Published on October 18th, 2017 | by Tony Thompson

Enriching McAfee ESM SIEM with Network Traffic Analysis

Security Information and Event Management (SIEM) data is an invaluable source of information for hunting security threats. While there has been widespread adoption of SIEM tools in security operation centers, the massive amounts of log data and alert fatigue is challenging security professionals and resulting in threats being missed. This is also extending the time and effort needed to detect and investigate a breach.

Today, SS8 brings security pros one step closer to solving the pain of so much security information and what to do with it. SS8 has achieved technical integration with the McAfee Enterprise Security Manager (ESM) technology, which will enable customers to more quickly discover unknown advanced cyber threats and investigate breaches through enriched network traffic analysis (NTA) delivered by SS8.

The powerful integration of SS8 with McAfee ESM enables customers to more quickly discover the most sophisticated long-tail attacks and investigate breach behavior with pinpoint accuracy, down to specific devices of interest. SS8’s Layer 7 network enrichment and time-variant behavioral analysis helps McAfee ESM users accelerate the detection, investigation, and remediation of malicious activity within their IT environments.

According to a recent Gartner, Inc. report on SIEM, “Through Gartner’s conversations with major SIEM providers, threat detection is, by far, the biggest focus area for product enhancement across the field of providers. High-level themes that are common among competitors include being able to detect more threats and being able to detect them faster than with traditional SIEM methods.”[1]

We are boosting the efficiency of the SIEM and making it even more useful by supplementing it with deep context into network activity. Customers benefit from a high-definition network intelligence exchange between SS8 BreachDetect and McAfee ESM for easier and faster security threat discovery.

McAfee agrees. D.J. Long, head of the McAfee Security Innovation Alliance said, “By integrating SS8’s network intelligence with McAfee ESM, SS8 is helping our joint customers experience faster detection times and reduced costs.”

Come See Us:

McAfee users can come see us at the McAfee MPOWER event in Las Vegas this week, or you can read more about this integration by clicking here.

Tony Thompson is vice president and general manager of security analytics solutions at SS8 Networks.

[1] Gartner, Inc., Competitive Landscape: SIEM Market, Worldwide, 25 May, 2017 by Eric Ahlm


Tags: , , , ,

Leave a Reply

Back to Top ↑

Show Buttons
Hide Buttons