McAfee Security Innovation Alliance Program – Partner Direct

Absolute Software Corporation

Absolute Software provides subscription-based computer theft recovery, IT asset management and remote data delete solutions for organizations and consumers. The company's core technology Computrace(r) is pre-installed in the BIOS of computers from the world's leading computer manufacturers during the manufacturing process. As a complement to encryption and anti-virus software, Computrace assists in the prevention of data breaches resulting from computer theft.

Absolute Software will integrate with ePO to simplify the management of data breaches resulting from computer theft.

AccessData

AccessData, a pioneer in the digital forensics industry, provides investigators with the tools to preview, search for, analyze, process and forensically preserve electronic evidence for the purposes of criminal investigations, internal investigations, incident response and eDiscovery.

Customers can now use ePO to deploy AccessData agents on ePO-managed assets and view agent coverage reports that include publisher, product, version, and more. ePO enhances the forensic effort by correlating users in its database with assets or activities under investigation. Read the solution brief for more details.

McAfee Compatible solution: AccessData 1.1.0 agent and McAfee ePO 4.0 Server (Agents: CMA 3.6 and MA 4.0 on Windows XP and 2003).

Application Security, Inc.

Application Security, Inc. is a comprehensive provider of database security solutions for the enterprise. DbProtect allows organizations to secure their most sensitive data from internal and external threats, while also ensuring that those organizations meet or exceed regulatory compliance and audit requirements.

Application Security, Inc. will leverage ePO to simplify the management of database discovery, scanning, vulnerability assessment, real-time activity monitoring, and auditing.

ArcSight

ArcSight (NASDAQ: ARST) is a leading global provider of compliance and security management solutions that protect enterprises and government agencies. ArcSight helps customers comply with corporate and regulatory policy, safeguard their assets and processes, and control risk. The ArcSight platform collects and correlates user activity and event data across the enterprise so that businesses can rapidly identify, prioritize, and respond to compliance violations, policy breaches, cybersecurity attacks, and insider threats.

ArcSight will use the McAfee ePolicy Orchestrator (ePO) SDK to integrate ArcSight Enterprise Security Manager (ESM) and ArcSight Logger with McAfee ePO. The integrated solution will enable powerful new security workflows across security monitoring, incidence response, and regulatory compliance.

Bit9, Inc.

Bit9, a leader in enterprise application white-listing, centrally controls which applications are allowed on corporate desktops. Should an enterprise choose to allow only approved software on its desktops, this ePO-integrated solution delivers another layer of security, prevents desktop configuration drift, and lowers management costs.

Bit9 is leveraging the trusted ePO framework and system hierarchy to deploy the Bit9 Parity agent on endpoints and build deployment coverage reports for publisher, product, version, security condition, and more. Read the solution brief   for more details.

McAfee Compatible solution: Bit9 Parity 4.1.2 agent and McAfee ePO 4.0 Server (Agents: CMA 3.6 and MA 4.0 on Windows XP and 2003).

Catbird

Catbird brings visibility, control, and policy enforcement to the virtual data center. Catbird's V-Security product suite provides security, change control, separation of duties, and validation by deploying a virtual appliance inside VMware ESX or Citrix XenServer. V-Security combines network security technologies with hypervisor and virtual machine data to deliver benefits such as policy compliance and enforcement of virtual network segmentation, server sprawl management, and intrusion prevention.

Catbird's solution complements McAfee's systems and network security offerings for virtualized environments. With the integration of V-Security, current McAfee ePO customers will gain additional visibility into, receive alerts from, and manage policies for their virtual network environments.

Cyber-Ark

Cyber-Ark Software is an information security company that develops and markets digital vaults for securing and managing privileged identities and highly sensitive information within and across global enterprise networks. Cyber-Ark Software returns control to business data owners and mitigates insider threats that account for the majority of data misuse or leakage cases. Cyber-Ark helps organizations accurately discover and classify sensitive information, which results in faster and more reliable McAfee data loss prevention deployments.

ForeScout

ForeScout is a provider of clientless network access control and policy enforcement without the need to install a client on endpoints (for example, laptops, desktops, VoIP phones, PDAs, printers, and more). ForeScout's CounterACT appliance provides a range of enforcement options when policy violations are detected.

ForeScout plans to integrate its CounterACT NAC product with McAfee ePO to extend the network enforcement options managed therein and extend coverage to more devices on the corporate network, including those in non-802.1x environments. Mutual customers will be able to deploy the integrated offering without any changes to their networks.

Guardium

Guardium, the database security company, delivers a scalable platform that both protects databases in real-time and automates the entire compliance auditing process, with a blue-chip customer base that spans all major geographies and industries.

