Security Operations

Learn the latest SecOps threats and how McAfee enables SecOps teams to collect, enrich, and share data and turn that data into insights.

Security Operations

Hacking Proprietary Protocols with Sharks and Pandas

The human race commonly fears what it doesn’t understand.  In a time of war, this fear is even greater if one side understands a weapon or technology that the other side does not.  There is a constant war which plagues cybersecurity; perhaps not only in cybersecurity, but in the world ...

Security Operations

6 Best Practices for SecOps in the Wake of the Sunburst Threat Campaign

1. Attackers have a plan, with clear objectives and outcomes in mind. Do you have one? Clearly this was a motivated and patient adversary. They spent many months in the planning and execution of an attack that was not incredibly sophisticated in its tactics, but rather used multiple semi-novel attack ...

Security Operations

SOCwise Series: Practical Considerations on SUNBURST

This blog is part of our SOCwise series where we’ll be digging into all things related to SecOps from a practitioner’s point of view, helping us enable defenders to both build context and confidence in what they do.  Although there’s been a lot of chatter about supply chain attacks, we’re going to ...

Security Operations

The Road to XDR

XDR (eXtended Detection and Response) is a cybersecurity acronym being used by most vendors today.  It is not a new strategy. It’s been around for a while but the journey for customers and vendors has been slow for many reasons. For McAfee, XDR has been integral to our vision, strategy ...

Security Operations

How OCA Empowers Your XDR Journey

eXtended Detection & Response (XDR) has become an industry buzzword promising to take detection and response to new heights and improving security operations effectiveness. Not only are customers and vendors behind this but industry groups like Open Cybersecurity Alliance (OCA) share this same goal and there are some open projects ...

Security Operations

SOCwise: A Security Operation Center (SOC) Resource to Bookmark

Core to any organization is managing cyber risk with a security operations function whether it be in-house or outsourced. McAfee has been and continues their commitment to protecting cyber assets. We are dedicated to empowering security operations and with this dedication comes expertise and passion. Introducing SOCwise a monthly series ...

Security Operations

The Deepfakes Lab: Detecting & Defending Against Deepfakes with Advanced AI

Detrimental lies are not new. Even misleading headlines and text can fool a reader.  However, the ability to alter reality has taken a leap forward with “deepfake” technology which allows for the creation of images and videos of real people saying and doing things they never said or did. Deep ...

Security Operations

How We’re Using AI to Usher in the Era of the “Smarter SOC”

In 2020, months seem to feel like years. Amid rapid change, adaptation is essential. Cyber threats are no exception to this rule. Technology can solve complex problems but can also be destabilizing. We think about this paradox regularly as artificial intelligence (AI) and Machine Learning gain prevalence in our field. ...

Security Operations

Time to Get Proactive About Threat Hunting

When I think about the many challenges that threat hunters face nowadays, trust me when I say that I feel their pain. Early in my career, I was a Security Engineer in a SOC who scrambled into action upon receiving the proverbial midnight call about an incident.   The system I was part of wasn’t ...

Security Operations

SOC vs MITRE APT29 evaluation – Racing with Cozy Bear

MITRE just released the results of the APT 29 evaluation of 21 commercial cybersecurity products today, including McAfee MVISION EDR. This evaluation, conducted in the form of a collaborative attack and defense exercise, is based on ATT&CK®, a freely available and open source knowledge base of adversary tactics and techniques ...

Subscribe to McAfee Securing Tomorrow Blogs