Netify have released our 2024 SD-WAN comparison blog article

FireEye Cybersecurity Solutions

Sector, Company Type, and Location:Healthcare  |  Retail  |  Education  |  Financial Services  |  Government  |  ICS/SCADA Control Systems  |  Europe  |  Asia  |  Australia  |  United Arab Emirates  |  UK  |  North America
Tags & Search Filters:XDR  |  CASB  |  MDR  |  FWaaSand 4 more tags  |  SWG  |  Endpoint protection  |  SIEM  |  EDR

FireEye are a network security provider that delivers a strong Extended Detection & Response (XDR) service.


FireEye Cybersecurity Solution: Comparisons, Review, Benefits, Use Cases, Pros & Cons

Author: Netify Research Team

If you have questions about FireEye and how their capability is aligned to your needs, email the Netify research team. UK: North America:

(Please use the UK email for ROW - Rest of the World - questions or inquiries)

Resources and Downloadable Content

Request the very latest FireEye cybersecurity sales PDF directly from your local account team. Please check your junk folder if not received.

Complete your details to arrange a demo of FireEye. You will receive contact requesting available dates and times - please check your junk folder if not received.

Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.


Netify Review

FireEye are a network security and XDR provider. They offer strong network detection and response capabilities which leverage their AI, machine-learning and MVX technologies, to block security breaches in real-time. The service is feature-rich, offering a broad range of on-premises and cloud-based deployment options to secure operating systems such as Apple OS X, Windows and Microsoft, as well as SaaS and cloud applications (Openstack, Azure, AWS, Kubernetes and Google Cloud Platform). They offer CASB (Cloud Access Security Broker) services through a partnership with CipherCloud, and an array of cloud security options via a collaboration with iBoss. 

Netify recommends FireEye to clients looking for detailed XDR and network security, with multiple deployment options and security for remote users. However, for businesses requiring SASE and ZTNA technologies, FireEye may not be a suitable fit.

Marketplace Assistance

Are you an IT decision maker building your own SASE Cybersecurity or SD WAN shortlist?

Take our 90 second assessment quiz to find out which top 3 vendors or managed providers are a match for your answers.


About FireEye

FireEye are a privately held security company, whose headquarters are based in Milpitas, California, North America. The company was founded in 2004 by Ashar Aziz, and its parent company is the Symphony Technology Group. FireEye have received awards from Infosec Awards 2020 Best Product: FireEye Network and Security Management, AI ATAC 2020 Award: FireEye Network Security and CyberSecurity Excellence Awards 2021 for FireEye Cloudvisory, FireEye Email Security and FireEye Endpoint Security. FireEye currently hold a Net Promoter Score of 54. As of 8th October 2021, FireEye was merged with McAfee Enterprise through an acquisition by Symphony Technology Group creating a portfolio to protect customers across applications, endpoints, infrastructure and the cloud. The company was also featured as a future vendor in the Gartner “Innovation Insight for Extended Detection and Response” report. 

Pros & Cons

What are the pros and cons of FireEye Cybersecurity?

List of the pros and cons associated with FireEye cybersecurity.


  • FireEye secures remote users via their partnership with iBoss to provide cloud security with threat and breach detection.
  • FireEye offer a strong Extended Detection and Response (XDR) service, which leverages machine-learning and AI, along with Multi-Vector Virtual Execution (MVX) engines, to detect and block malicious traffic in real-time.


  • Since parting ways from Mandiant, care must be taken as we are unable to identify to what extent FireEye has retained Threat Intelligence Services as part of their offering.
  • FireEye do not offer Zero Trust Network Access (ZTNA) and Secure Access Service Edge (SASE) services - businesses requiring such services may be cautioned.

Comparison: FireEye vs Crowdstrike vs Palo Alto cybersecurity

Consider the points below to compare FireEye vs Crowdstrike vs Palo Alto cybersecurity.


  • FireEye are a suitable choice for clients looking for Extended Detection and Response and network security solutions. 
  • Does not offer full SASE. 
  • Offers cloud security for AWS, Azure and Google Cloud. 


  • Crowdstrike are a good choice for clients looking for granular security services. 
  • Offers Extended Detection and Response services. 
  • Crowdstrike offers connectivity to AWS, Azure and Google Cloud. 

Palo Alto

  • Palo Alto are a good choice for clients looking for an integrated SD WAN and SASE solution with strong cloud capabilities. 
  • Offers Extended Detection and Response services. 
  • Offers connectivity to AWS, Azure and Google Cloud. 


Comparison: FireEye vs Check Point cybersecurity

Consider the points below to compare FireEye vs Check Point cybersecurity.


  • FireEye are a suitable choice for clients looking for Extended Detection and Response and network security solutions. 
  • Does not offer full SASE. 
  • Offers cloud security for AWS, Azure and Google Cloud. 

