Enhanced SIEM Solution offers Unprecedented Situational Awareness

Enhanced SIEM Solution offers Unprecedented Situational Awareness

This post is also available in: heעברית (Hebrew)

7508323_sMcAfee announced the industry’s first “endpoint aware” security information event management (SIEM) solution that adds real time system state information to enhance situational awareness and streamline incident response.

This innovative solution brings together big security data management capabilities of McAfee Enterprise Security Manager (ESM) with deep endpoint insight of McAfee Real Time. SIEM event data is combined with the proactive ability to immediately query, collect and analyze extensive endpoint context, including running processes, files, as well as system and security configuration.

iHLS – Israel Homeland Security

Thwarting advanced threats demands greater situational awareness.

According to the 2013 Verizon Data Breach Report, 69 percent of breaches went from initial compromise to data exfiltration within hours. Conversely, over a third of breaches took weeks to months to resolve. In order to minimize the damage of attacks and protect a business, it is essential that security analysts are able to swiftly identify attacks, determine the root cause and remediate the threat.

McAfee claims that ESM integrated with McAfee Real Time is the only solution that goes beyond passive monitoring and provides endpoint aware security analytics about what’s happening within systems the minute that it’s occurring. The company says that having this real time information provides clarity into any breach, and speeds up response time needed to resolve advanced threats.