managing security based on assumptions, hopes and best guesses for decades. We assume our technology will detect, block and send alerts, we hope our incident response techniques will be efficient and effective when under assault, and we believe that our security teams are well trained and practiced when everything goes wrong. These assumptions result in financial and operational inefficiencies, defensive regression and an inability to determine if we are investing in the right areas to communicate the state of our security effectiveness to stakeholders.

    Join this webinar to hear from Retired Major General Earl Matthews (USAF), as he discusses:

    • How to move beyond assumptions with automated and continuous security controls validation
    • Identify and measure vulnerability gaps
    • Manage and suggest remediation steps by arming security practitioners with meaningful evidence
    • Validate an organization's ability to defend itself by using real adversary behaviors

    Save your seat today!
The leading provider of next generation threat protection
FireEye is the world leader in combating advanced malware, zero-day and targeted attacks that bypass traditional defenses, such as firewalls, IPS and antivirus.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: FireEye Helix Explained: Multi-stage Rules
  • Live at: Aug 25 2020 4:00 pm
  • Presented by: ​Sarah Cox Sr. Instructional Designer FireEye and Mike Kizerian Principal Instructor, FireEye
  • From:
Your email has been sent.
or close