Featured Blogs
SOC vs MITRE APT29 evaluation – Racing with Cozy Bear
MITRE just released the results of the APT 29 evaluation of 21 commercial cybersecurity products today, including McAfee MVISION EDR. This evaluation, conducted in the form of a collaborative attack and defense exercise, is based on ATT&CK®, a freely available and open source knowledge base of adversary tactics and techniques ...
Join the Cyber Security Dance
Automation and orchestration are central to the proverbial cyber security dance between IT operations and security operations center (SOC). Both functions need to work with each other and establish a rhythm and alignment to keep their organization protected from cyber threats. The lure to automate is driven by the desire ...
The Ever-Evolving SOC
In the 17th century, poet John Donne wrote, “no man is an island entire of itself.” He also mentioned every man is “a part of the main.” Fast forward to the 21st century and you’ll find this concept still rings true, especially as it relates to security. Like everything else ...
MITRE ATT&CK Framework to Help You Get the Play-by-Play on Adversaries
In the cybersecurity space, there’s a lot of talk about the “attacker advantage.” As a defender, you’re all too familiar with the concept. Every day, you and your team try to gain ground over adversaries who seem to get the jump on your defenses by exploiting the latest points of ...
McAfee Leads the Charge to Embrace and Expand the MITRE ATT&CK Framework
In October, I was privileged to attend the two-day MITRE ATT&CK™ conference, where participants and attendees voiced their support for the ATT&CK framework. The event, sponsored by McAfee, served as a forum for sharing insights and best practices for using ATT&CK as a way to describe and demystify the complexities ...
Gartner Peer Insights Recognition for McAfee SIEM
This blog was written by Peter Elliman. I’m proud to say that McAfee has received recognition from our customers with the 2018 Gartner Peer Insights Customers’ Choice for the Security Information and Event Management (SIEM). This is a recognition of high satisfaction from a number of reviews by verified end-user ...
How to Boost Security Operations Performance with Human-Machine Teaming Technology
In the lead up to the Security Operations Roadshow in Canada in May, there’s been lots of discussion on the challenges faced by security teams. Security operations teams today struggle with an ever-increasing number of alerts, new zero-day attacks and a lack of skilled resources. Fifty-eight percent of organizations cite employee ...
How McAfee uses Customer Zero to get to decisions faster
The third in a series of three blogs by Grant and Jason Rolleston on the process of identifying actionable insights. In this series, we’ve been examining how data is collected, processed and analyzed. And, because of the complexity of the task at that analysis stage, we’ve been looking at the ...
What humans do better than machines
The second in a series of three blogs by Grant and Jason Rolleston on the process of identifying actionable insights. In the last post in this series, we looked at the process by which data is collected from the operating environment and is then processed and distributed in a consumable ...
Identifying insights that lead to decisions
The first in a series of three blogs by Grant and Jason Rolleston on the process of identifying actionable insights. A couple of weeks ago we discussed the process security operations teams go through to separate the signal from the noise. We reviewed the steps that McAfee has undertaken in ...
