One of the more uncomfortable realities of IT security today is that it’s not so much about prevention as much as it is remediating the inevitable security breach. Security vendors across the board are starting to recognize this, the latest of which is McAfee. The company has released an upgrade to its ePO security management […]
One of the more uncomfortable realities of IT security today is that it’s not so much about prevention as much as it is remediating the inevitable security breach.
Security vendors across the board are starting to recognize this, the latest of which is McAfee. The company has released an upgrade to its ePO security management system that allows security administrators to query thousands of assets across their enterprise in seconds.
Gretchen Hellman, director of product marketing for SIEM at McAfee, says McAfee Real-Time for ePo not only gives IT organizations access to more predictive analytics than ever, it provides insights into the overall incident response process.
That analytics capability has now also been tightly integrated with a new version of McAfee Enterprise Security Manager, which is the security information event management (SIEM) platform that McAfee gained with its acquisition of NitroSecurity in 2011.
Hellman says that what differentiates McAfee’s approach to SIEM most is a correlation engine that allows the SIEM to better understand the overall IT environment, resulting in not only fewer false positives over time but also better identification of risks to the business that are based on the actual business value of any given system or application. In fact, with this release Hellman contends that SIEM is transforming from being passive monitoring into an automated incident response platform that can automatically send policy commands to McAfee software and integrated partner solutions.
A lot of IT organizations are suffering from security fatigue that results directly from having to constantly defend against an ever-increasing number of sophisticated attacks. The only way to overcome that fatigue is to rely on more automation to manage the security process. At the rate things are going, most IT organizations should be coming to that conclusion shortly.
Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.
The go-to resource for IT professionals from all corners of the tech world looking for cutting edge technology solutions that solve their unique business challenges. We aim to help these professionals grow their knowledge base and authority in their field with the top news and trends in the technology space.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
