Endpoint Security Security Operations

When You’re Overwhelmed With Alerts, It’s Time to Automate

In a number of recently publicized breaches, and probably many other attacks, information that could have enabled the security team to catch and contain the attack were lost in the sheer volume of alerts. Your security team is getting alerts from internal sensors, threat intelligence from multiple sources, and potential ...

Security Operations

Fastpass to SIEM ROI via Pre-built content for analysts and responders

In our previous Blog, we covered how customizing SIEM for threat management requires both resources and expertise.  As a result, McAfee created “ready to go” content packs based on Gartner’s Top Use cases.  targeting aspiring users to expand their SIEM detection and response use cases without spending countless hours and ...

Security Operations

Is Your SIEM ‘Ready To Go?’

The massive amount of log, event and flow data within the SIEM offers security analysts answers to essential security questions such as “who is accessing critical business systems,” or, more importantly, “was there any anomalous activity before, during or after the connection?” To get all these answers, though, users need ...

Security Operations

Four Ways to Stretch Your SIEM For Complete Protection

This blog post was written by Karl Klaessig. Organizations and enterprises today are more aware than ever of the dangers posed by cybercriminals and advanced persistent threats (APTs). So, how can they fight back against these online threats in a situation where one size never fits all? One solution that ...

Security Operations

Seven key SIEM actions to thwart attacks in the security “Golden Hour”

This blog was written by Bart Lenaerts-Bergman. As cyber criminals move faster and stealthier, taking advantage of new tools provided through an adversarial community, security teams need to be able to respond with equal or greater speed. Every second counts after a cyber attack. Therefore, it is imperative to have ...

Enterprise

Building and Using Your Network of Informants

If you are working in law enforcement, having a network of informants is both a blessing and a curse. A blessing, because they can provide you with information, tips, and clues that you would otherwise miss. A curse, because they may not be the most trustworthy individuals or may see ...

Security Operations

Intelligent, Actionable, Integrated

Reaping the benefits of SIEM For automated tools such as Security Information and Event Management (SIEM) to improve your security posture and reduce your response time, they need to be intelligent, actionable, and integrated. They need to help you find what’s important so your team can spend more time with ...

Security Operations

Why SIEM is a Winning Security Strategy

This blog post was written by Karl Klaessig. Like most things in life, successful planning for a secure network takes a pre-baked strategy. And, with that strategy comes the actions and tasks needed to carry it out. It’s much like sports – you want to enable your organization to be ...

Security Operations

Cyber Threat Management: A Perfect Fit for McAfee SIEM

This blog was written by Bart Lenaerts-Bergman. Driven by the misfortune of many, Cyber Threat Intelligence exchange and consumption is becoming more proliferated, accessible and standardized. Together with legacy security technologies like Firewall, IPS and Vulnerability Assessment tools, SIEMs have used threat intelligence initially for the most common use-case of ...

Endpoint Security Security Operations

Progress Report: Critical Security Controls Adoption

This blog was written by Barbara Kay. Today the SANS Institute released its survey on adoption of the Top 20 Critical Security Controls (CSCs) for Effective Cyber Defense. It’s a worthwhile read for CISOs and security analysts charged with overseeing security and risk management. The survey documents adoption highlights and hurdles, ...

Subscribe to McAfee Securing Tomorrow Blogs