Continuous Diagnostics and Mitigation

Real-time risk management as a lifestyle

Next Steps:

Overview

Continuous diagnostics and mitigation (CDM) streamlines costly security operations to help senior federal officials gain greater visibility into their organization’s security health and precise information for continuous risk management.

Move from static to dynamic — Most organizations have baseline capabilities in core processes such as antivirus updates, operating system, and application patching assessment, along with SCAP-enabled products to evaluate FDCC/USGCB compliance. With continuous diagnostics and monitoring, the U.S. Department of Homeland Security (DHS) Continuous Asset Evaluation, Situational Awareness, and Risk Scoring (CAESARS) Reference Architecture and Framework Extension (FE) expands the focus of security efforts from point compliance to an ecosystem of dynamic resilience – as you detect, you report, respond in real-time.

Apply the latest intelligence, context, and risk — McAfee makes it easy to add real-time asset discovery and vulnerability management, intelligence-driven response, and continuous feedback to meet changing federal requirements. Open interfaces and standard protocols help agencies integrate new and legacy systems at minimal cost. The system collects data from ongoing processes, correlates against multiple contextual factors, takes action automatically where appropriate, and presents the remaining issues in priority order. The most important and at-risk assets receive the most immediate and significant attention.

Invest for mission assurance — A Continuous Diagnostics and Mitigation program built on McAfee conserves government resources and reduces the chance of network disruption. The larger and more distributed the team, the greater the operational value from an accurate, contextual picture of risk, preventative and automated controls, and a centralized monitoring and management system that can scale, adapt, and overcome new risks — continuously.

$6 billion CMD Award by DHS

Key Benefits

  • Leverage an open platform and standards to create your CAESARS architecture
    The component-based Security Connected platform from McAfee maximizes compatibility, agility, and ROI while minimizing integration, management, and maintenance costs. McAfee leverages existing USGCB/FDCC compliance and SCAP support and pre-integrates products spanning the security technologies listed as “required” by CAESARS: task management, collection sensors, databases, presentation/reporting systems, and analysis/risk scoring. Plus, more than 120 partners “plug and play” through the McAfee platform to let you secure and manage your environment your way.
  • Maintain an accurate picture of your organization’s security risk posture
    Shift from static reporting to real-time risk management that helps keep your actual security posture aligned with your intended risk posture and changing threats, assets, and priorities.
  • Gain real-time visibility into hardware assets that drift on and off the network
    Eliminate blind spots and unscanned assets through a combination of passive and active discovery that detects and profiles every system using the network, independent of OS or form factor. Passive scanning monitors traffic to see which devices are alive. Active scanning probes the network to track down idle devices. Together you achieve full and constant visibility.
  • Expose software vulnerabilities based on up-to-date threat intelligence
    Scan for misconfigurations, unpatched and missing software, malware, noncompliance, and potential risk in system software as well as applications, web content, and databases. As vulnerabilities and threats change, the system automatically updates relevant checks to detect the latest issues and recommend fixes.
  • Make your eco system smarter through dynamic event and data correlation
    Correlate data about assets and vulnerabilities with live events taken from global and local intelligence feeds, Secure Content Adaptation Protocol (SCAP) sources, vulnerability research, and CERT alerts on government-specific events.
  • Quantify risk and use context to facilitate real-time decisions
    McAfee solutions can translate your security state into quantified risk scores that factor in current threat intelligence and other context. You can account for countermeasures that could nullify a threat or vulnerability, and use the value of the asset at risk to determine the right response.
  • Automate response to the bulk of events
    Integrated systems and workflows apply local and global threat intelligence at machine speed to address many issues with a new .DAT or patch; thresholds can trigger alerts where humans should intervene.
  • Prioritize human resources for high-impact results
    Shield government staff from event noise so they can focus on: monitoring what they know are the high-impact factors; fine-tuning policies, processes, and controls based on results; investigating subtle and anomalous events; and forensic reporting and diagnosis for root cause analysis and audits.
  • Empower every employee with situational awareness
    Flexible dashboards aggregate and display customized views of real-time status, logs, and data streams from all CAESARS subsystems. Drill-downs facilitate immediate, appropriate action. Unified reporting across systems and data simplifies communication with different team members, auditors, and senior managers.
  • Ensure continued compliance and effectiveness of evolving security controls
    Consistent, comprehensive controls and reporting enable compliance with CAESARS and CAESARS FE and reporting against CIS, DISA STIG, NIST, USGCB/FDCC standards, as well as FISMA, FedRAMP, and CyberScope.

Resources

Articles

Federal Computer Week: The STAND Continuous Monitoring

This Q&A from Federal Computer Week provides an overview of continuous diagnostics and monitoring, including how to measure the effectiveness of a solution, the impact of virtualization and the shift to the cloud, and potential mistakes that can occur when developing a program.

