The Enterprise Security Manager from McAfee reduces time to respond and provides intelligently prioritized alerts
McAfee has introduced Enterprise Security Manager (formerly Nitro View), which expands SIEM (Security Information and Event Managementfrom) simple event analysis to accurate and actionable information through the integration of threat, user and countermeasure intelligence.
The McAfee built for Big Security Data SIEM, includes dynamic threat visibility from McAfee Global Threat Intelligence, and countermeasure awareness through McAfee ePolicy Orchestrator software and McAfee Risk Advisor.
McAfee Enterprise Security Manager provides meaningful intelligence and takes SIEM to a real-time understanding of the global threat landscape by delivering immediate information on events, users, systems, data, risks, and countermeasures for accurate situational awareness. This rich understanding of security -by connecting the dots and pinpointing attacks - reduces time to respond and provides intelligently prioritized security alerts.
Core to increasing situational awareness is the ability to collect, maintain and intelligently process billions of relational data points both in real-time and historically. Unlike other SIEMs that are struggling to keep up with exponentially increasing data flows, McAfee Enterprise Security Manager has a scalable database that was built to handle big security data. With this unique capability, the solution is capable of not only processing billions of events per day, but connecting those events with threat, countermeasure and user identity information to provide accurate and actionable intelligence.
McAfee Enterprise Security Manager is an essential part of the McAfee Security Connected framework allowing enterprises to connect all their security relevant data and enterprise security management solutions for an unprecedented view of the enterprise.
Two-way integration with McAfee ePolicy Orchestrator software extends visibility and control across the entire security and compliance environment. Integration with Global Threat Intelligence from McAfee Labs provides the ability to correlate real-world source reputation information with security events so organizations can automatically pinpoint probing and active attacks and immediately shut them down. Through integration with McAfee Risk Advisor, McAfee Enterprise Security Manager leverages risk, vulnerability and countermeasure context to provide the most accurate risk score available allowing enterprises to prioritize responses based on the security posture of the target.
The Security Connected Reference Architecture is an open framework supported by McAfee Enterprise Security Manager, providing an easy to use GUI that allows for parsing of security data from custom applications or other third party sources. McAfee currently supports over 300 security data sources as input into Enterprise Security Manager.