Automatic Correlation of Threat, Vulnerability, and Countermeasures to Help Businesses Prioritize and Mitigate IT Risks
MARKHAM, ON – July 19, 2010 — McAfee, Inc. today unveiled the world’s most comprehensive Risk Management solution for IT Security. An industry first, the solution combines real-time threat intelligence with global vulnerability scanning across applications, databases and networks, and correlates that with security countermeasures already in place, to help organizations assess their highest priority risks. The solution empowers organizations to focus their limited resources on best protecting company information and taking a more proactive approach to enterprise security.
Unlike existing point-product approaches, which require IT Security specialists to manually correlate information, the McAfee(R) Risk Management solution, consisting of McAfee(R) Risk Advisor 2.5, McAfee(R) Vulnerability Manager 7.0 and McAfee(R) Vulnerability Manager for Databases, automatically pulls information together into a real-time risk analytics engine. This enables organizations to fully understand their risk posture across every meaningful sector of their IT environment including databases, web applications, systems and networks to know precisely what is needed to optimize their security posture.
“McAfee pioneered the risk-based approach to security management,” said Gene Fredriksen, Global CISO with Tyco International. “The release of their risk management solution demonstrates continued innovation in this space and reinforces their market leadership position. By synthesizing these core offerings into a cohesive risk management solution, McAfee has set the bar very high.”
A Holistic Approach to Managing Risk
“Enterprises are realizing that they can no longer rely on point products to mitigate risk,” said Stuart McClure, senior vice president and general manager, risk and compliance for McAfee. “That’s because those products are not designed to work together and do not tie the ability to identify and prioritize risks with the ability to mitigate them. McAfee is unique in delivering a holistic approach to managing risk that takes into account deployed countermeasures.”
The underpinning for the McAfee Risk Management solution consists of three products:
- McAfee Risk Advisor 2.5 – McAfee Risk Advisor is a risk management dashboard that correlates threat, vulnerability and countermeasure information to pinpoint critical assets at risk. McAfee Risk Advisor enables organizations to fully understand their risk posture across every meaningful sector of their IT environment to know precisely what is needed to optimize their security. Notable enhancements to McAfee Risk Advisor 2.5 include risk scoring and advanced patch optimization.
- McAfee Vulnerability Manager 7.0 – McAfee Vulnerability Manager is a proven vulnerability assessment product with unrivaled accuracy, depth and breadth of coverage. Version 7.0 adds deep web application scanning that was designed by thought leaders in the web application security space. With McAfee Vulnerability Manager 7.0, organizations are able to leverage this enterprise-class tool to accurately discover and scan web applications as part of their ongoing vulnerability assessment practice.
- McAfee Vulnerability Manager for Databases – McAfee Vulnerability Manager for Databases automatically finds databases on the network, determines if the latest patches have been applied, and tests for weak passwords, default accounts, and other common vulnerabilities. This new product comes with more than 3,000 database vulnerability checks to deliver the most thorough database vulnerability assessment and security-scanning capability in the market today.
When combined with the McAfee(R) ePolicy Orchestrator(R) platform, McAfee endpoint and network defense products, and over 90 partner products, the McAfee Risk Management solution delivers the ability for any-sized organization to optimize its security posture and comply with regulatory mandates. Ultimately, it provides the means for companies to get in control and stay in control.
“Understanding risks and vulnerabilities is essential to achieving optimized security,” said Vivian Tero, program manager, governance, risk and compliance (GRC) infrastructure, IDC. “Organizations need to know precisely where they are at risk and what they can do about it. Armed with visibility into their risk postures, organizations can know precisely what they need to do to mitigate risk and achieve greater compliance.”
McAfee continues to win awards for its risk and compliance products. The McAfee(R) Total Protection software for Compliance solution, a suite that includes McAfee Risk Advisor and McAfee Vulnerability Manager, received a perfect score earning a five out of five stars rating in SC Magazine’s Risk Management Group Test. Calling out the suite’s strength as an integrated risk management suite that eliminates the manual and time-consuming process of correlating threats to critical systems at risk, the reviewer justified the five star designation with, “Very nicely integrated and centralized single picture of risk and risk mitigation options across the numerous security controls deployed.”
All products are available now. For more information, please visit the McAfee risk and compliance Web page age at www.mcafee.com/riskmanagement.