McAfee has just launched a cloud-based security and information event management service with advanced onboarding and other security provisions for security departments. They have named it the McAfee Enterprise Security Manager Cloud.
The security manager supports features like reporting on incidents, detection capabilities, and threat hunting. The company is doing this to increase the value of traditional SIEM. With faster onboarding for automated updates, security telemetry, and system health monitoring, they are on track to hit their goal.
New and improved provisions
Armed with improved analytics, historical and real-time analysis, and a favourable ‘time to value’, McAfee offers a product that delivers what it promises. Now, users will have pre-built threat detection rules and fully working reports, dashboards, watchlists, and alarms.
Right out-of-the-box, users have access to network and cloud-based services, hundreds of data sources across their endpoints and applications. The interface is open for integration with preferred third-party solutions and other McAfee products.
According to the company, the auto-provisioning features in their ESM cloud will allow engineering efforts to be minimal by performing event ingestion from the moment of installation.
Safeguarding a transition to the cloud
Anand Ramanathan, the vice president of enterprise products at the company, says that the many issues faced by SecOps teams can be tackled using ESM Cloud. It will allow users to maintain and improve their security significantly, in a transition to the cloud.
The release is coming at a time when cyberattacks are surging, as the pandemic stretches on. In May, a study published by the company found that external attacks on cloud accounts increased 630% as the pandemic was beginning to bring the economy to a halt.
The reason behind these increased attacks is that most people are forced to work from home, and using cloud environments seems to be the best way to do that, attracting attacks.