Guardium develops enterprise solutions for database activity monitoring, security and compliance. Integration with McAfee ePO will enable customers to centrally manage Guardium's security and auditing controls across the enterprise.

Guidance Software

Guidance Software, maker of EnCase®, addresses the full spectrum of digital investigations—ranging from internal investigations, audit and compliance, electronic discovery for litigation support and incident response. Upon successful validation testing with McAfee's ePO product, commercial and government organizations worldwide can be assured that our solutions are compatible and security management is simplified.

HBGary

HBGary specializes in developing advanced computer analysis tools to detect, diagnose, and respond to computer intrusions and other cybercrime activities. HBGary's flagship product, Responder, performs post-exploitation forensics with dynamic analysis of malware and live running software.

Through this partnership, McAfee customers will be able to use ePO to deploy Responder on demand, scan physical memory for malicious and unauthorized code, and report results to McAfee ePO for optimal corrective action.

High Tower

High Tower’s new line of Cinxi™ Security Information and Event Management (SIEM) appliances was developed to address the rapidly growing need for advanced network defense intelligence and comprehensive log management tools that improve network security and satisfy the growing number of regulatory compliance requirements. When combined with the powerful information provided by McAfee enterprise products such as ePolicy Orchestrator, IntruShield, and Foundstone, Cinxi appliances deliver comprehensive real-time situational awareness for security threats, as well as a robust platform for managing logs and reporting for regulatory compliance requirements.

Intellitactics

Intellitactics provides enterprise security information and event management software and appliances used by security analysts, operations, and risk officers to achieve cost-effective log management for regulatory compliance; mitigate risk by automating security operations; and accelerate incident resolution to ensure the availability of critical business services. Intellitactics plans to enhance the existing integration with McAfee ePO so that joint customers can uncover and use hidden information stored in log data to accelerate investigation and response to security issues that threaten security and regulatory compliance.

LogLogic

LogLogic® provides an enterprise-class platform for collecting, storing, reporting and alerting on 100% of IT log data from virtually any source. LogLogic systems address the compliance, operations and risk mitigation needs of the most demanding Global Enterprises. LogLogic's innovations include creating the world's first search engine for fast-moving IT log data and Compliance Suites that automate using log data to enforce critical controls and regulations.

LogLogic intends to provide bi-lateral integration between its open log management and intelligence platform and McAfee ePO.  LogLogic's integrated analysis applications for compliance, security, and operational excellence will be able to leverage information provided by McAfee ePO and will in turn enhance McAfee ePO analytics with information about user and system behavior.

LogRhythm

LogRhythm is a market leader in enterprise-class log and security information and event management (SIEM) that helps organizations simplify compliance, secure their assets, and optimize IT Operations. LogRhythm aggregates, correlates, and archives data from a large number of endpoints and network devices, including logs and events from a range of McAfee's products.

LogRhythm's incident detection now drives automated alerting to ePO, enabling faster remediation and policy enforcement through McAfee's broad portfolio of security offerings. Alerts appear in ePO Actionable Reports to facilitate corrective actions, such as starting a compliance check using Policy Auditor, running a virus scan with VirusScan Enterprise, pushing out new signature sets or patches, enhancing endpoint protection with Host Intrusion Prevention System (HIPS), updating security policies, and more. Read the solution brief  for more details.

McAfee Compatible solution: LogRhythm 4.0 and McAfee ePO 4.0 Server.

NitroSecurity

NitroSecurity, Inc. provides real-time security information management (SIM) for edge-to-core protection and visibility. NitroView Enterprise Security Manager (ESM) combines log management, network analysis, and security information and event management (SIEM) into a single solution. By combining the real-time collection and analysis of network-and security-based information with real-time log analysis, NitroView ESM provides a unified, holistic approach to security management that is greater than the sum of its parts.

The integration of NitroView ESM with McAfee ePO will deliver actionable alerts to ePO, so that ePO administrators can adjust security counter measures in response to incidents.

Palamida

Palamida’s Vulnerability Reporting Solution (VRS) is detection and reporting software that discovers and identifies open source code inside internally developed enterprise applications and immediately reports on their published vulnerabilities. It allows users to further develop their security policies for open source use such as: 1) Identification of all open source in the code base; 2) Pinpointing its exact location within the code base; 3) Measuring third-party code dependence; and 4) Tracking associated vulnerabilities. The end result is a complete blueprint of all of the open source used across your code base. Based on this information, security teams can blacklist or whitelist components and monitor usage to review for associated open source security patch or release updates.

