McAfee launches ESM Cloud,
delivering rapid time to value with
incident investigations
focused on their security operations.
McAfee ESM Cloud offers:
cAfee, a device-to-cloud
M cybersecurity company, has
announced McAfee Enterprise
Security Manager (ESM) Cloud, a new
cloud-based security and information
event management (SIEM) solution that
provides organisations with the ability to
detect, investigate and be operational in
just under two hours. As a cloud-based
solution, McAfee ESM Cloud extends the
value of a traditional SIEM by providing
faster onboarding of security telemetry,
automatic updates and continuous
system health monitoring.
According to McAfee’s Cloud Adoption
and Risk Report – Work from Home
Edition, which looked at cloud security
trends during the COVID-19 pandemic,
external attacks on cloud accounts grew
630% and the overall enterprise use of
cloud services increased by 50%. These
attacks come from constantly evolving
threats hiding behind normal enterprise
activity. Security Information Event
Management (SIEM) solutions need to
be able to identify and defend against
attacks within an ever-increasing volume
of events, sophistication of threats and
cloud infrastructures.
“Today’s SecOps teams face a
multitude of issues, including the need
to take on new efforts such as Digital
Transformation, the convergence of
Internet technology and operation
technology and the sudden shift
to remote working,” said Anand
Ramanathan, Vice President of Enterprise
Products, McAfee. “ESM Cloud helps
McAfee take its next step towards XDR
functionality with highly scalable event
collection, normalisation, enrichment
and analytics, along with customisable
dashboards and reporting, so customers
can rapidly reduce the signal to noise
ratio and prioritise detected threats in
hours as opposed to days.”
McAfee ESM Cloud frees customers
from the burden of SIEM hardware
maintenance, hardware refresh life
cycles and software updates and
hotfixes, allowing organisations to stay
• Automatic installation – The
system comes installed and ready to
ingest customer data from day one.
ESM Cloud uses real time advanced
analytics and rich context to detect
and prioritise threats, along with
out-of-the-box support for 100s of
data sources.
• Time to value – Accelerates
time to value for SecOps centres
with pre-built, use-case focused
content packs, which provide fully
operational dashboard, reports,
watchlists and alarms
• Continuous improvement –
McAfee handles all updates to
ESM Cloud, so that customers are
free from the burden of software
updates and upgrades
• Consistent performance – The
performance customers experience
on day one will be consistent even as
their SecOps requirements grow
• Scalability – Removes the
dependence on data centres.
Customers can increase their
capacity and compute power with a
few clicks of the mouse.
• Open Platform – Provides a flexible
platform for third party integration,
security incident response and
threat containment
This announcement also builds upon
McAfee’s customer recognition within
SecOps and SIEM. In July, McAfee
was named a 2020 Gartner Peer
Insights Customers’ Choice for SIEM, a
distinction that is verified by end-user
professionals, taking into account both
the number of reviews and the overall
user ratings. u
intelligent CLOUD SECURITY
www.intelligentciso.com | Issue 28
55