3. FireEye Detection Requires Remediation By Incident Response Team
The FireEye antimalware system has the potential to generate a lot of alerts, which is not necessarily bad, but it will require a response team to make it effective, said Andreas Mertz at IT-Cube, a certified FireEye partner based in Munich, Germany. Mertz said the firms he's seen deploying the technology are not doing so in-line, making it an incident response tool rather than a real-time detection engine.
Deployment of the appliance is favored at large defense contractors and the financial sector, which can afford large IT teams and handle coordinating with outside consultants and other service providers for assistance with isolating and containing advanced threats.