McAfee’s high-performance, powerful security information and event management (SIEM) brings event, threat and risk data together to provide strong security intelligence, rapid incident response, seamless log management and extensible compliance reporting. At the core of our SIEM offering, Enterprise Security Manager consolidates, correlates, assesses and prioritizes security events for both third-party and McAfee solutions.


As part of the Security Connected framework, McAfee Enterprise Security Manager tightly integrates with McAfee ePolicy Orchestrator (McAfee ePO) software, McAfee Risk Advisor and Global Threat Intelligence — delivering the context required for autonomous and adaptive security risk management.


McAfee Enterprise Security Manager  – provides the speed and rich context required to identify critical threats, respond quickly and easily address compliance requirements.


McAfee Global Threat Intelligence for Enterprise Security Manager – Built for big security data, McAfee Global Threat Intelligence for Enterprise Security Manager (ESM) puts the power of McAfee Labs directly into the security monitoring flow using McAfee’s high-speed, highly intelligent Security Information and Event Management (SIEM).


McAfee Enterprise Log Manager – automates log management and analysis for all log types, including Windows Event logs, Database logs, Application logs and Syslogs. Logs are signed and validated, ensuring authenticity and integrity — a necessity for regulatory compliance and forensics.


McAfee Advanced Correlation Engine – monitors real-time data, allowing you to simultaneously use both rule-based and rule-less correlation engines to detect risks and threats before they occur.


McAfee Application Data Monitor – decodes an entire application session to Layer 7, providing a full analysis of everything from the underlying protocols and session integrity all the way up to the actual contents of the application (such as the text of an email or its attachments).


McAfee Database Event Monitor for SIEM – delivers non-intrusive, detailed security logging of database transactions by monitoring access to database configurations and data.


McAfee Event Receiver – collects third-party events and logs — and performs native network flow collection — faster and more reliably than any other solution.