McAfee ESM Cloud frees customers from SIEM hardware maintenance

McAfee has announced McAfee Enterprise Security Manager (ESM) Cloud, a new cloud-based security and information event management (SIEM) solution that provides organizations with the ability to detect, investigate and be operational in just under two hours. As a cloud-based solution, McAfee ESM Cloud extends the value of a traditional SIEM by providing faster onboarding of security telemetry, automatic updates, and continuous system health monitoring.

According to McAfee’s Cloud Adoption & Risk Report – Work-from-Home Edition, which looked at cloud security trends during the COVID-19 pandemic, external attacks on cloud accounts grew 630 percent and the overall enterprise use of cloud services increased by 50 percent. These attacks come from constantly evolving threats hiding behind normal enterprise activity. Security Information Event Management (SIEM) solutions need to be able to identify and defend against attacks within an ever-increasing volume of events, the sophistication of threats, and cloud infrastructures.

“Today’s SecOps teams face a multitude of issues, including the need to take on new efforts such as digital transformation, the convergence of internet technology and operation technology, and the sudden shift to remote working,” said Anand Ramanathan, vice president of enterprise products, McAfee. “ESM Cloud helps McAfee take its next step towards XDR functionality with highly scalable event collection, normalization, enrichment and analytics, along with customizable dashboards and reporting, so customers can rapidly reduce the signal to noise ratio and prioritize detected threats in hours as opposed to days.”

McAfee ESM Cloud frees customers from the burden of SIEM hardware maintenance, hardware refresh lifecycles, and software updates and hotfixes, allowing organizations to stay focused on their security operations. McAfee ESM Cloud offers:

• Automatic installation—the system comes installed and ready to ingest customers data from day one. ESM Cloud uses real-time advanced analytics and rich context to detect and prioritize threats, along with out-of-the-box support for 100’s of data sources.
• Time to value—accelerates time to value for SecOps centers with pre-built, use-case focused content packs, which provide fully operational dashboard, reports, watchlists and alarms
• Continuous Improvement—McAfee handles all updates to ESM Cloud, so that customers are free from the burden of software updates and upgrades
• Consistent Performance – the performance customers experience on day one will be consistent even as their SecOps requirements grow
• Scalability—removes the dependence on data centers. Customers can increase their capacity and compute power with a few clicks of the mouse.
• Open Platform—provides a flexible platform for third party integration, security incident response and threat containment

This announcement also builds upon McAfee’s customer recognition within SecOps and SIEM. On July 3, McAfee was named a 2020 Gartner Peer Insights Customers’ Choice for SIEM, a distinction that is verified by end-user professionals, taking into account both the number of reviews and the overall user ratings.