FireEye iSIGHT Threat Intelligence: Services overview

Expert Ed Tittel looks at FireEye iSIGHT Threat Intelligence service for providing actionable, contextual data about today's top IT threats to organizations.

FireEye iSIGHT Threat Intelligence is part of an appliance-based platform for small, midsize and enterprise customers to automate defenses against zero-day and other advanced cyberattacks.

FireEye Inc. sells global threat intelligence on a subscription basis, and it delivers that intel to customer-owned FireEye and non-FireEye appliances, which detect and block threats in real time. Their intelligence gives context to volumes of data regarding global threats, and helps customers identify threat actors and indicators of network and system breaches.

FireEye iSIGHT gathers intelligence from millions of virtual machines that are deployed on networks around the world. That data is stored in a FireEye data repository, which is the foundation for all FireEye intelligence.

Data feeds

FireEye iSIGHT delivers data feeds (referred to as machine-to-machine intelligence by FireEye) daily, using the iSIGHT API and (human-readable) intelligence reports through the Intel portal.

FireEye iSIGHT typical customer

FireEye iSIGHT offers different product bundles (or subscriptions, described below) to small, midsize and enterprise customers. In fact, FireEye has a significant number of small and medium-sized business customers, which sets the company apart in today's mostly high-end threat intelligence industry.

Pricing and licensing

FireEye sells five different iSIGHT Intelligence subscriptions, which are designed for security job roles.

  • iSIGHT Tactical Intelligence: Aimed at tactical, technical users, this basic subscription provides a rich data feed and alerting. Tactical users do not have portal access, so they don't receive intelligence reports.
  • iSIGHT Operational Intelligence: Targeted at security operations center (SOC) personnel and incident response (IR) teams, this subscription provides actionable context, such as threat actor and malware profiles, along with data feeds and alerts. It also includes a prioritization filter to help security personnel focus on the high-priority threats first.
  • iSIGHT Fusion Intelligence: SOC and IR personnel that search for adversaries benefit from the analytic reporting and technical intelligence that's part of Fusion Intelligence, which is customized for an organization's cyber-risk profile. This subscription includes everything in the Operational Intelligence subscription, as well as defense scenarios, industry analysis and more.
  • iSIGHT Executive Intelligence: This subscription is considered an add-on for chief information security officers and executives who need condensed, non-technical information to make decisions involving risk, investments and strategy.
  • iSIGHT Vulnerability Intelligence: This subscription is designed for IT personnel who are responsible for ensuring patch management is performed, and who assess and prioritize vulnerabilities to critical systems. The data in this subscription includes information on patches, as well as active and emerging threats.

FireEye doesn't disclose pricing for iSIGHT Intelligence subscriptions, preferring that prospective customers contact the company for current pricing information that's tailored to their specific environments.

Please note that FireEye as a Service is a managed service that provides 24/7 monitoring, applied intelligence and threat detection by FireEye security experts, who will work with a customer's existing managed security partner. Customers also receive compromise reports that describe attackers, their intentions and response guidance. FireEye as a Service is also sold as a subscription.

FireEye iSIGHT Support

All FireEye products and services come with 24/7 technical support all year round, accessible via the FireEye online support portal or by phone. Platinum Priority Plus support packages are available for commercial and government customers, which include immediate problem escalation to a level-three support engineer, an unlimited number of customer designated callers, and an assigned FireEye support engineer.

Next Steps

Learn the five key criteria for evaluating threat intelligence services

See how the top threat intelligence services stack up against each other

This was last published in April 2017

Dig Deeper on Risk management