Videos

Hunting for Weak Indicators

Hunting for Weak Indicators

Chris Schreiber uses FireEye Helix’s analytics modules to hunt for weak indicators in an environment to suss out potentially compromised user accounts.

Event Data and Parsing

Event Data and Parsing

Nate Hancock uses FireEye Helix to illustrate how correct parsing of raw message data from the NX log can lead to successful searches within your environment.

Valuable MQL Searches

Valuable MQL Searches

Nate Hancock uses FireEye Helix to share some valuable MQL malware searches such as com broker, cloud collector or a ‘groupby’ search to find event data.

Searching and Pivoting

Searching and Pivoting

Nate Hancock explains how to use FireEye Helix to build basic malware searches using the ‘groupby’ command and subsequently how to pivot off of that information to find sourceIPs.

Intelligence Contribution and Context

Intelligence Contribution and Context

Fayyaz Rajpari shares a tip on the intelligence and context that an alert can provide. Using Helix, an intelligence led platform, an analyst can both provide and receive details on every alert whenever there is intel context available.

Investigative Tips

Investigative Tips

Fayyaz Rajpari explains how to use FireEye Helix’s Investigative Tips feature to answer the question “Now What?” after receiving an alert from your networked device.

Exporting Data from Helix

Exporting Data from Helix

Fayyaz Rajpari explains how to use FireEye Helix to export data from your environment so that it may be used for offline analysis and review.

AWS Monitoring with Helix

AWS Monitoring with Helix

Fayyaz Rajpari explains how to use FireEye Helix to retrieve API call history using AWS CloudTrail and VPC flow logs in your AWS environment.

Data Source Prioritization in Helix

Data Source Prioritization in Helix

Todd Bane explains data source prioritization options with your Helix deployment. This will help you and your team maximize the value of the data sources that you feed into Helix.

Scroll to Top