McAfee, the device-to-cloud cybersecurity company, announced McAfee Enterprise Security Manager (ESM) Cloud, a new cloud-based security and information event management (SIEM) solution that gives organizations the ability to detect, investigate, and be operational in just two hours. Being a cloud-based solution, McAfee ESM Cloud has extended the value of a traditional SIEM that provides faster onboarding of security telemetry, automatic updates, and continuous system health monitoring.
McAfee’s Cloud Adoption and amp; Risk Report – Work-from-Home Edition that handled cloud security trends at the times of coronavirus has reported that the external attacks grew by 630% on the cloud. In comparison, the overall enterprise use of cloud services has increased by 50%. These attacks are a result of continually evolving threats shadowed behind regular enterprise activity. Security Information Event Management (SIEM) solutions are meant to handle and protect against attacks under an ever-increasing volume of events, the sophistication of threats, and cloud infrastructures.
McAfee ESM Cloud gives customers liberty from the burden of SIEM hardware maintenance, hardware refresh lifecycles, and software updates and hotfixes, thus allowing organizations to concentrate on their security operations. McAfee ESM Cloud has the following things to offer:
- Automated installation—the system is already installed and available to take customers’ details from day one. ESM Cloud uses advanced real-time analytics and rich context to detect and prioritize threats, along with out-of-the-box support for hundreds of data sources.
- Value for time—boosts time to value for SecOps centers with pre-built, case-based content packs that include a fully operational dashboard, reports, watch lists, and alarms
- Continuous improvement—McAfee handles all ESM Cloud updates in such a way that customers are free from the burden of software updates and upgrades
- Consistent performance—Quality experience for consumers is consistent from day one even as their SecOps requirements increase
- Scalability—removes the reliance on the data centers. Customers can increase their ability and computing power with a few mouse clicks.
- Flexible platform—provides a versatile platform for third-party integration, network incident response, and threat containment.
“Today’s SecOps teams face a multitude of issues, including the need to take on new efforts such as digital transformation, the convergence of internet technology and operation technology, and the sudden shift to remote working,” said Anand Ramanathan, Vice President of Enterprise Products, McAfee.
“ESM Cloud helps McAfee take its next step towards XDR functionality with highly scalable event collection, normalization, enrichment and analytics, along with customizable dashboards and reporting, so customers can rapidly reduce the signal to noise ratio and prioritize detected threats in hours as opposed to days,” he added.