McAfee Expands SIEM and Security Operations Center (SOC) Portfolio
McAfee has upgraded its Enterprise Security Manager (ESM) security information and event management (SIEM) solution.
Now, ESM 11 enables security operations teams to collect, enrich and share data and obtain actionable insights faster than ever before, according to a prepared statement.
ESM 11 features an open and scalable data bus architecture that shares large volumes of raw, parsed and correlated security events, McAfee indicated. This allows security operations teams to search recent events and retain and analyze data for compliance and forensics.
Also, the ESM 11 architecture drives flexible horizontal expansion with active-active high availability, according to McAfee. This enables security operations teams to query billions of events.
ESM 11 is now available.
McAfee Bolsters Its Security Portfolio
In addition to its ESM upgrades, McAfee has announced the following updates to its security portfolio:
- Active Response: With Active Response, security analysts can evaluate the impact of a threat across an organization’s endpoints in real-time. Active Response offers security capabilities to help security operations teams detect and remediate PowerShell exploits. Furthermore, Active Response integrations are designed to help security analysts view sandbox reports and indicators of compromise (IOC).
- Behavioral Analytics: Behavioral Analytics is a new McAfee solution that leverages big data security analytics and machine learning technology to help security operations teams identify high-risk security threats. Behavioral Analytics distills billions of security events down to hundreds of anomalies to produce prioritized threat leads and integrates with the McAfee portfolio and third-party SIEM solutions.
- Investigator: Investigator was launched in October, and McAfee has added an Investigator activity feed that enables a security operations team to share data with open-source and third-party tools. McAfee also has incorporated expanded investigation guides into Investigator.
Behavioral Analytics is now available. Meanwhile, the Investigator upgrades will be available next month, and Active Response enhancements will be available in May.
McAfee Launches SOCs in Texas and Ireland
McAfee this week unveiled security operations centers (SOCs) in Plano, Texas and Cork, Ireland, according to a prepared statement. The SOCs are run by Grant Bourzikas, McAfee’s chief information security officer and VP of lab operations, and are designed to help global organizations identify and manage risk.
Today, McAfee is a device-to-cloud cybersecurity company that supports businesses, consumers and government agencies. The company boasts more than 400 million customers.