Posted: 15th April 2022

Product Overview

McAfee® Enterprise Security Manager (McAfee ESM) is a security information and event management (SIEM) solution that gives you real-time visibility to all activity on your systems, networks, databases, and applications.

As the foundation of McAfee's SIEM solution, McAfee ESM:

  • Collects and aggregates event data from your security devices, network infrastructures, databases, and applications.
  • Applies intelligence to that data, by combining it with contextual information about users, assets, vulnerabilities, and threats.
  • Correlates information to find potential threat incidents.
  • Enables you to investigate and respond to incidents by using interactive, customizable dashboards.

Challenges Overcome Through Integration

Security operations center (SOC) teams are inundated with alerts and events. By joining forces through a seamless integration, security event management from McAfee ESM and security intelligence from Recorded Future helps analysts reduce manual research time and make informed verdicts. SOC analysts can efficiently dismiss false positives and capture threat context for true incidents.

Integration Description

Recorded Future for McAfee ESM allows organizations to quickly resolve security threats using external threat intelligence and rich context from Recorded Future directly on top of alerts and logs inside ESM.

Recorded Future uses the McAfee ESM taxii client to pull down Recorded Future risk lists via Taxii.

The joint solution enables analysts to instantly integrate prioritized and actionable threat intelligence with your existing security controls inside McAfee ESM.