Clik here to view.
McAfee – Cybercrime is a firefight! Time for Automation.
Fighting a grass fire in high winds Those who have experienced them know how scary their world becomes when a grass fire or forest fire gets out of control. As these fires become more intense, they...
View ArticleSIEM is your Analyst’s Best Technology Partner
This blog post was written by Karl Klaessig. For the average security analyst, it’s no secret that their days are overloaded with more “hair on fire” moments than “Zen” moments. The 2016 SANS Incident...
View ArticleClik here to view.
Super Hero like Speed on DXL
Speed and Agility Superheroes are part of the lore of American culture — the thought of human-being acquiring superhuman power such as flight, invisibility, breathing underwater has always been...
View ArticleClik here to view.
Please Vote: Fourth Annual SANS IR Survey Wants You!
This blog was written by Barbara Kay. Past survey findings have helped us understand key trends such as the hurdles holding back success, the evolution of SOC maturity, the data being targeted, use of...
View ArticleLeveraging UEBA Capabilities in Your Existing SIEM
This blog post was written by Kristen Jacobsen. User and entity behavior analytics (UEBA) uses advanced analytics to track and flag suspicious behaviors of both users and assets, such as networked...
View ArticleHow to Gain a Competitive Advantage with an Integrated Approach to Security
Simply adding an advanced threat analysis technology to your security stack can expand detection and solve some immediate security issues. But thinking beyond standalone detection to an integrated...
View ArticleLeveraging SIEM and Security Analytics for Improved Monitoring of Advanced...
This blog post was written by Karl Klaessig. For more than a decade, in response to higher volumes of alerts, security information and event monitoring (SIEM) became an integral component of enterprise...
View ArticleClik here to view.
How Coordinated, Collaborative Security Can Help You Defeat Unknown Malware
This blog was written by Stan Golubchik. In a previous blog, “How to Gain a Competitive Advantage with an Integrated Approach to Security,” we’ve shown you how adding an advanced threat analysis...
View ArticleThe Power of an Integrated UEBA/SIEM Solution
This blog post was written by Kristen Jacobsen. If you’ve read our previous blog, “Leveraging UEBA Capabilities in Your Existing SIEM,” you understand how McAfee Enterprise Security Manager can perform...
View ArticleClik here to view.
OpenDXL Case Study: Sandbox Mania featuring Cuckoo and Wildfire
This blog was written by Barbara Kay. To unleash creativity, my middle school art teacher occasionally offered up all the painting, woodcarving, pottery, and collage resources in the studio, with no...
View ArticleClik here to view.
Security Automation is Here —The Time is Now: 60% of respondents think manual...
This blog was written by Barbara Kay. There was a time when automation was a dirty word in security. Now, it is a necessity. A new Enterprise Strategy Group (ESG) survey, sponsored by McAfee and other...
View ArticleExpanding Automated Threat Hunting and Response with Open DXL
Today everyone is talking about security automation. However, what are the right processes and actions to automate safely? What are the right processes and actions to automate that will actually...
View ArticleClik here to view.
What WannaCry Means for the SOC
In addition to the endpoint and network operational efforts for WannaCry, this outbreak presents great learning and response opportunities for analysts in the security operations center (SOC)....
View ArticleFor Three Years Running, McAfee Advanced Threat Defense Places in Radicati’s...
In this year’s Radicati APT Protection—Market Quadrant, McAfee Advanced Threat Defense attained a position in the Top Players quadrant for the third year running. The Radicati report assesses advanced...
View ArticleCan you see me now? Unpacking malware for advanced threat analysis.
This blog was written by Stan Golubchik. A recent McAfee blog ‘Malware Packers Use Tricks to Avoid Analysis, Detection’, highlighted the use of packers as an effective way to slow down analysis and...
View ArticleClik here to view.
Time to Close vs. Root Cause – Are we measuring the wrong thing (again)?
This blog was written by Barbara Kay. “Human beings adjust behavior based on the metrics they’re held against. Anything you measure will impel a person to optimize his score on that metric. What you...
View ArticleA Leader-Class SOC: The Sky’s the Limit
This blog was written by Jason Rolleston. This has been quite a year for McAfee, as we not only roll out our vision, but also start to fulfill that vision. We’ve established our world view: endpoint...