Palamida, is adding their open source vulnerability detection solution to the range of security services managed by McAfee ePO. The integration of IP Amplifier™ enables customers to extend the scope of their application security strategy to include open source components.

Q1 Labs

Q1 Labs, a network security management company, provides an integrated network security framework that converges typically silo'd network and security information in a single solution comprising log management, threat management and compliance management.

Q1 Labs will integrate McAfee ePO with its flagship product, QRadar, to deliver improved capability in the areas of log management, threat detection and compliance reporting.   This will help Q1 customers simplify operations, improve detection and mitigation of IT risk, and deliver security best practices required to meet existing and emerging regulations.

Raytheon Oakley

Raytheon Oakley Systems, part of Raytheon Company's Intelligence and Information Systems business, is a leader in insider risk management, developed by experts in law enforcement, defense, and digital forensics.

Raytheon Oakley Systems plans to integrate its SureView endpoint activity monitoring and incident investigations solution with McAfee ePO. SureView's ability to monitor the complete range of endpoint activities and provide DVR-like replay of any policy violation or malicious incident will complement and enhance both products' value to customers.

Secerno

Secerno offers a family of SQL database activity monitoring and database security solutions. These solutions maximize protection against internal and external threats, optimize compliance auditing, and help improve the efficiency and security of applications.

Secerno SQL's database activity monitoring and blocking appliances will send database security alerts to McAfee ePO for an integrated view of out-of-policy database activity, enabling ePO administrators to initiate countermeasures in context.

SecureLogix

SecureLogix Corporation enables secure, optimized and efficiently managed enterprise voice networks. The company’s ETM® (Enterprise Telephony Management) System hosts a suite of integrated telecom applications that protect critical network resources from telephony-based attack and abuse, simplifying voice network management, and optimizing resources to dramatically cut expenses.

The combination of McAfee’s ePO with the network-wide security, visibility and control that SecureLogix® Voice Security Solutions provide will give customers a true 360 degree security perimeter, delivering compliance, usage awareness and enforcement. Customers will save money and eliminate risk by correlating real time voice events with web based and messaging activities, giving them a true and fluid view of what is happening on their networks. Enterprises that are migrating to Unified Communications will benefit greatly from this combined visibility and enforcement.

SenSage

The SenSage solution for McAfee integrates SenSage’s powerful log data warehouse with McAfee’s products to provide comprehensive compliance reporting, and enable fast, accurate investigations and forensics. The integrated solution collects, stores and reports on massive volumes of log data from many McAfee products, including ePO and Intrushield. SenSage centralizes log data from McAfee products and virtually any system or application, allowing disparate sources to be analyzed and correlated. Reports and alerts can be presented directly within the ePO console.

Skybox Security

Skybox Security, Inc. provides automated risk assessment and compliance analysis software to global organizations. The company’s customer base includes organizations that have mission-critical global networks across a number of regulated markets including financial services, banking, insurance, pharmaceutical, retail, government, technology and telecommunications. With Skybox View, enterprises can accurately pinpoint and prioritize high areas of risk and compliance exposures in minutes versus weeks or months. By combining Skybox and McAfee ePO, customers can automate risk management and network security compliance processes through solutions that improve security while lowering compliance cost.

Still Secure

StillSecure specializes in commercial and open source secure network infrastructure solutions. Products include network access control (NAC), intrusion detection/prevention (IDS/IPS), vulnerability management and a unified networking/security platform. By converging networking and security, StillSecure provides innovative, intuitive and affordable solutions to operate secure networks.

StillSecure will integrate Safe Access, the company’s NAC product, with ePolicy Orchestrator to provide organizations with a complete solution for network- and host-based NAC. Through the integration, Safe Access will provide additional enforcement options for McAfee NAC customers, and provide access control for unmanaged devices that don’t have the ePolicy Orchestrator agent installed.

TriGeo

TriGeo Network Security delivers enterprise security information and event management (SIEM) designed specifically for monitoring and compliance needs of medium enterprises. By combining real-time log management and event correlation, TriGeo delivers advanced network visibility and real-time notification through its appliance-based product.

As part of the McAfee SIA program, TriGeo will send qualified security alerts to ePO and help bridge the gap between their security monitoring and McAfee ePO's incident response.

Voltage Security Inc.

Voltage Security Inc., a leader in information encryption, complements device encryption by persistently protecting information wherever it goes - email, documents, and customer data in databases.

Voltage key management solutions will integrate with ePolicy Orchestrator's robust policy management capabilities to deliver centralized control and key management across this broad range of information encryption use cases.