Security Operations

What the MITRE Engenuity ATT&CK® Evaluations Means to SOC Teams

SOCwise Weighs In When the infamous Carbanak cyberattack rattled an East European bank three years ago this month few would have guessed it would later play a starring role in the MITRE Engenuity™ enterprise evaluations of cybersecurity products from ourselves and 28 other vendors. We recently shared the results of ...

Security Operations

SOCwise Series: A Tale of Two SOCs with Chris Crowley

In a recent episode of McAfee’s SOCwise Series, guest security expert Chris Crowley revealed findings of his recent survey of security efforts within SOCs. His questions were designed to gain insight into all things SOC, including how SOCs can accomplish their full potential and how they assess their ability to keep up with security technology.   Hosts Ismael Valenzuela and Michael ...

Security Operations

Why MITRE ATT&CK Matters?

MITRE ATT&CK enterprise is a “knowledge base of adversarial techniques”.   In a Security Operations Center (SOC) this resource is serving as a progressive framework for practitioners to make sense of the behaviors (techniques) leading to system intrusions on enterprise networks. This resource is centered at how SOC practitioners of all ...

Endpoint Security

Are You Ready for XDR?

What is your organization’s readiness for the emerging eXtended Detection Response (XDR) technology? McAfee just released the first iteration of this technology, MVISION XDR. As XDR capabilities become available, organizations need to think through how to embrace the new security operations technology destined to empower detection and response capabilities. XDR is a journey for people and ...

Endpoint Security

XDR – Please Explain?

SIEM, we need to talk!  Albert Einstein once said, “We cannot solve our problems with the same thinking we used when we created them”.  Security vendors have spent the last two decades providing more of the same orchestration, detection, and response capabilities, while promising different results. And as the old adage goes, doing the same thing ...

Security Operations

6 Best Practices for SecOps in the Wake of the Sunburst Threat Campaign

1. Attackers have a plan, with clear objectives and outcomes in mind. Do you have one? Clearly this was a motivated and patient adversary. They spent many months in the planning and execution of an attack that was not incredibly sophisticated in its tactics, but rather used multiple semi-novel attack ...

Security Operations

SOCwise Series: Practical Considerations on SUNBURST

This blog is part of our SOCwise series where we’ll be digging into all things related to SecOps from a practitioner’s point of view, helping us enable defenders to both build context and confidence in what they do.  Although there’s been a lot of chatter about supply chain attacks, we’re going to ...

Subscribe to McAfee Securing Tomorrow Blogs