FireEye Endpoint Security Overview

FireEye Endpoint Security is the #12 ranked solution in our list of EDR tools. It is most often compared to CrowdStrike Falcon: FireEye Endpoint Security vs CrowdStrike Falcon

What is FireEye Endpoint Security?

FireEye Endpoint Security is an integrated endpoint solution that detects, prevents and responds effectively to known malware and threats traditional anti-virus endpoint security products miss. It expands endpoint visibility and provides contextual frontline intelligence to help analysts automate protection, quickly determine the exact scope and level of any attack activity and adapt defenses as needed.

FireEye Endpoint Security Buyer's Guide

Download the FireEye Endpoint Security Buyer's Guide including reviews and more. Updated: June 2021

FireEye Endpoint Security Customers

Tech Resources Limited, Globe Telecom, Rizal Commercial Banking Corporation

FireEye Endpoint Security Video

Pricing Advice

What users are saying about FireEye Endpoint Security pricing:
  • "The current pricing is much better than before because they now offer product-related promotions along with some changes in product licensing. The new pricing model is better than before."
  • "It is a yearly subscription-based product, which includes the license and hardware. There is also a subscription for technical support up to five years."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
SB
Sr Manager - Information Security & Researcher at a tech services company with 1,001-5,000 employees
Real User
Top 5Leaderboard
Enables us to do IOC-based search across the enterprise and isolate compromised devices

What is our primary use case?

It can be used for ransomware detection and data exfiltration. It is also able to detect Remote Access Trojan (RAT).

Pros and Cons

  • "It is easy to use, flexible, and stable. Because it is a cloud-based solution and it integrates all endpoints of the cloud, we can do an IOC-based search. It can search the entire enterprise and tell us the endpoints that are possibly compromised."
  • "It has a feature called Isolation. If a device is compromised, we can connect it to our SOC, and no one would be able to access it. This way we can limit the damage to the network while we are investigating."
  • "Malware detection can be better. It doesn't have support and detection for the recent malware, but it has a compensatory control where it can do the behavior-based assessment and alert you when there is something malicious or unexpected. For example, when a certain user is executing the privilege command, which is not normal. These dynamic detections are good, and they compensate for malware detection."
  • "It has very good integrations. However, its integration with Palo Alto was not good, and they seem to be working on it at the backend. It is not very resource-hungry, but it can be even better in terms of resource utilization. It could be improved in terms of efficiency, memory sizing, and disk consumption by agents."
  • "They have something called Managed Detection and Response. They get intel from their customers, and that intel is shared with the rest of FireEye's customers. I want to subscribe to their intel, but that is not available to us."

What other advice do I have?

Based on my two years of experience with this solution, I would comfortably recommend this solution. I would rate FireEye Endpoint Security an eight out of ten.
Information Technology Security Architect at a financial services firm with 5,001-10,000 employees
Real User
Top 5
A simple to use, yet effective solution for protecting us against malware and other threats

What is our primary use case?

We use this solution to enhance our internal defense system, protecting us against malware and advanced persistent threats. We use the on-premises deployment model.

Pros and Cons

  • "The most valuable feature of this solution is its simplicity."
  • "The integration and display of the dashboards have to be done better."

What other advice do I have?

I like FireEye products, and they have a huge portfolio for this solution. However, this is not a magic bullet where you can install it and your problems will disappear. The problem is with the people, rather than the tool. From my perspective, you can install every tool, but you need to have a security operations team involved in the process of analyzing, sorting, and eliminating threats. When we started our project, we had very few people and we have realized that this had to change. The system without human intervention is useless. We needed to build more complex security operation centers…
Learn what your peers think about FireEye Endpoint Security. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
509,414 professionals have used our research since 2012.
RT
Manager at a tech company with 1,001-5,000 employees
Real User
Top 5
The most valuable feature is the capacity to collect all the information for forensic analysis purposes.

What is our primary use case?

The two primary use cases are towards the process monitor and malware detection for APT (Advanced Persistent Threat).

Pros and Cons

  • "FireEye Endpoint Security's scalability is awesome. I think it is one of the best on that front."
  • "The reports need more development. They need more details on the reports and more details taking the executive view into consideration."

What other advice do I have?

I would recommend to check how they might pull reports. For example, where the customer modes fall because it's an independent investigation related to an IP. On a scale of one to ten, I would give FireEye Endpoint Security a ten, because it's the only good option.
MK
Deputy Technical Manager (SOC Operations) at a tech services company with 1,001-5,000 employees
Real User
Top 5
Comes with useful protection features, but lacks Linux support

What is our primary use case?

We want more protection for our servers. We would like to know if a real incident or something compromising is happening. Therefore, we have deployed this EDR solution.

Pros and Cons

  • "The exploit guard and malware protection features are very useful. The logon tracker feature is also very useful. They have also given new modules such as logout backup, process backup. We ordered these modules from the FireEye market place, and we have installed these modules. We are currently exploring these features."
  • "The Linux support is very poor. I use base detection. Currently, they are providing malware protection and logon track features in Windows and Mac. These features aren't available in Linux. It will be helpful to extend these capabilities to Linux. We would also like assets grouping and device lock protection features, which are included in their roadmap."

What other advice do I have?

If you are deploying on Windows or Mac, there will be minimal issues, and you can go for this solution. With Linux, you need to understand a few features. What you expect from Windows and Mac is not available in Linux. If your main technologies are open source, then probably rethink about FireEye Endpoint Security. You can go for FireEye Endpoint Security after they have the same capabilities in Linux. Most of the features are there in their roadmap. We mostly faced issues with Linux support. In the past, we also had issues related to communication between an agent and an endpoint where they…
MO
product manager at MCS
Reseller
Top 20
Detects malicious behavior across all common and controlled traffic throughputs

What is our primary use case?

FireEye Endpoint Security is positioned as an Endpoint Detection and Response (EDR) product. We are a distributor of the FireEye product. We offer a combination FireEye package. We offer the product in many sectors, like banking and government. We use the latest version. We offer it in a private cloud model for our customers who want to build a security operations centers in their environment.

Pros and Cons

  • "The most valuable network security feature is the network sandbox solution. This sandbox feature works on traffic flow."
  • "The investigation and forensic analysis have been most helpful."
  • "They could also increase or improve the scalability because to my knowledge the biggest bandwidth can only support up to 10 gigs of input."
  • "If you have another endpoint product running on the same machine, you have to fine tune functions from FireEye to avoid performance and user experience issues."

What other advice do I have?

It offers protection from the latest threats.
MK
IT Security Engineer at Miltec
Reseller
Offers good integration between the environments

What is most valuable?

The most valuable feature is the integration between environments.

What needs improvement?

Something that needs to improve is the interface. I would also like to see simple processing and reporting online. 

For how long have I used the solution?

I've been using this solution for six months now.

What do I think about the stability of the solution?

The stability of the solution was not very good.

What do I think about the scalability of the solution?

We had some issues with the scalability but it was taken care of. It can be improved, however. 

What other advice do I have?

I will rate this solution an eight out of ten. In the next version I would like to see an improvement in the scalability and stability. 
Buyer's Guide
Download our free FireEye Endpoint Security Report and get advice and tips from experienced pros sharing their opinions.