McAfee enhances human-machine teaming to include data architecture, behavior analytics offering and improve integrations

McAfee, the device-to-cloud cybersecurity company, announced Tuesday an expanded product portfolio that evolves security operations capabilities and allows for rapid response to today’s most advanced cybersecurity threats.

McAfee’s updated Enterprise Security Manager (McAfee ESM 11) leverages a new data architecture optimized for scalability, performance, faster search, and collaboration. This new architecture combined with the newly launched McAfee Behavioral Analytics, and enhanced McAfee Investigator, McAfee Advanced Threat Defense, and McAfee Active Response, will help security operation teams optimize their security infrastructure, leverage automation, improve detection, streamline workflows, and harness the power of human-machine teaming to improve response time and overall security outcomes.

McAfee’s enhanced security information and event management (SIEM) combined with advanced analytics will bring human-machine teaming to the next level by enabling security operations teams to more efficiently collect, enrich and share data. Then, the security operations teams can turn the security events into actionable insights that they can act on to confidently detect and correct sophisticated threats faster.

McAfee ESM 11 delivers open and scalable data bus architecture at the heart of McAfee ESM 11 shares huge volumes of raw, parsed and correlated security events to allow threat hunters to easily search recent events, reliably retain data for compliance and forensics, and enable data-hungry analytics applications. The new McAfee ESM 11 architecture allows for flexible horizontal expansion with active-active high availability, allowing organizations to rapidly query billions of events. Additional McAfee ESM appliances or virtual machines can be added at any point to add ingestion, query performance and redundancy.

McAfee Behavioral Analytics provides big data security analytics and machine learning technology discover new and unusual high-risk security threats without requiring extensive configuration or knowledge. McAfee Behavioral Analytics distills billions of security events down to hundreds of anomalies to produce a handful of prioritized threat leads.

McAfee Behavioral Analytics integrates with the McAfee portfolio, including McAfee ESM and McAfee ePolicy Orchestrator, the Data Exchange Layer, and third-party security information and event management (SIEM) solutions.

McAfee Investigator activity feed shares data with open source and third-party tools to streamline workflows and improve collaboration; and expands investigation guides include logon anomalies and new navigation features to multi-select findings for faster case closure.

The McAfee Active Response integrates between McAfee Investigator and McAfee Active Response enables analysts to scope the impact of a threat across their endpoints in real-time. Enhanced integration between McAfee Active Response and McAfee Advanced Threat Defense enables investigators to view detailed sandbox reports and indicators of compromise (IOC) including a new threat timeline report that visualizes attack execution steps from a single workspace. It also offers new capabilities to detect Powershell exploits and remediate by isolating a host.

“With companies struggling to keep up with the current threat landscape, the need for human-machine teaming has never been greater,” said Jason Rolleston, vice president of security analytics, McAfee. “Given the difficulty in finding skilled resources, enterprises need advanced analytics- and machine learning-powered solutions to augment the people they have. By combining the strength and speed of these new solutions with the power of human intellect, security operations teams become faster, smarter, more effective, and more efficient.”

McAfee ESM 11 and McAfee Behavioral Analytics are available to customers. McAfee Investigator will be available in April, and enhancements to McAfee Advanced Threat Defense and McAfee Active Response will be available in May.

IoT Innovator Newsletter

Get the latest updates and industry news in your inbox! Enter your email address and name below to be the first to know.