View ArticleClik here to view.
Building a Sustainable Model for Cybersecurity Talent
Depending on whose study you believe, there is going to be a shortage of 1.5 million or more cybersecurity professionals in 2020. As McAfee re-emerged from Intel as an independent company, we have...
View ArticleClik here to view.
Identifying insights that lead to decisions
The first in a series of three blogs by Grant and Jason Rolleston on the process of identifying actionable insights. A couple of weeks ago we discussed the process security operations teams go through...
View ArticleWhat humans do better than machines
The second in a series of three blogs by Grant and Jason Rolleston on the process of identifying actionable insights. In the last post in this series, we looked at the process by which data is...
View ArticleHow McAfee uses Customer Zero to get to decisions faster
The third in a series of three blogs by Grant and Jason Rolleston on the process of identifying actionable insights. In this series, we’ve been examining how data is collected, processed and analyzed....
View ArticleHow to Boost Security Operations Performance with Human-Machine Teaming...
In the lead up to the Security Operations Roadshow in Canada in May, there’s been lots of discussion on the challenges faced by security teams. Security operations teams today struggle with an...
View ArticleGartner Peer Insights Recognition for McAfee SIEM
This blog was written by Peter Elliman. I’m proud to say that McAfee has received recognition from our customers with the 2018 Gartner Peer Insights Customers’ Choice for the Security Information and...
View ArticleClik here to view.
McAfee Leads the Charge to Embrace and Expand the MITRE ATT&CK Framework
In October, I was privileged to attend the two-day MITRE ATT&CK conference, where participants and attendees voiced their support for the ATT&CK framework. The event, sponsored by McAfee,...
View ArticleClik here to view.
McAfee Advanced Threat Defense Incorporates the MITRE ATT&CK Framework to...
In the cybersecurity space, there’s a lot of talk about the “attacker advantage.” As a defender, you’re all too familiar with the concept. Every day, you and your team try to gain ground over...
View ArticleClik here to view.
The Ever-Evolving SOC
In the 17th century, poet John Donne wrote, “no man is an island entire of itself.” He also mentioned every man is “a part of the main.” Fast forward to the 21st century and you’ll find this concept...
View ArticleClik here to view.
Join the Cyber Security Dance
Automation and orchestration are central to the proverbial cyber security dance between IT operations and security operations center (SOC). Both functions need to work with each other and establish a...
View ArticleClik here to view.
SOC vs MITRE APT29 evaluation – Racing with Cozy Bear
MITRE just released the results of the APT 29 evaluation of 21 commercial cybersecurity products today, including McAfee MVISION EDR. This evaluation, conducted in the form of a collaborative attack...
View ArticleClik here to view.
Time to Get Proactive About Threat Hunting
When I think about the many challenges that threat hunters face nowadays, trust me when I say that I feel their pain. Early in my career, I was a Security Engineer in a SOC who scrambled into action...
View ArticleClik here to view.
How We’re Using AI to Usher in the Era of the “Smarter SOC”
In 2020, months seem to feel like years. Amid rapid change, adaptation is essential. Cyber threats are no exception to this rule. Technology can solve complex problems but can also be destabilizing. We...
View ArticleClik here to view.
The Deepfakes Lab: Detecting & Defending Against Deepfakes with Advanced AI
Detrimental lies are not new. Even misleading headlines and text can fool a reader. However, the ability to alter reality has taken a leap forward with “deepfake” technology which allows for the...
View ArticleClik here to view.
SOCwise: A Security Operation Center (SOC) Resource to Bookmark
Core to any organization is managing cyber risk with a security operations function whether it be in-house or outsourced. McAfee has been and continues their commitment to protecting cyber assets. We...
View ArticleClik here to view.
How OCA Empowers Your XDR Journey
eXtended Detection & Response (XDR) has become an industry buzzword promising to take detection and response to new heights and improving security operations effectiveness. Not only are customers...
View ArticleClik here to view.
The Road to XDR
XDR (eXtended Detection and Response) is a cybersecurity acronym being used by most vendors today. It is not a new strategy. It’s been around for a while but the journey for customers and vendors has...
