Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

4/24/2012
10:27 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

McAfee Announces Next-Generation Situational And Risk-Aware SIEM

McAfee Enterprise Security Manager has a scalable database that was built to handle big security data

INFOSEC, LONDON – April 24, 2012 –McAfee today announced ground-breaking situational awareness and accuracy for Security Information and Event Management (SIEM). The introduction of McAfee Enterprise Security Manager (formerly NitroView) expands SIEM from simple event analysis to accurate and actionable information through the integration of threat, user and countermeasure intelligence. The unique McAfee “built for Big Security Data” SIEM, includes dynamic threat visibility from McAfee Global Threat Intelligence, and countermeasure awareness through McAfee ePolicy Orchestrator software and McAfee Risk Advisor.

Next-Generation SIEM

McAfee Enterprise Security Manager provides meaningful intelligence and takes SIEM to a real-time understanding of the global threat landscape by delivering immediate information on events, users, systems, data, risks, and countermeasures for accurate situational awareness. This rich understanding of security - by connecting the dots and pinpointing attacks - reduces time to respond and provides intelligently prioritized security alerts.

The Big Data Challenge

Core to increasing situational awareness is the ability to collect, maintain and intelligently process billions of relational data points both historically and in real time. Unlike other SIEMs that are struggling to keep up with exponentially increasing data flows, McAfee Enterprise Security Manager has a scalable database that was built to handle big security data. With this unique capability, the solution is capable of not only processing billions of events per day, but connecting those events with threat, countermeasure and user identity information to provide accurate and actionable intelligence.

Security Connected

McAfee Enterprise Security Manager is an essential part of the McAfee Security Connected framework allowing enterprises to connect all their security-relevant data and enterprise security management solutions for an unprecedented view of the enterprise.

Two-way integration with McAfee ePolicy Orchestrator software extends visibility and control across the entire security and compliance environment. Integration with Global Threat Intelligence from McAfee Labs provides the ability to correlate real-world source reputation information with security events so organizations can automatically pinpoint probing and active attacks and immediately shut them down. Through integration with McAfee Risk Advisor, McAfee Enterprise Security Manager leverages risk, vulnerability and countermeasure context to provide the most accurate risk score available – allowing enterprises to prioritize responses based on the security posture of the target.

Open Framework

The Security Connected Reference Architecture is an open framework supported by McAfee Enterprise Security Manager, providing an easy-to-use GUI that allows for parsing of security data from custom applications or other third-party sources. McAfee currently supports over 300 security data sources as input into Enterprise Security Manager. McAfee is committed to extending support for third party data sources, having added 70 new sources since the NitroSecurity acquisition.

“Less than six months after acquisition we are already taking major steps to advance situational awareness with our security management solutions,” said Stuart McClure, worldwide chief technology officer and general manager of the security management business unit at McAfee. “We are committed to providing our customers with an open platform which is critical for success in the SIEM space. McAfee customers receive the most intelligent and fastest SIEM on the market and receive greater value from the McAfee solutions they have already invested in.”

McAfee Enterprise Security Manager was honored with SC Magazine’s coveted ‘SC Lab Approved’ label in its most recent SIEM review. Also announced today was a report from Pike Research on Governance, Risk Management and Compliance which ranked McAfee as the top vendor.

Availability

The latest release of McAfee Enterprise Security Manager is expected be available mid-quarter, for more information visit http://www.mcafee.com/us/products/siem/index.aspx.

About McAfee

McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), is the world's largest dedicated security technology company. McAfee delivers proactive and proven solutions and services that help secure systems, networks, and mobile devices around the world, allowing users to safely connect to the Internet, browse and shop the Web more securely. Backed by its unrivaled Global Threat Intelligence, McAfee creates innovative products that empower home users, businesses, the public sector and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. McAfee is relentlessly focused on constantly finding new ways to keep our customers safe. http://www.mcafee.com

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
IoT Vendor Ubiquiti Suffers Data Breach
Dark Reading Staff 1/11/2021
The Data-Centric Path to Zero Trust
Altaz Valani, Director of Insights Research, Security Compass,  1/13/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).