Threat Analytics Platform
With Blue Secure’s FireEye® Threat Analytics Platform (TAP) cloud based solution, it enables security teams to identify and effectively respond to cyber threats by layering enterprise generated event data with real-time threat intelligence from FireEye. Most security-conscious organizations spend significant resources amassing log and event data to satisfy regulatory and compliance requirements. However, when it comes to analysis and responding to advanced attacks few are able to derive value from these data troves. The FireEye Threat Analytics Platform enables security teams to respond more effectively to threats by combining traditional system based event data with FireEye threat intelligence.
Detect and respond to threats discovered through event and data stream analysis
Information technology systems and applications produce a continuous stream of event and log details that can reveal suspicious behavior. The challenge is proactively filtering through the noise to identify real threats.
The Threat Analytics Platform (TAP) applies threat intelligence, expert rules, and advanced security data analytics to noisy event data streams. By revealing suspicious behavior patterns and generating alerts that matter, security teams can prioritize and optimize their response efforts.
- Real-time threat intelligence to identity threats The FireEye Threat Analytics Platform applies the largest and most comprehensive source of real-time threat intelligence on the event streams generated from enterprise systems to identify threats who evade traditional security solutions. Security teams get the information they need, when they need it to rapidly investigate and provide effective response.
- Raises the level of threat visibility The FireEye Threat Analytics Platform increases the overall visibility into the threat landscape by leveraging FireEye Threat Prevention Platforms’ rich insights into threat actor profiles and behavior.
- Prioritized alerts to enhance incident response The FireEye Threat Analytics Platform delivers prioritized alerts to help accelerate and enhance incident response. The platform quickly determines the scope of a suspected incident so that security teams can respond appropriately. It provides the ability to pivot into any field within an alert to identify related users, endpoints, and attacker infrastructure.
Benefits of Threat Analytics Platform
Detect malware and suspicious behavior proactively
- Apply FireEye intelligence and hunt rules gleaned from frontline incident response experience
- Analyze up to 80,000 events per second in near real time to identify attacks and compromise
- Reveal anomalies that can indicate threat activity
Respond to incidents faster
- Identify related users, endpoints, and attacker infrastructure by filtering through billions of events
- Improve investigations through workflow management and reporting
- Provide threat intelligence, dossiers, trends, news, and analysis on advanced cyber threat groups to help prioritize
Minimize deployment overhead
- Deploy quickly using prebuilt parsers for hundreds of security devices, network infrastructure systems, endpoints, applications and other data sources
- No agent or hardware installation required and no extra support resources needed since infrastructure is entirely hosted