View ArticleClik here to view.
SOCwise Series: Practical Considerations on SUNBURST
This blog is part of our SOCwise series where we’ll be digging into all things related to SecOps from a practitioner’s point of view, helping us enable defenders to both build context and confidence in...
View ArticleClik here to view.
6 Best Practices for SecOps in the Wake of the Sunburst Threat Campaign
1. Attackers have a plan, with clear objectives and outcomes in mind. Do you have one? Clearly this was a motivated and patient adversary. They spent many months in the planning and execution of an...
View ArticleClik here to view.
Hacking Proprietary Protocols with Sharks and Pandas
The human race commonly fears what it doesn’t understand. In a time of war, this fear is even greater if one side understands a weapon or technology that the other side does not. There is a constant...
View ArticleClik here to view.
Why MITRE ATT&CK Matters?
MITRE ATT&CK enterprise is a “knowledge base of adversarial techniques”. In a Security Operations Center (SOC) this resource is serving as a progressive framework for practitioners to make sense...
View ArticleClik here to view.
SOCwise Series: A Tale of Two SOCs with Chris Crowley
In a recent episode of McAfee’s SOCwise Series, guest security expert Chris Crowley revealed findings of his recent survey of security efforts within SOCs. His questions were designed to gain insight...
View ArticleClik here to view.
McAfee Provides Max Cyber Defense Capabilities in MITRE’s Carbanak+FIN7...
Each year, MITRE Engenuity conducts independent evaluations of cybersecurity products to help government and industry make better decisions to combat security threats and improve industry’s threat...
View ArticleClik here to view.
McAfee Proactive Security Proves Effective in Recent MITRE ATT&CK™
McAfee Soars with Superior Protection Results Bottom Line: McAfee stopped the MITRE ATT&CK Evaluation Carbanak and FIN7 threats in their tracks within the first 15% of the major steps of the...
View ArticleClik here to view.
What the MITRE Engenuity ATT&CK® Evaluations Means to SOC Teams
SOCwise Weighs In When the infamous Carbanak cyberattack rattled an East European bank three years ago this month few would have guessed it would later play a starring role in the MITRE Engenuity...
View ArticleClik here to view.
Miles Wide & Feet Deep Visibility of Carbanak+FIN7
In our last blog about defense capabilities, we outlined the five efficacy objectives of Security Operations, that are most important for a Sec Ops; this blog will focus on Visibility. The MITRE...
View ArticleClik here to view.
Alert Actionability In Plain English From a Practitioner
In response to the latest MITRE Engenuity ATT&CK® Evaluation 3, McAfee noted five capabilities that are must-haves for Sec Ops and displayed in the evaluation. This blog will speak to the alert...
View ArticleClik here to view.
Finding Success at Each Stage of Your Threat Intelligence Journey
Every week it seems there’s another enormous breach in the media spotlight. The attackers may be state-sponsored groups with extensive resources launching novel forms of ransomware. Where does your...
View ArticleClik here to view.
Testing to Ensure Your Security Posture Never Slouches
How well can you predict, prevent and respond to ever-changing cyberthreats? How do you know that your security efforts measure up? The stakes are high if this is difficult to answer and track....
View ArticleClik here to view.
How to Proactively Increase Your Protection Against Ransomware with Threat...
As Ransomware continues to spread and target organizations around the world, it is critical to leverage threat intelligence data. And not just any threat intelligence but actionable intelligence from...
View ArticleClik here to view.
The Industry Applauds MVISION XDR – Turning Raves into Benefits
Do you usually read what critics say before deciding to see a movie or read a book? We believe these McAfee MVISION XDR reviews were worth the wait. But rather than simply share a few top-tier analyst...
View ArticleClik here to view.
The Art of Ruthless Prioritization and Why it Matters for SecOps
The security operations center (SecOps) team sits on the front lines of a cybersecurity battlefield. The SecOps team works around the clock with precious and limited resources to monitor enterprise...
View ArticleWhat Types of Apps Track Your Location?
Your mobile phone can do so many things, thanks to the wonders of technology. One of those things is having very accurate information about your location. In fact, some apps have to know your location...
View Article
