Tag: SIEM

Here's some cool trivia for you: What profession currently has a zero-percent unemployment rate, pays an average of $116,000 a year, and is among the top in-demand jobs in the world? A lawyer? A pharmacist? A finance manager, perhaps? Nope. The job we're talking about is a cybersecurity specialist and, because of the increase in cyber ...
Read Blog
I’m proud to say that McAfee has received recognition from our customers with the 2018 Gartner Peer Insights Customers’ Choice for the Security Information and Event Management (SIEM). This is a recognition of high satisfaction from a number of reviews by verified end-user professionals. To ensure fair evaluation, Gartner maintains rigorous criteria for recognizing vendors ...
Read Blog
In security operations, we frequently talk about the difficulties in separating the signal from the noise to detect legitimate threats and disregard false alarms. Data overload is a common problem and triage becomes a critical skill to hone and develop. As the chief information security officer (CISO) for McAfee, I am aware at multiple levels ...
Read Blog
This blog was written by Brook Schoenfield. On October 12, researcher Mathy Vanhoef announced a set of Wi-Fi attacks that he named KRACKs, for key reinstallation attacks. These attack scenarios are against the WPA2 authentication and encryption key establishment portions of the most recent set of protocols. The technique is through key reinstallation. The attack ...
Read Blog
I’ve been in this industry for over twenty years, and the advancements in cybersecurity over the last few years are unmatched. As an industry, we went from believing in a best-in-breed, siloed approach and now we understand our customers need a connected security architecture that can protect, detect, and correct. While we’ve made impressive advancements, ...
Read Blog
This blog post was written by Kristen Jacobsen. If you’ve read our previous blog, “Leveraging UEBA Capabilities in Your Existing SIEM," you understand how McAfee Enterprise Security Manager can perform many essential UEBA functions leveraging its built-in advanced analytics and behavior modeling. Doing It Better Together For several specific use cases, you may find that ...
Read Blog
This blog post was written by Karl Klaessig. For more than a decade, in response to higher volumes of alerts, security information and event monitoring (SIEM) became an integral component of enterprise security programs. However, the increasing sophistication and complexity of attacks are driving the need for advanced analytics—beyond the log aggregation of older SIEM ...
Read Blog
This blog post was written by Kristen Jacobsen. User and entity behavior analytics (UEBA) uses advanced analytics to track and flag suspicious behaviors of both users and assets, such as networked assets, sensors, databases, devices, and hosts. There are many reasons why UEBA is gaining traction as both an integrated tool with SIEM as well ...
Read Blog
This blog post was written by Karl Klaessig. For the average security analyst, it’s no secret that their days are overloaded with more “hair on fire” moments than “Zen” moments. The 2016 SANS Incident Response Survey paints a clear and sobering picture of the demands being placed on security analysts. The survey lists, in order, ...
Read Blog