McAfee ESM Cloud: Removing traditional barriers to SecOps efficiency
McAfee, the device-to-cloud cybersecurity company, announced McAfee Enterprise Security Manager (ESM) Cloud, a new cloud-based security and information event management (SIEM) offering that supports the detection, incident response and threat hunting activities of a security operations team.
As a cloud-based solution, McAfee ESM Cloud extends the value of a traditional SIEM by providing faster onboarding of security telemetry, automatic updates and continuous system health monitoring.
“Today’s SecOps teams face a multitude of issues, including the need to take on new efforts such as digital transformation, the convergence of internet technology and operation technology, and the sudden shift to remote working,” said Anand Ramanathan, vice president of enterprise products, McAfee.
“ESM Cloud helps customers tackle these challenges, allowing them to maintain and improve upon their security posture as they progress through their journey of transitioning to the cloud.”
McAfee ESM Cloud leverages the power of cloud computing to accelerate time to value for security operations centers through:
- Advanced analytics: real-time and historical analysis powered by rich contextual data to detect and prioritize threats, uncover anomalous user behavior and respond to attacker tactics, techniques and procedures (TTPs)
- Time to value: use case focused security content packs that deliver immediate value through pre-built threat detection rules and fully operational dashboards, reports, watchlists and alarms
- Unmatched data source coverage: out-of-the-box coverage of 100’s of data sources across the endpoint, network and cloud-based services and applications
- Open integration fabric: open interface facilitates integration with McAfee and third-party solutions for immediate response to threats
- Simplicity and operational efficiency: auto-provisioning allows event ingestion from day one and improves efficacy by minimizing engineering efforts required to deploy and maintain infrastructure
- Continuous improvement: new capabilities and enhancements delivered automatically, freeing customers from the burden of software updates and upgrades
- Scalability and elasticity: cloud-based service supports dynamically changing customer requirements, automatically increasing scale and capacity to process vast amounts of data