Information Security Bulletin

McAfee Extends Security Risk Management Portfolio

07 Aug 05:47

McAfee, Inc. has unveiled two new offerings as part of its security risk management portfolio. McAfee Foundstone Enterprise 5.0, a comprehensive priority-based vulnerability management solution, and McAfee Preventsys Compliance Auditor and Risk Analyzer both allow companies to automate the manually intensive process of reporting security compliance.

With McAfee Foundstone Enterprise 5.0, companies can prioritise and rank their highest-value business assets then identify their most critical security vulnerabilities and the threats, which could exploit them. This information allows organisations to more effectively respond to their most significant issues by deploying the proper resources where they are needed most. Through Foundstone 5.0's automated reporting, enterprises are also able to reduce IT operating expenses and achieve real-time metrics to better mitigate their security risk.

More than ever, IT departments are being forced to align their buying decisions with executive-driven business objectives. The merging of compliance with risk management at the enterprise level is shifting the focus from just identifying vulnerabilities and configuration holes to understanding the total impact of threats, vulnerabilities, and configuration errors on critical assets.

The McAfee Foundstone Enterprise 5.0 release supports this change by providing customers with credential-based scans of UNIX systems, including recent versions of Red Hat Enterprise, Solaris and AIX. This in-depth assessment provides customers with a better understanding of their total vulnerabilities so they can reduce their risk and get a detailed view of their risk posture. The two-way SNMP communication feature helps customers automate operational processes by providing complete integration with third-party applications, like BMC Remedy, to simplify patch management activities and ensure closed loop remediation.

Foundstone works in conjunction with McAfee Preventsys Compliance Auditor to provide policy compliance reporting capabilities. Customers can now take in Foundstone data and "link" corporate security policies and standards to specific Foundstone checks to ensure business policy objectives are being adhered to across the network. McAfee Preventsys Compliance Auditor supports centralised auditing across all aspects of policy: process, procedure and technical controls, which provides a consistent way to reduce the costs associated with demonstrating security compliance.

To further address compliance needs, McAfee Preventsys Risk Analyzer consolidates and analyses security data from multi-vendor sources, greatly reducing the time it takes to get a clear, prioritised picture of security risks, compliance issues, and monitor changes to an organisation's risk score.

Related links: (Open in a new window.)
www.mcafee.com

View printable version (opens in new window)
Back

Search ISB News:

Not yet sure you want to subscribe? Download a free sample copy!

Download the much quoted October Editorial

Portal Frontpage
Web Editorial
About This Portal
Contact Info

IS Alerts
General News
Product News
Vendor News
People News
Literature
Events
CHI News

Subscribe Online
About ISB
Publishing in ISB
Advertising in ISB
PR Information

In the current issue:

Security Management
The Importance of Adaptability
Steve Purser

From the Trenches
Reversing Perimeter Defences – a Case Study
Søren Maigaard

Security Architectures
The Self Defending Network: New Trends In ICT Security Infrastructures
Drs. Ing. René Pluis

Subscribe Online!