Security Information and Event Management (SIEM)

1
2
3
4

Trust a McAfee MSP to deploy and manage your SIEM solution

Realizing the Value
of Big Security Data

Is your organization being breached?

SC Magazine Awards 2013

McAfee Enterprise Security Manager Gets 5-Star Rating by SC Magazine

 

McAfee Positioned in Leaders Quadrant of the Magic Quadrant for SIEM

 

Our high-performance, powerful security information and event management (SIEM) brings event, threat, and risk data together to provide strong security intelligence, rapid incident response, seamless log management, and extensible compliance reporting. At the core of our SIEM offering, Enterprise Security Manager consolidates, correlates, assesses, and prioritizes security events for both third-party and McAfee solutions. As part of the Security Connected framework, McAfee Enterprise Security Manager tightly integrates with McAfee ePolicy Orchestrator (McAfee ePO) software, McAfee Risk Advisor, and Global Threat Intelligence — delivering the context required for autonomous and adaptive security risk management.

Buy View Learn
McAfee Enterprise Security Manager
McAfee Enterprise Security Manager

McAfee Enterprise Security Manager provides the speed and rich context required to identify critical threats, respond quickly, and easily address compliance requirements. Continuous global threat and enterprise risk feeds deliver adaptive and autonomous risk management, allowing remediation of threats and compliance reporting in minutes instead of hours.

McAfee Global Threat Intelligence for Enterprise Security Manager
McAfee Global Threat Intelligence for Enterprise Security Manager

Built for big security data, McAfee Global Threat Intelligence for Enterprise Security Manager (ESM) puts the power of McAfee Labs directly into the security monitoring flow using McAfee’s high-speed, highly intelligent Security Information and Event Management (SIEM).

McAfee Enterprise Log Manager
McAfee Enterprise Log Manager

McAfee Enterprise Log Manager automates log management and analysis for all log types, including Windows Event logs, Database logs, Application logs, and Syslogs. Logs are signed and validated, ensuring authenticity and integrity — a necessity for regulatory compliance and forensics. Out-of-the-box compliance rule sets and reports make it simple to prove your organization is in compliance with regulations and internal policies.

McAfee Advanced Correlation Engine
McAfee Advanced Correlation Engine

McAfee Advanced Correlation Engine monitors real-time data, allowing you to simultaneously use both rule-based and rule-less correlation engines to detect risks and threats before they occur. You can deploy Advanced Correlation Engine in either real-time or historical modes.

McAfee Application Data Monitor
McAfee Application Data Monitor

McAfee Application Data Monitor decodes an entire application session to Layer 7, providing a full analysis of everything from the underlying protocols and session integrity all the way up to the actual contents of the application (such as the text of an email or its attachments). This level of detail supports accurate analysis of real application use, while also enabling you to enforce application use policies and detect malicious, covert traffic.

McAfee Database Event Monitor for SIEM
McAfee Database Event Monitor for SIEM

McAfee Database Event Monitor for SIEM delivers non-intrusive, detailed security logging of database transactions by monitoring access to database configurations and data. It not only consolidates database activity into a central audit repository, but integrates with McAfee Enterprise Security Manager to intelligently analyze and detect suspicious activity.

McAfee Event Receiver
McAfee Event Receiver

McAfee Event Receiver collects third-party events and logs — and performs native network flow collection — faster and more reliably than any other solution.