Security Operations

Learn the latest SecOps threats and how McAfee enables SecOps teams to collect, enrich, and share data and turn that data into insights.

Security Operations

SIEM Enables Cloud Security & Reduces Time & Resources for Compliance

This blog post was written by Karl Klaessig. DTS is one of the larger systems companies in Germany, with around 140 team members in six locations.  Mid-sized and enterprise companies, as well as public institutions, rely on DTS to meet high data security demands and remain compliant with domestic and ...

Security Operations

Four Pillars Build the Foundation of Successful SIEM

Talking with customers during the past few months, the key topics and questions we heard were all about targeted attacks, threat intelligence, and security information and event management (SIEM). However, there seems be a myth that “once we have SIEM, we will have visibility into threats”—as if SIEM will give ...

Security Operations

McAfee SIEM with Ease

This blog post was written by Karl Klaessig. Think security and event management is hard from the get go? Think again. The initial set up of McAfee Enterprise Security Manager (ESM) within McAfee’s Security Information and Event Manager (SIEM) ecosystem is a breeze, and takes less than 10 minutes from ...

Security Operations

Updates and Mitigation to Microsoft Office Zero-Day Threat (CVE-2013-3906)

On November 5, Microsoft posted Security Advisory 2896666. This vulnerability, discovered by Haifei Li of McAfee Labs, affects multiple versions of Microsoft Office, Windows, and Lync. Successful exploitation could result in the ability to execute arbitrary code on a vulnerable host (a remote code execution vulnerability). The issue (an integer overflow) lies ...

Security Operations

Using the McAfee SIEM to Augment Successful Detection of Financial Fraud

Financial fraud has a wide range of impact across a society: Providers of financial services may incur the largest losses, but the users of financial services who become victims may be hit much harder. Fraud victims range across the income scale, and even a small fraud can be catastrophic to ...

Security Operations

New in SIEM – Advanced Correlation Features

Now that 9.2 has been out for some time, it’s time to document some of the very cool things the McAfee SIEM can do. While the documentation is a must read for the how, this post is meant to bring you up to speed of the why of some advanced ...

Endpoint Security Security Operations

Thinking Outside of the Sandbox: McAfee Advanced Threat Defense Unveiled

It’s always a great day when you can share something so innovative that it will surely change the game in the industry. Today, at the McAfee FOCUS 2013 conference, McAfee and my team announced the development and launch of McAfee Advanced Threat Defense – the newest addition to our Security ...

Security Operations

Advanced Malware Protection with Network Security Platform

McAfee Network Security Platform customers have benefited from malware protection for some time now. Most customers already use McAfee Global Threat Intelligence (GTI), which has been available since the 6.0 release. The largest and most used reputation service, with over 64 Billion queries per day, GTI classifies files as either ...

Security Operations

McAfee Named a Leader in 2012 Gartner Magic Quadrant for SIEM

Following our acquisition of NitroSecurity last year, we have been working towards fully integrating their Security Information and Event Management (SIEM) technology into our portfolio of solutions. McAfee Enterprise Security Manager (the fruit of our combined efforts) recently received a 5-star rating from SC Magazine, and now we are proud ...

Security Operations

Skywiper – Fanning the ‘Flames’ of Cyberwarfare

A few weeks ago, Iran reported intensified cyberattacks on its energy sector that they observed as a direct continuation of the Stuxnet and Duqu attacks. Over the weekend, the IR Cert (Iran’s emergency response team) published a new report that describes this attack as Flame and/or Flamer. Some other news ...

Subscribe to McAfee Securing Tomorrow Blogs