Request a Demo


FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,900 customers across 103 countries, including more than 50 percent of the Forbes Global 2000.


FireEye Helix Security Platform

The integration with FireEye Helix Log Analytics is available as a runtime app as well as various Playbook Apps and Templates. With this FireEye Helix Log Analytics runtime app, ThreatConnect users are able to export indicators (addresses, hosts, email addresses, and files (MD5 & SHA1)) to FireEye lists for alerting and detection. Indicators that no longer match the filter can be removed from FireEye automatically. With the Playbooks App and Templates, users are automatically able to:

  • Deploy Indicators to FireEye Helix
  • Remove Indicators from FireEye Helix

These apps can be found in the ThreatConnect App Catalog under the names: Deploy to FireEye Helix Log Analytics and Remove from FireEye HELIX Log Analytics.

Keep Reading

Related Resources

Built By ThreatConnect

Fireeye Detection on Demand

With this Playbook app, you can automatically detonate, analyze, and submit files and URLs in FireEye from ThreatConnect to understand if they are malicious and return any contextualized telemetry. This all leads to more informed decision-making and more efficient remediation of malicious files through automation.

The following actions are available within the Playbook App:

  • Get Report - Search by a Report ID to retrieve details based on the report.
  • Submit File for Analysis - Submit a file for analysis.
  • Submit URL for Analysis - Submit a URL for analysis.
  • Get File Enrichment - Retrieve details about an analysis by its MD5 Hash ID.
  • Get Artifacts - Retrieve artifacts from a report
  • Advanced Request - Create a custom API request to the FireEye Detection on Demand API

This app can be found in the ThreatConnect App Catalog under the name: FireEye Detection on Demand 

Keep Reading

Built By ThreatConnect


FireEye Helix Playbooks

With these Playbook templates, you can easily add or remove indicators to FireEye Helix from ThreatConnect.

These apps can be found in the THreatConnect App Catalog under the names: FireEye Helix Log Analytics - Deploy Indicators and FireEye Helix Log Analytics - Remove Indicators

Keep Reading

Built By ThreatConnect

Looking for an
integration not shown?