Risk and Vulnerability Management

Overview:

Key Benefits

• Speed implementation and maintenance with centralized management—Implement controls, improve consistency, and speed enforcement of policy creation and updates across systems and sites through McAfee ePolicy Orchestrator (ePO), the single, centralized management console.
• Streamline data monitoring and reporting—View event, activity, and violation information all from one management console, and then consolidate data into meaningful reports for administrators, auditors, and executives.
• Support international frameworks and standards—Adopt a broader and more formalized approach to risk with integrated product support for such international frameworks as ISO 17799 / 27002 and COBIT, as well as support for standards-based policy content such as XCCDF and OVAL.
• Enjoy comprehensive host and network-based assessments—Discover vulnerabilities and policy violations while eliminating firewall and credentialing issues with McAfee's broad platform and device support. We eliminate the need to choose between agent and agentless technology.
• Enforce policies end to end for complete coverage—Reduce vulnerability by applying innovative dynamic whitelisting and application trust technology, as well as anti-virus, anti-spyware, host intrusion prevention, policy auditing, and firewall technologies.
• Save time with integrated systems and processes—Make decisions faster and move reliably through remediation processes as McAfee solutions share vulnerability, event, and threat data.
• Stay ahead of emerging threats—Get streaming downloads of the latest threat protections and vulnerability research from McAfee Avert Labs, our Global Threat Intelligence team.

Products and Services:

Suites

McAfee Total Protection for Compliance—Integrate host and network scans to assess every system for patches and policy compliance automatically

McAfee Total Protection for Data—Employ strong encryption, data loss prevention, authentication, and policy-driven security controls to safeguard critical data

Products

McAfee Application Control—Reduce risk from unauthorized applications and gain stronger endpoint control

McAfee Change Control—Enforce change policy by time window, source, or approved ticket

McAfee Change Reconciliation—Ensure change policy effectiveness with McAfee Change Reconciliation

McAfee Integrity Monitor—Real-time file integrity monitoring (FIM)

McAfee Policy Auditor—Automate auditing processes more efficiently with advanced, purpose-built IT auditing; leverage open security standards and integration to shrink time spent on internal and external reviews

McAfee Remediation Manager—Enforce compliance using automated or on-demand remediation of noncompliant or vulnerable systems

McAfee Risk Advisor—Take the guesswork out of where to focus your security efforts

McAfee Vulnerability Manager—Identify vulnerabilities and policy violations and prioritize your IT resources to protect your most critical assets first

Services

Data Loss Prevention Assessments
Reduce risk of exposure as we identify sensitive data that has been copied or is currently in transit from its original intended container. This assessment captures and identifies assets on the network, as well as items on hard drives, covering data in motion and at rest.

Incident Management Checks
Make sure you are prepared for an attack or emergency. We assess gaps and help you build a better, more effective incident response and management program, including a process for detecting, identifying, and analyzing security-related events.

Internal and External Network Security Assessments
Let us identify every live host, open port, and available service, then find and test potential points of attack, attempting to locate all vulnerabilities, especially those with the greatest potential impact on your business.

Risk Assessments
Gain perspective with an independent audit of your risk profile. We introduce strategies, processes, and systems that help manage risk and mitigate risk conditions to help you comply with such regulations as GLBA, HIPAA, SB 1386, and PCI.

Vulnerability Management Health Checks
Understand the gaps in your current vulnerability management program, and identify areas where you may not have the right balance of people, process, and technology.