Managing Change

Control change in your IT environment

Next Steps:


Managing change is a constant battle when you are dealing with multiple operating systems, networks, servers, desktops/laptops, users, applications, and databases. McAfee Risk Management solutions not only handle the change that is inherent in your environment, but also guide you in your patch management and policy enforcement efforts, minimizing the impact change has on your operations. Through continuous monitoring and management, you can automatically assimilate beneficial changes while preventing disruptive changes. Our goal is to keep your systems available and your users productive.

Key Benefits

  • Reduce risks from unauthorized applications
    Block unwanted applications and their risks. Users can unintentionally introduce software that installs malware, creates support issues, and violates software licenses — compromising systems and your overall business. McAfee Application Control allows only trusted applications to run on your endpoints and servers.
  • Enforce change policy and processes
    Ensure that only in-process changes are allowed. McAfee Change Control proactively blocks out-of-process and unwanted changes to systems before they occur.
  • Reduce operational costs
    Prevent unauthorized or inappropriately applied changes and reduce the manual effort to track and account for changes made to systems with Change Control. Change Control reduces outages, security breaches, and compliance violations that result in additional IT costs.
  • Automate audits and configuration assessments
    Get up-to-date data, powerful dashboards and reports, and built-in waiver management to simplify every step of your audit and configuration process.
  • Meet and sustain PCI DSS compliance
    Get continuous information about change events across the point-of-service infrastructure to comply with PCI DSS requirements. McAfee Integrity Control informs you on which server(s) originated the change, when it was made, which user made the change, how the change was made, what content inside the file changed, and whether the change was approved.
  • Simplify compliance coverage
    Automate compliance activities seamlessly with the industry's first integrated, agent-based and agentless solution for patch assessment, compliance reporting, and risk analysis.


Risk & Compliance

McAfee Total Protection for Compliance
McAfee Total Protection for Compliance

McAfee Total Protection for Compliance makes compliance easy with the industry’s first integrated solution for vulnerability management, compliance assessment and reporting, and comprehensive risk management.

McAfee Application Control
McAfee Application Control

McAfee Application Control ensures only trusted applications run on servers and endpoints. It reduces risks from unauthorized software, boosts endpoint control, extends the viability of fixed-function systems without impacting performance, and lowers operating costs.

McAfee Change Control
McAfee Change Control

McAfee Change Control enforces change policies and provides alerts to file integrity issues, while providing options to easily block unauthorized changes to critical system files and directories.

McAfee Configuration Control
McAfee Configuration Control

McAfee Configuration Control prevents unauthorized changes on critical servers, boosts visibility into your environment, and streamlines internal and external IT audit processes.

McAfee Integrity Control
McAfee Integrity Control

McAfee Integrity Control combines industry-leading whitelisting and change control technology, ensuring that only trusted applications run on fixed-function devices, such as point-of-service (POS) systems, ATMs, and kiosks.

McAfee Policy Auditor
McAfee Policy Auditor

McAfee Policy Auditor automates data gathering and assessment processes required for internal and external system-level IT audits.

Security Management

McAfee ePolicy Orchestrator

McAfee ePolicy Orchestrator (ePO) is a key component of the McAfee Security Management Platform, and the only enterprise-class software, to provide unified management of endpoint, network, and data security. With end-to-end visibility and powerful automations that slash incident response times, McAfee ePO software dramatically strengthens protection and drives down the cost and complexity of managing risk and security.


Data Loss Prevention Assessment

Detect and prevent the unauthorized transmission or disclosure of sensitive information. McAfee Foundstone reduces your risk of exposure by identifying sensitive data copied or currently in transit from its original intended container.

Identity Theft Red Flags Rule Service

Meet compliance requirements and improve your organization’s overall security posture. Foundstone experts help you implement an identity theft prevention program, analyzing data flow and risk, as well as developing policies for detecting, preventing, and mitigating identity theft.

Incident Management Check

Build a better, more effective incident response and management program. McAfee Foundstone analyzes the gaps in your incident management program and offers recommendations to improve your emergency response protocol.

Vulnerability Management Check

Assess your vulnerability management program. McAfee Foundstone analyzes the gaps in your program to ensure you have the right balance of people, process, and technology.



  • We Tried the NIST Framework and It Works
    Kent Landfield - February 11, 2015

    By Kent Landfield, Director of Standards and Technology Policy, Intel Security, and Malcolm Harkins, Chief Security and Privacy Officer at Intel When the Administration released the Framework for Improving Critical Infrastructure Cybersecurity (the Framework) on February 12, 2014, many of us at Intel and Intel Security were familiar with the details, as we had participated […]

    The post We Tried the NIST Framework and It Works appeared first on McAfee.

  • Shedding light on ‘Shadow IT’
    David Small - January 9, 2014

    BYOD, BYOA, BYOx. The IT industry is full of acronyms depicting its constant evolution and relationship with the professional world. First came the devices; employees saw the power of personal devices and insisted on using them in the workplace. And so the consumerisation of IT was born. After the devices came the apps. Companies reported […]

    The post Shedding light on ‘Shadow IT’ appeared first on McAfee.

  • Walking the Talk on Public-Private Partnerships
    Tom Gann - August 16, 2013

    There’s been a lot of talk about the value of public-private partnerships in moving the U.S. toward a more robust cyber security posture. And let’s be honest:  there’s also been a lot of private sector skepticism about how much the Administration really believed in the concept or how much they would do to make it […]

    The post Walking the Talk on Public-Private Partnerships appeared first on McAfee.

  • Five Factors That Make D.C. Region a Cybersecurity Hub
    Tom Gann - May 29, 2013

    McAfee is based in Silicon Valley, but we know there’s more to tech than California. We recently joined the National Institute of Standards and Technology to launch the National Cybersecurity Center of Excellence, a joint effort among high-tech business, federal, state and local government and local universities located in Rockville, Md. The goal of the […]

    The post Five Factors That Make D.C. Region a Cybersecurity Hub appeared first on McAfee.

  • Getting Assurance in a Time Constrained World
    Intel Security, Inc. - May 20, 2013

    Nothing is as frustrating as when something goes wrong, especially when you have time constraints.  NIST has just released Special Publication 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations where a few notable items have been added to increase the confidence that security, practices, procedures and architectures of information systems […]

    The post Getting Assurance in a Time Constrained World appeared first on McAfee.