Continuous Monitoring

Real-time risk management as a lifestyle

Next Steps:

Chat with McAfee
Ready to make a purchase or have questions before you buy? Chat with a McAfee expert. Available Monday to Friday.
Find a Reseller
Contact Me
Call: 852-2892-9500

Overview
Key Benefits
Resources
Products
Community

Overview

Continuous diagnostics and mitigation streamlines costly security operations to help senior federal officials gain greater visibility into their organization’s security health and precise information for continuous risk management.

Move from static to dynamic — Most organizations have baseline capabilities in core processes such as antivirus updates , operating system, and application patching assessment, along with SCAP-enabled products to evaluate FDCC/USGCB compliance. With continuous monitoring (also called continuous diagnostics and mitigation, or CDM), the U.S. Department of Homeland Security (DHS) Continuous Asset Evaluation, Situational Awareness, and Risk Scoring (CAESARS) Reference Architecture and Framework Extension (FE) expands the focus of security efforts from point compliance to an ecosystem of dynamic resilience – as you detect, you report, respond in real-time.

Apply the latest intelligence, context, and risk — McAfee makes it easy to add real-time asset discovery and vulnerability management, intelligence-driven response, and continuous feedback to meet changing federal requirements. Open interfaces and standard protocols help agencies integrate new and legacy systems at minimal cost. The system collects data from ongoing processes, correlates against multiple contextual factors, takes action automatically where appropriate, and presents the remaining issues in priority order. The most important and at-risk assets receive the most immediate and significant attention.

Invest for mission assurance — A continuous monitoring program built on McAfee conserves government resources and reduces the chance of network disruption. The larger and more distributed the team, the greater the operational value from an accurate, contextual picture of risk, preventative and automated controls, and a centralized monitoring and management system that can scale, adapt, and overcome new risks — continuously.

Key Benefits

Leverage an open platform and standards to create your CAESARS architecture
The component-based Security Connected platform from McAfee maximizes compatibility, agility, and ROI while minimizing integration, management, and maintenance costs. McAfee leverages existing USGCB/FDCC compliance and SCAP support and pre-integrates products spanning the security technologies listed as “required” by CAESARS: task management, collection sensors, databases, presentation/reporting systems, and analysis/risk scoring. Plus, more than 120 partners “plug and play” through the McAfee platform to let you secure and manage your environment your way.
Maintain an accurate picture of your organization’s security risk posture
Shift from static reporting to real-time risk management that helps keep your actual security posture aligned with your intended risk posture and changing threats, assets, and priorities.
Gain real-time visibility into hardware assets that drift on and off the network
Eliminate blind spots and unscanned assets through a combination of passive and active discovery that detects and profiles every system using the network, independent of OS or form factor. Passive scanning monitors traffic to see which devices are alive. Active scanning probes the network to track down idle devices. Together you achieve full and constant visibility.
Expose software vulnerabilities based on up-to-date threat intelligence
Scan for misconfigurations, unpatched and missing software, malware, noncompliance, and potential risk in system software as well as applications, web content, and databases. As vulnerabilities and threats change, the system automatically updates relevant checks to detect the latest issues and recommend fixes.
Make your eco system smarter through dynamic event and data correlation
Correlate data about assets and vulnerabilities with live events taken from global and local intelligence feeds, Secure Content Adaptation Protocol (SCAP) sources, vulnerability research, and CERT alerts on government-specific events.
Quantify risk and use context to facilitate real-time decisions
McAfee solutions can translate your security state into quantified risk scores that factor in current threat intelligence and other context. You can account for countermeasures that could nullify a threat or vulnerability, and use the value of the asset at risk to determine the right response.
Automate response to the bulk of events
Integrated systems and workflows apply local and global threat intelligence at machine speed to address many issues with a new .DAT or patch; thresholds can trigger alerts where humans should intervene.
Prioritize human resources for high-impact results
Shield government staff from event noise so they can focus on: monitoring what they know are the high-impact factors; fine-tuning policies, processes, and controls based on results; investigating subtle and anomalous events; and forensic reporting and diagnosis for root cause analysis and audits.
Empower every employee with situational awareness
Flexible dashboards aggregate and display customized views of real-time status, logs, and data streams from all CAESARS subsystems. Drill-downs facilitate immediate, appropriate action. Unified reporting across systems and data simplifies communication with different team members, auditors, and senior managers.
Ensure continued compliance and effectiveness of evolving security controls
Consistent, comprehensive controls and reporting enable compliance with CAESARS and CAESARS FE and reporting against CIS, DISA STIG, NIST, USGCB/FDCC standards, as well as FISMA, FedRAMP, and CyberScope.

Resources

Solution Briefs

McAfee Solutions for Computer Emergency Response Teams

Computer Emergency Response Team (CERT) organizations perform critical incident analysis and handling and information dissemination in support of government, law enforcement, critical infrastructure, and other public sector customers. McAfee understands this mission and offers a number of products and services that enable the core missions of international CERT groups.

Brochures

Security Connected for the Public Sector

Through its optimized, connected security architecture and global threat intelligence, learn how McAfee delivers security that addresses the needs of the military, civilian government organizations, critical sectors, and systems integrators.

Security Connected Reference Architecture

Achieve Resilient Cyber-Readiness

Learn about the three cyber-readiness solution requirements: continuous asset intelligence, risk assessment across IT and operational assets, and integration with computerized decision support systems.

Achieve Continuous Monitoring

Continuous monitoring is a network lifestyle for greater resilience. It requires a shift in mindset, from reaction and documentation to proactive, data-centric, risk-based action.

