McAfee Enterprise Security Manager Integration with
Thwarting advanced threats demands greater situational awareness. According to the 2013 Verizon Data Breach Report, 69 percent of breaches went from initial compromise to data exfiltration within hours. Conversely, over a third of breaches took weeks to months resolve.i To minimize the damage of attacks and protect the business, it is essential that security analysts are able to swiftly identify attacks, determine the root cause and remediate the threat.
McAfee ESM integrated with McAfee Real Time is the only solution that goes beyond passive monitoring and provides endpoint aware security analytics about what’s happening within systems at the minute that it’s occurring. Having this real time information provides clarity into any breach, and speeds up response time needed to resolve advanced threats.
McAfee ESM with McAfee Real Time delivers the industry’s first “endpoint aware” SIEM, which enables organizations to proactively query, collect and analyze in real time information about the internal operations and configuration of endpoints across the enterprise. The ability to gather this important contextual data, previously unavailable to SIEM, allows security analysts to immediately determine the root cause of attacks, identify systems subject to the same compromise, and gain actionable intelligence for precise remediation – all in real time and from a single console. Furthermore, with Security Connected, security analysts can turn this actionable intelligence into intelligent action – issuing policy change, quarantine and vulnerability scan commands directly from the SIEM. This solution is just another proof point of the McAfee Security Connected platform of integrated, intelligent and connected security solutions that are needed in the battle against advanced threats.