Check Point

  • Check Point is a good choice for large multinational corporations looking for granular security services. 
  • Check Point offer granular SASE services. 
  • Offers security for AWS, Azure and Google Cloud. 

Similar Vendors

Top 3 similar Cybersecurity Vendors

Click the vendor logo to find out more about each respective cybersecurity solution.

Products & Services

What are FireEye's Solutions?

  • Helix Security Platform: A SaaS security operations platform, offering clients the ability to control incidents in all areas. The product comes with automated alert validation to help manage false positives and alert volume. The Security Information Event Management (SIEM) service procures big data from remote systems and uses it to provide clients with a view into their organizations IT security. User and entity behavior analytics leverages machine-learning, statistical analysis and algorithms to detect internal and external security threats. FireEye Helix also uses machine-learning to baseline what a business’ normal behaviour is like, allowing for alerts to be created when anomalies and deviations occur. Real-time threat intelligence and customisable threat detections are able to detect multi-vector threats. Integrated Security Orchestration, Automation and Response (SOAR) is offered to create quick response times, reduced risk exposure and process consistency. Clients have the ability to prioritize alerts, focusing on true threats whilst customizing dashboards and accessing incident response playbooks.
  • Multi-Vector Virtual Execution (MVX) engine: Designed to detect evasive attacks such as multi-flow and zero-day using dynamic and signature-less analysis, preventing infection and compromise phases of cyber-attack kill chains and identifying new exploits and malware.
  • FireEye Network Security: Secures operating systems such as Apple OS X, Windows and Microsoft. The solution leverages MVX, dynamic machine-learning and artificial intelligence (AI) technologies, which inspect suspicious network traffic, detecting and blocking malicious activity in real-time. Intrusion Prevention System (IPS) detects attacks using conventional signature matching. The appliance is designed to sit behind next-generation firewalls (NGFW), secure web gateways (SWG) and IPS, aiding these solutions by detecting known and unknown attacks. The solution is able to analyze over 160 file types which include portable executables (PEs), active web content, Java, Adobe, Microsoft archives and media, applications and multimedia. The solution can be deployed in a number of different ways: 
  • Integrated Network Security, a comprehensive hardware-appliance with MVX service secures internet access points at a single site; 
  • Distributed Network Security, a set of extensible appliances which use an MVX service, securing Internet access points throughout an organization; 
  • Network Smart Node, which are physical or virtual appliances designed to analyze internet traffic and detect and block malicious traffic whilst sending suspicious activity to the MVX service for definitive verdict analysis. 
  • MVX Smart Grid: MVX service located on-premises offering transparent scalability, built-in N+1 fault tolerance and automated load balancing. 
  • FireEye Cloud MVX: An MVX subscription service, that offers security by analyzing traffic on the Network Smart Node. Any suspicious objects are sent to the MVX service to be filtered. 
  • Protection On-Premise or in the Cloud: Network Security in the Public Cloud, available in both AWS and Azure.
  • Multiple, Dynamic Machine Learning, AI and Correlation Engines: Designed to detect and block targeted, obfuscated and customized attacks using contextual, rule-based analysis with real-time insights which are gathered using hours of previous incident response experience. The product identifies malicious exploits such as malware, Command and Control (CnC) callbacks and phishing attacks and blocks them by preventing infection, compromise and intrusion phases of the cyber attack kill chain. Suspicious network traffic is extracted and submitted to the MVX engine for further analysis. 
  • Network Forensics: Network Forensics allows clients to use signatureless detection and protection from threats such as zero-days. The service includes code analysis, heuristics, emulation, statistical analysis and machine-learning in one sandbox solution. Includes high-fidelity alters, enhanced threat awareness from FireEye security practitioners and improves analyst efficiency by reducing alert volume. Integrated Intrusion Prevention System (IPS) and Dynamic Threat Intelligence are also available. Clients can choose to deploy the service in a variety of ways including on-premises, in-line and out of band, public and private cloud, hybrid and virtual offerings. In order to create a comprehensive end-to-end advanced threat protection security stack, clients can combine this service with FireEye Helix, FireEye Endpoint and Email Security. FireEye Network Forensics also has the ability to integrate with FireEye Network Security to provide packet captures associated with an alert, for in-depth investigations. 
  • FireEye Detection On Demand: Threat detection delivered as an Application Programing Interface (API) with capabilities to integrate with Security Operations Center (SOC) workflows, data repositories, SIEM analytics and client web applications, with flexible file and content analysis capabilities. 
  • Endpoint Security: Uses multi-engine protection to secure endpoints in a single modular agent, blocking advanced threats with machine-learning engine MalwareGuard, common malware using a signature-based engine, application exploits with behavior analysis engine ExploitGuard and protects from new vectors using Endpoint Security Modules. Endpoint Security also leverages threat detection and response to identify threat activity using a real-time indicator of compromise (IOC) engine, tools and techniques to enable response to breaches, logged activity timelines to be used in forensic analysis, and the ability to stream alerts and information to the FireEye Helix XDR. Real-time forensics investigation is also available, allowing clients to assign severity and priority to alerts using triage, investigate and determine threat artefacts using deep-dive, and find threat artefacts across endpoints using Enterprise hunting. FireEye Network Security detects and contains security compromises, which are sent to FireEye Endpoint Security for remediation. 
  • Email Security: FireEye secure email gateway allows clients to protect against advanced email threats such as spear-phishing and impersonation.  The solution uses machine-learning to minimize risks, identify false positives, block phishing attempts and track attack activity. Because threats are blocked in-line, alert fatigue is minimized which allows security teams to manage policies and customize responses depending on the severity of an attack. FireEye email security is available in two packages: FireEye Email Security- Cloud Edition, which integrates with cloud email platforms such as Microsoft 365; and FireEye Email Security - Server Edition, which is located on-premises as an appliance or virtual sensor, with the capability to block malware and spear-phishing emails. FireEye Central Management is available to correlate alerts form FireEye Network security with FireEye Email Security, providing a clear view of any attacks. 
  • CloudVisory: A multi-cloud security solution providing ad-hoc Cloud Security Audits, Single-pane-of-glass Cloud Security, Continuous Cloud Security Analytics and Network Flow Visualization. The platform also offers protection from exposure and compliance violation by reducing the risk of cloud security misconfiguration using Extendable Compliance Framework, Cloud Vulnerability Management, Cloud Security Compliance Guardrails and Risk Analysis and Remediation. Finally, the solution uses machine-learning to detect anomalies, with Cloud Security Policy Management, Threat Detection and Response, Intelligent Micro-segmentation and Automated Policy Governance. 
  • Detection On Demand: A threat detection service designed to discover security threats in the cloud, SIEM, SOC or files that are uploaded to web applications. The service can detect both known and unknown threats by inspecting cloud infrastructure and business-logic of data in cloud applications, and is deployable across the entire cloud ecosystem, including with solutions such as Dropbox, Slack and Salesforce. The solution also leverages threat intelligence from the FireEye SOC. Detection On Demand can be embedded in a clients products, using their API. 
  • FireEye + iBoss Cloud Security: FireEye have collaborated with SASE and security provider iBoss to create a network and cloud security platform with advanced threat protection and data breach prevention. The solution is deployed via the cloud and is able to secure any endpoint regardless of the end-user’s location or form factor- anything from laptop, desktop, tablet, IoT, server or any other mobile device, securing remote users. (See, How does FireEye support remote users?).
Service Providers

