HomeMITRECVE JournalCarbonpediaDocsReleases
FireEye Trellix Helix

FireEye Trellix Helix

This guide explains how to integrate FireEye Trellix Helix (now Trellix Helix) with RedCarbon.

Overview

The Trellix Helix integration allows RedCarbon to ingest alerts and incidents from the Helix platform.

Configuration

To configure the integration, you need to generate an API Key in the Helix console.

Step 1: Access IAM

  1. Log in to the Helix Homepage.
  2. Click on the Profile icon > Identity Access Management Console (IAM).

IAM Console

Step 2: Create an API Key

  1. Navigate to API Keys.
  2. Click Create New API Key.

Create API Key

Step 3: Configure Settings

  1. Select API Key with entitlements.
  2. Set the expiration date (e.g., 1 year).
  3. Under Products, select Threat Analytics Platform.

Configure Key

Step 4: Set Entitlements

  1. In the Entitlements section, search for and select the following permissions:
    • tap.alerts.browse
    • tap.alerts.read
    • tap.alerts.edit (optional, for write access)

Set Entitlements

Step 5: Configure RedCarbon

  1. Copy the generated API Key.
  2. Log in to the RedCarbon Dashboard.
  3. Navigate to the customer's Integrations page.
  4. Select FireEye Trellix Helix.
  5. Paste the API Key and your Helix Instance URL.
  6. Click Save and then Test.

Configure RedCarbon

Severity Mapping

Original SeverityRedCarbon Score
Low10
Medium40
High70
Critical90