McAfee Risk Advisor

McAfee Risk Advisor

Take the guesswork out of securing your environment

Next Steps:


When enterprises deploy security products, they're often flying blind, unsure if they’re underprotected or overprotected, and struggling to balance business objectives and productivity with the right amount of security. McAfee Risk Advisor takes the guesswork out of protecting critical assets by proactively correlating a threat feed with vulnerability and countermeasure information to pinpoint at-risk critical assets that require immediate attention. Risk Advisor helps determine what countermeasures you need, and when you need them, enabling businesses to defend against the very real threats faced daily, including malicious hackers, viral malware, and other emerging dangers.

Improved visibility into risk posture — Risk Advisor provides an “at-a-glance” view of the risks facing an enterprise and pinpoints areas that need attention. From Risk Advisor's global risk dashboards, you can quickly drill down to get granular details of a threat and how it relates to specific assets.

Consolidated threat feed viewer — Get updated information about new and current threats from millions of collection points, delivered by our renowned research organization, McAfee Labs. In addition to threat descriptions and analyses, the threat feed supplies recommended remediation, links to threat discussion groups and notices, various risk-scoring methods, a list of applications impacted, and insight into how threats affect regulatory mandates. Risk Advisor maps the threat feed to specific McAfee countermeasures that are deployed (or should be deployed) to ensure an optimized security posture. Ultimately, Risk Advisor provides a clear ROI, enabling you to focus your priorities.

Features & Benefits

Improve operational efficiencies and optimize security investment

Balance your security spend with the productivity needs of your business while automating the manual and time-consuming process of correlating threats to assets at risk.

Enhance visibility with simplified reporting

Use the “At Risk” and “Not at Risk” view of all the assets in your environment to quickly understand which assets are at risk and where to focus your security efforts.

Stay compliant with regulations

See which regulations are impacted by a specific threat, and what corrective actions are required to ensure compliance.

Demonstrate measurable ROI for existing security products

Illuminate the positive impact of deployed countermeasures as threats materialize.

Establish your enterprise risk level

See how at risk your enterprise is to threats. Risk Advisor provides a quantifiable measure for evaluating risk mitigation efforts that unifies vulnerability/threat status, asset criticality, and countermeasure protection available for threats.

Prioritize patches

Focus on critical patching efforts using a customizable patch prioritization dashboard.

Integrate with several marquee McAfee products

Plug Risk Advisor directly into several McAfee products, including ePolicy Orchestrator, VirusScan Enterprise, Policy Auditor, Vulnerability Manager, Host Intrusion Protection, Network Security Manager, and more.

Streamline threat analysis with consolidated viewer

Gain insight into vital information about a specific threat, including threat descriptions and overview, detailed analysis, remediation and recommended actions, links to notices and exploit discussions, different risk-scoring methods, applications impacted, and threat impact on various regulatory mandates.

System Requirements

Minimum System Requirements

  • McAfee ePolicy Orchestrator (ePO) 4.0 (Patch 3)
  • Microsoft Windows Server 2003 with Service Pack 2 (SP2) or higher
  • Microsoft SQL Server 2005 with SP1 or higher

Optional System Requirements

  • McAfee VirusScan Enterprise
  • McAfee Host Intrusion Prevention
  • McAfee Rogue System Detection
  • McAfee Vulnerability Manager
  • McAfee Network Security Platform
  • McAfee Policy Auditor
  • McAfee Application Control

Demos / Tutorials


Learn how McAfee Risk Advisor takes the guesswork out of protecting your critical assets.


For guidance on how to use this McAfee product, watch the Quick Tips video listed above.


Data Sheets

McAfee Risk Advisor

For a technical summary on the McAfee product listed above, please view the product data sheet.


Gartner MarketScope for Vulnerability Assessment

McAfee receives the highest possible rating of "Strong Positive" in the latest MarketScope for Vulnerability Assessment (VA) where VA vendors compete on management features, configuration assessment, price, reporting, and integration with other security products.

Solution Briefs

ESG Technology Brief: Real-Time Risk Management

In this brief, Enterprise Strategy Group, an IT analyst and business strategy firm, looks at the need to implement risk management that addresses the rapidly changing threat landscape with real-time information about threats, vulnerabilities, and assets.

ESG Technology Brief: Large Organizations are Way Behind on IT Risk Management

Enterprise Strategy Group, an IT analyst and business strategy firm, examines the dangers of not implementing effective risk management, and reviews new survey data about the state of risk management at large organizations.

Managing Risk in Changing Times: Fixing What Matters Most

McAfee solutions offer real-time monitoring and reporting capabilities to manage your risk on a continuous basis.

Technology Blueprints

Achieve Situational Awareness

The McAfee solution has two primary components: McAfee ePolicy Orchestrator (McAfee ePO) software and McAfee Enterprise Security Manager, with additional integrations to extend visibility and control across the entire security and compliance management environment.

White Papers

Protect Critical Assets with Virtual Patching—Closing the Vulnerability Window Using Predictive Threat Protection

The McAfee virtual patching solution provides a layered approach to security risk management, while adding the ability to apply a virtual patching strategy to your existing change-management process. It combines proven defenses and security insight with real-time Global Threat Intelligence to close the vulnerability window until patching can occur through your regular change-management processes.



  • Shedding light on ‘Shadow IT’
    David Small - January 9, 2014

    BYOD, BYOA, BYOx. The IT industry is full of acronyms depicting its constant evolution and relationship with the professional world. First came the devices; employees saw the power of personal devices and insisted on using them in the workplace. And so the consumerisation of IT was born. After the devices came the apps. Companies reported […]

    The post Shedding light on ‘Shadow IT’ appeared first on McAfee.

  • Walking the Talk on Public-Private Partnerships
    Tom Gann - August 16, 2013

    There’s been a lot of talk about the value of public-private partnerships in moving the U.S. toward a more robust cyber security posture. And let’s be honest:  there’s also been a lot of private sector skepticism about how much the Administration really believed in the concept or how much they would do to make it […]

    The post Walking the Talk on Public-Private Partnerships appeared first on McAfee.

  • Five Factors That Make D.C. Region a Cybersecurity Hub
    Tom Gann - May 29, 2013

    McAfee is based in Silicon Valley, but we know there’s more to tech than California. We recently joined the National Institute of Standards and Technology to launch the National Cybersecurity Center of Excellence, a joint effort among high-tech business, federal, state and local government and local universities located in Rockville, Md. The goal of the […]

    The post Five Factors That Make D.C. Region a Cybersecurity Hub appeared first on McAfee.

  • Getting Assurance in a Time Constrained World
    McAfee - May 20, 2013

    Nothing is as frustrating as when something goes wrong, especially when you have time constraints.  NIST has just released Special Publication 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations where a few notable items have been added to increase the confidence that security, practices, procedures and architectures of information systems […]

    The post Getting Assurance in a Time Constrained World appeared first on McAfee.

  • Response Now as Important as Prevention
    Leon Erlanger - February 24, 2012

    The National Institute of Standards and Technology (NIST) has updated its Computer Security Incident Handling Guide to take into account the increasingly dire state of cyber security. As anyone who has followed the rush of high-profile incursions over the past year knows, it’s looking less and less possible to prevent the inevitable attack, no matter […]

    The post Response Now as Important as Prevention appeared first on McAfee.