Control and Monitor Change

An effective change control solution is engineered around three key processes: automated assessment, real-time monitoring, and continuous enforcement. By aligning these key processes, organizations can ensure that any change in their IT environment is authorized, overall system availability is maintained, and the effectiveness of their compliance and security programs is increased.

Manage Risk and Security

The key objective of a strategic security and risk management program must focus on effective protection, as well as prevention, of incidents and risks across the entire enterprise—across every device, all customer and company information, and the entire IT infrastructure.

Operationalize Intelligence-Driven Response

Learn about the three frameworks required for intelligence-driven response to be effective — decision, detection, and analysis.

Assess Your Vulnerabilities

For efficient vulnerability assessment, it is necessary to step beyond point products and disparate tools and integrate vulnerability assessment into a broader enterprise workflow. An ideal solution combines the following capabilities into a cohesive framework: asset discovery and management, comprehensive vulnerability scanning, flexible reporting, and remediation workflows into a single vulnerability assessment solution.

Achieve Situational Awareness

To attain situational awareness, your organization must break down technical walls that keep teams and critical data separated. You must allow the decision makers managing your risk to see not only your internal infrastructure as a whole, but see beyond your perimeter to external actors, external dependencies, and all associated threats.

Articles

Federal Computer Week: The STAND Continuous Monitoring

This Q&A from Federal Computer Week provides an overview of continuous monitoring, including how to measure the effectiveness of a solution, the impact of virtualization and the shift to the cloud, and potential mistakes that can occur when developing a program.

THINK Continuous Monitoring

Learn about the McAfee approach to delivering the components agencies need to quickly and efficiently deploy a CAESARS-compliant cybersecurity infrastructure that continuously monitors and assesses all operational assets.

Products

McAfee offers a comprehensive portfolio of security solutions that keep your systems, network, and data protected. For a complete list of our products, please see our Products and Solutions page.

Database Security

McAfee Vulnerability Manager for Databases

Know the exact location and vulnerability level of all your databases. McAfee Vulnerability Manager for Databases gives you complete visibility into your overall database security posture, providing you with a detailed risk assessment across more than 4,500 vulnerability checks. Get clear classification of database security threats into distinct priority levels, fix scripts, and expert remediation recommendations that better prepare your organization for audits and compliance with regulatory mandates.

Risk & Compliance

McAfee Policy Auditor

McAfee Policy Auditor automates data gathering and assessment processes required for internal and external system-level IT audits and IT security certification.

McAfee Risk Advisor

McAfee Risk Advisor saves you time and money by proactively correlating threat, vulnerability, and countermeasure information to pinpoint at-risk assets and optimize patching efforts.

McAfee Vulnerability Manager

McAfee Vulnerability Manager, with its McAfee Asset Manager feature, delivers unrivaled scalability and performance, actively or passively canvassing everything on your network.

Security Management

McAfee ePolicy Orchestrator

McAfee ePolicy Orchestrator (ePO) is a key component of the McAfee Security Management Platform, and the only enterprise-class software, to provide unified management of endpoint, network, and data security. With end-to-end visibility and powerful automations that slash incident response times, McAfee ePO software dramatically strengthens protection and drives down the cost and complexity of managing risk and security.

SIEM

McAfee Enterprise Security Manager

McAfee Enterprise Security Manager provides the speed and rich context required to identify critical threats, respond quickly, and easily address compliance requirements. Continuous global threat and enterprise risk feeds deliver adaptive and autonomous risk management, allowing remediation of threats and compliance reporting in minutes instead of hours.

McAfee Global Threat Intelligence

Built for big security data, McAfee Global Threat Intelligence for Enterprise Security Manager (ESM) puts the power of McAfee Labs directly into the security monitoring flow using McAfee’s high-speed, highly intelligent Security Information and Event Management (SIEM).

Forums

No results found

Blogs

Continuous Monitoring at GFIRST (Part 2)
Archive - August 23, 2012
Yesterday I blogged about a presentation I gave at GFIRST in Atlanta, Georgia where I demonstrated a number of application and database attacks and referenced how this is extremely relevant to Continuous Monitoring (CM) for federal agencies. McAfee’s Approach to Continuous Monitoring Risk Awareness Risk awareness across all subsystems enables agencies to understand real-time activities Read more...
Continuous Monitoring at GFIRST (Part 1)
Archive - August 22, 2012
At GFIRST in Atlanta, Georgia, I just gave an application and database hacking demonstration. I demonstrated various attacks such as: SQL Injection XSS Session Hijacking Parameter Tampering Database Protocol Hacking I also gave a demonstration of a targeted Phishing attack that brought together Metasploit, Stuxnet, Bit.ly, Facebook…oh, and Cameron Diaz. These demonstrations were meant Read more...
Meeting with the Pennsylvania Department of Community and Economic Development
Archive - August 16, 2012
A team from the Pennsylvania Governor Tom Corbett’s Department of Community and Economic Development recently joined us in Silicon Valley at McAfee HQ to discuss information security. Overall, state governments are taking a more proactive stance as is relates to information security; this is a welcome and much needed trend. One of topics we discussed Read more...
10 Days of Rain in Korea
Archive - July 05, 2011
On March 4th of this year, exactly 20 months to the day of a similar incident on US Independence Day in 2009, a botnet based out of South Korea launched Distributed Denial of Service (DDoS) attacks against 40 sites affiliated with South Korean government, military and civilian critical infrastructure as well as U.S. Forces Korea Read more...
My Recent Travels to Italy and Spain
Gert Jan Schenk - May 19, 2011
Recently I have been meeting with customers and resellers throughout Italy and Spain and it was interesting to hear that their needs from a security partner are very similar to those from the other countries I have recently visited. I have started to see strong interest in the McAfee DLP, Database Protection and Encryption technologies Read more...

View All