Which service providers offer FireEye cybersecurity?

Filter by tag, location, and service type:
(Select any number of tags)

EuropeAsiaAustraliaUnited Arab EmiratesUKNorth AmericaXDRCASBMDRFWaaSSWGSecurity MSPEndpoint protectionFile analysisIoT securitySIEMCloud workload protectionInstant communications securityManaged securityArtificial Intelligence (AI)Machine Learning (ML)

There are no results matching your selection.

See all FireEye Cybersecurity Solutions Service Providers


What is the FireEye SASE security solution?

FireEye do not currently offer a full SASE solution. However, their partnership with iBoss provides a cloud network security solution with advanced threat protection and the ability to secure devices both on-premises and in a remote setting (see, FireEye Products and Services: FireEye + iBoss Cloud Security). 

What Zero Trust Network Access (ZTNA) Solution is Supported by FireEye?

FireEye do not currently offer a ZTNA solution. 

What CASB Solution is Supported by FireEye?

FireEye does not offer CASB directly. However, they recently collaborated with CipherCloud, a leading cloud security provider offering a zero-trust CASB solution. The collaboration offers clients FireEye Detection On Demand, which reviews any content found across a SaaS or cloud application, whilst CipherCloud CASB secures the cloud environment. This data can be viewed in the CipherCloud dashboard via the FireEye Helix. 

What SWG Solution is Supported by FireEye?

FireEye do not offer SWG solutions directly, however the FireEye Network Security product is designed to sit behind SWG appliances, aiding them by detecting both known and unknown attacks (See, FireEye Products and Services: FireEye Network Security). 

What FWaaS Solution is Supported by FireEye?

FireEye do not offer their own Firewall as a Service (FWaaS) solution, but their FireEye Network Security product offers added detection and response capabilities when deployed with a FWaaS solution or NGFW.

What XDR Solution is Supported by FireEye?