Brochures

Security Connected for Public Sector: Situation Under Control

Through its optimized, connected security architecture and global threat intelligence, learn how McAfee delivers security that addresses the needs of the military, civilian government organizations, critical sectors, and systems integrators.

Solution Briefs

Manage Risk and Security

This solution guide addresses the importance of implementing a strategic security and risk management program focused on prevention and protection, reducing incidents and risks across the enterprise, across every device, and across the entire IT infrastructure.

Continuous Diagnostics and Mitigation

McAfee offers a comprehensive security portfolio that maps directly to the Continuous Asset Evaluation, Situational Awareness, and Risk Scoring (CAESARS) reference architecture. Learn how McAfee solutions encompass support for all subsystems, including sensor, database, presentation/reporting, and analysis/risk scoring.

McAfee Solutions for Computer Emergency Response Teams

Computer Emergency Response Team (CERT) organizations perform critical incident analysis and handling and information dissemination in support of government, law enforcement, critical infrastructure, and other public sector customers. McAfee understands this mission and offers a number of products and services that enable the core missions of international CERT groups.

Achieve Resilient Cyber-Readiness

Learn about the three cyber-readiness solution requirements: continuous asset intelligence, risk assessment across IT and operational assets, and integration with computerized decision support systems.

Operationalize Intelligence-Driven Response

Learn about the three frameworks required for intelligence-driven response to be effective — decision, detection, and analysis.

Technology Blueprints

Assess Your Vulnerabilities

McAfee integrates data and processes to make vulnerability management more effective and efficient. Our approach combines asset discovery and management, comprehensive vulnerability scanning, flexible reporting, and remediation workflows into a single vulnerability assessment solution.

Achieve Situational Awareness

The McAfee solution has two primary components: McAfee ePolicy Orchestrator (McAfee ePO) software and McAfee Enterprise Security Manager, with additional integrations to extend visibility and control across the entire security and compliance management environment.

Deliver Continuous Compliance

McAfee interconnects components to allow you to define compliance benchmarks and audit for compliance, detect and prevent compliance drift, manage the workflow associated with audit remediation, and provide central management and reporting for the entire solution.

White Papers

Evolving HBSS to Protect and Enable the Modern Warfighter’s Mission

This paper will examine the future of HBSS and make measurable, tangible recommendations to not only increase overall security and capabilities, but also to lessen the management burden, lower the overall total cost of ownership, allow for better results, particularly in D-DIL environments, and allow JIE real-time operational control over HBSS assets.

Products

McAfee offers a comprehensive portfolio of security solutions that keep your systems, network, and data protected. For a complete list of our products, please see our Products and Solutions page.

Database Security

Vulnerability Manager for Databases
McAfee Vulnerability Manager for Databases

Know the exact location and vulnerability level of all your databases. McAfee Vulnerability Manager for Databases gives you complete visibility into your overall database security posture, providing you with a detailed risk assessment across more than 4,500 vulnerability checks. Get clear classification of database security threats into distinct priority levels, fix scripts, and expert remediation recommendations that better prepare your organization for audits and compliance with regulatory mandates.

Risk & Compliance

McAfee Policy Auditor
McAfee Policy Auditor

McAfee Policy Auditor automates data gathering and assessment processes required for internal and external system-level IT audits and IT security certification.

McAfee Vulnerability Manager
McAfee Vulnerability Manager

McAfee Vulnerability Manager, with its McAfee Asset Manager feature, delivers unrivaled scalability and performance, actively or passively canvassing everything on your network.

Security Management

McAfee ePolicy Orchestrator (ePO)
McAfee ePolicy Orchestrator (ePO)

McAfee ePolicy Orchestrator (ePO) is a key component of the McAfee Security Management Platform, and the only enterprise-class software, to provide unified management of endpoint, network, and data security. With end-to-end visibility and powerful automations that slash incident response times, McAfee ePO software dramatically strengthens protection and drives down the cost and complexity of managing risk and security.

SIEM

McAfee Enterprise Security Manager
McAfee Enterprise Security Manager

McAfee Enterprise Security Manager provides the speed and rich context required to identify critical threats, respond quickly, and easily address compliance requirements. Continuous global threat and enterprise risk feeds deliver adaptive and autonomous risk management, allowing remediation of threats and compliance reporting in minutes instead of hours.

McAfee Global Threat Intelligence for Enterprise Security Manager
McAfee Global Threat Intelligence for Enterprise Security Manager

Built for big security data, McAfee Global Threat Intelligence for Enterprise Security Manager (ESM) puts the power of McAfee Labs directly into the security monitoring flow using McAfee’s high-speed, highly intelligent Security Information and Event Management (SIEM).

Community

Blogs

Threats and Risks