FireEye offers detection, protection and response technology via their cloud-based XDR platform. This offers clients increased visibility and detection abilities, leveraging security expertise from their SOC, best practice security playbooks and security analytics. All FireEye products have the capability to work alongside existing third-party solutions. FireEye XDR combines FireEye Helix, FireEye Email, FireEye Cloud, FireEye Network, FireEye Endpoint and Third Party Tools (see, FireEye products and services).


Funding Rounds

Cloud Security

How does FireEye deliver cloud security?

FireEye offer a range of cloud security products, designed to replace legacy security tools by combining protection and visibility into their services. (See, FireEye products and services: FireEye + iBoss Cloud Security). 

Cloud Security Products:

  • FireEye Cloudvisory: A designated control center for cloud security, designed to offer increased visibility, and with the capability to comply with a number of security environments, including Kubernetes, AWS, Azure, Google Cloud Platform and Openstack. 
  • FireEye Email Security: A secure email gateway that offers protection from email-borne threats. 
  • FireEye Helix: Designed to integrate disparate security tools and augment them with SIEM services, threat intelligence capabilities and orchestrators. Presents as a security operations platform. 
  • FireEye Detection On Demand: Threat detection service with content scanning and flexible file capabilities, which identifies file-borne threats in client web applications and cloud. 
  • FireEye Network Security and Forensics: A threat and breach detection solution which offers visibility into sophisticated attacks to protect assets, users and networks from potential security threats.
Cloud Access

Cloud Access

Amazon Web Services35
Microsoft Azure30
Google Cloud25
Remote Users

How does FireEye support remote users?

FireEye supports remote users via their collaboration with iBoss, providing a cloud-based advanced threat and breach detection platform which offers threat visibility and network protections to protect users regardless of location. The solution leverages patented FireEye MVX analysis and intelligence-driven technologies to detect and protect against threats such as zero-days, utilizing intelligence to provide high-fidelity alerts. The solution leverages authentication and SSL decryption from iBoss and proxy and SSL Re-Encrypt from FireEye.

Managed, co-managed & DIY services

What is the FireEye managed, co-managed and DIY services solution?

FireEye offer FireEye as a Service as their fully managed security offering. This solution provides managed detection, investigation and response by FireEye experts. Individual FireEye products can also be integrated into new or existing DIY networks through its Bring Your Own Network (BYON), network agnostic functionality.


Year on Year Global Spending on Cybersecurity


What Reporting and Management is available via the FireEye Portal?

FireEye Threat Intelligence Portal: Provides access to Helix: Intelligence, Helix EU: Intelligence and FireEye Threat Intelligence via a web browser. Allows access to intelligence reports and FireEye Threat Intelligence resources as per chosen subscription. Caution should be taken on the exact features of the FireEye portal, since splitting with Mandiant some information may be inaccurate or outdated. 

  • FireEye Customer Portal: FireEye offer a browser based portal for customer account management, access to network reporting and analytics is available through the FireEye platform itself. 
  • Documentation Portal: Customer access to technical documents, offers interactive multimedia to ensure customers make the most out of their product such as, guides, instructional and hardware videos.
years active

Number of years active

Service Level Agreement

What is the FireEye SLA?

Below is a table displaying the main focus points of the FireEye Service Level Agreement (SLA). 

FireEye Helix Portal:

Portal Availability per Calendar MonthService Credit

FireEye Email Security - Cloud Edition / FireEye Email Threat Prevention (ETP):

System Availability of Email Subscription per Calendar MonthService Credit

(FireEye, 2021) Find out more at:

Frequently Asked Questions
Which industries do FireEye deliver solutions for?
FireEye Global Services Provider Partners
FireEye Technology Solution Partners
FireEye Affinity Resellers
Ask a question

Send your local contact from FireEye a message, this form will reach FireEye directly.

Contact FireEye
Complete the form to get in touch with a representative from FireEye.

Download the the complete guide to 10 SD WAN solutions.

The most comprehensive top 10 guide we have ever created.

Similar Companies

Deployment Region

North America40%
Europe, Middle East and Africa30%
Latin America15%
Proposition Focus

Proposition Focus


Industry Coverage

Energy and Utilities3%
Transportation 3%

Other Focus

Remote users30
List your business

List your business with Netify Learn More →


Geographic Focus


Please complete the form to ask a question or send a message directly to FireEye. Netify have carefully curated global sales contacts based on your IP location. If you do not receive contact, please check your junk folder.

Book a demo of the FireEye SD WAN and SASE security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.

A Netify Vendor Briefing is a 30 minute Zoom research session for IT decision makers, and an opportunity to learn about the vendors products, services and business strategies specifically or a related technology or market. We'll also discuss their competitors and which other solutions your business should consider. If you do not receive contact, please check your junk folder.

Netify is the first dedicated global SD WAN & SASE comparison marketplace.

List Your Business