Products: Governance, Risk & Compliance


	McAfee Vulnerability Manager Evaluate 100 percent of your network 100 percent of the time When scanning for vulnerabilities, coverage counts. The McAfee® Vulnerability Manager solution delivers unrivaled scalability that canvasses everything your network can serve up. If it has an IP address or URL, the McAfee Vulnerability Manager solution can discover and assess it. In addition, more than 400 researchers and millions of sensors around the globe deliver continuous vulnerability and threat research to protect you ahead of new or evolving threats. Guard your business with the industry’s most flexible, proven, and scalable solution—comprehensive vulnerability management made simple. Thousands of organizations rely on the McAfee Vulnerability Manager solution to quickly find and fix vulnerabilities, from organizations with a few hundred nodes to one continuously scanning over four million IPs. The McAfee Vulnerability Manager solution sets the market standard by working with the realities that define your business, canvassing all types of network and asset configurations. It can scan nonstop or exactly when and where you need it, allowing you to automatically discover, assess, remediate, and report on all your assets. Easy to Implement—In Your World Precision Coverage—Made Convenient Unrivaled Detection of Vulnerablities— And Malware Too High Performance, Manageable—And Open Too Find and Fix Fast—With Less Stress McAfee Risk Advisor Take the guesswork out of where to focus your security efforts Organizations often deploy several security point products to try to stay ahead of constantly surfacing or evolving threats. However, even with all this deployed technology, it’s far too common for security and IT staff to be sitting in a war room when an out of band critical patch is released trying to answer this question: “Do we need to shut down our business and roll out this patch?” McAfee® Risk Advisor proactively combines threat, vulnerability, and countermeasure information to pinpoint those assets that are truly at risk. It takes the guesswork out of when and where to focus your security efforts—saving you time and money. Eliminate the Guesswork: An industry first, McAfee Risk Advisor delivers risk metrics and analytics to take the guesswork out of where to direct your security efforts. A Consolidated View: The Risk Advisor threat feed viewer provides up-to-the-minute information about new and updated threats from thousands of vendor and industry collection points. Risk Summary: In addition to countermeasure correlation, McAfee Risk Advisor’s integration with vulnerability assess- ment tools and the McAfee ePO console enables you to chart your vulnerability profile to pinpoint where to focus your security efforts. The graph generated concisely reflects where and how your assets are at risk. The simple Boolean chart renders an “At Risk” and “Not at Risk” summary. Risk Score: An industry first, the McAfee Risk Advisor risk score delivers a quantifiable measurement for evaluating risk mitigation efforts. The risk score unifies vulnerability/threat status, asset criticality, and countermeasure protection available for specific threat to quantify the risk of a threat on an asset. Patch Optimization: With McAfee Risk Advisor, organizations are able to optimize and reduce patching cycles, as well as articulate an appropriate response for out-of- band,criticalpatches.Withthepatchprioritization report, administrators are able to establish patch- ing priorities and workflow by seeing threats and available patches. Reporting: Simplified, top-down reporting lets you drill down quickly to see where you need to focus your remediation efforts. Starting from a consolidated dashboard, you can view granular and concise information about a threat. Always Up To Date: To keep your organization current, McAfee Risk Advisor receives threat updates from our world- class research organization, McAfee LabsTM. Our enterprise-class threat feed delivers concise, meaningful, up-to-the-minute data on threats as they materialize from our network of millions of data collection points. This data is leveraged by McAfee Risk Advisor to quickly and accurately reflect those critical assets that are both at risk and vulnerable to threats.


	Governance, Risk & Compliance McAfee GRC solutions help you understand your risk and apply the right protections in the right places. We use integration and automation to improve visibility, reduce exposure, and cut the cost of compliance. Optimized solutions from McAfee can streamline risk assessment, prioritization, vulnerability management, policy lifecycle management, monitoring, and audit reporting. With less effort and expense, you gain continuous compliance. And only McAfee lets you enforce policies end-to-end with dynamic whitelisting and application trust technology, plus anti-virus, anti-spyware, host intrusion prevention, policy auditing, and firewall technologies. McAfee Policy Auditor Software Integration plus innovation equals compliance efficiency Lower the cost of validating compliance with advanced IT security auditing software. McAfee® Policy Auditor software offers an optimized approach. Integration and innovation produce real ROI and significant productivity gain while making audits painless and less expensive. Prove Compliance with Key Industry Mandates Cut Management Effort with McAfee ePolicy Orchestrator® Software Integration Seamless integration with McAfee ePolicy Orchestrator® (McAfee ePOTM) software eases agent deployment, Unified Policy Audits Reduce Time to Compliance Use Scripting to Extend McAfee Policy Auditor Software Check Capabilities Meet the New Standard in Compliance Validation: SCAP Import and Adapt Industry Benchmarks in Minutes Ensure Up-to-Date Data and Reduce Disruptions Align Business and Audit Processes Simplify Trouble Ticketing Continuous Compliance Through McAfee Change Control Software PCI Compliance for Data Security Standards (DSS) Optimize your security posture and prove PCI compliance through a layered security model McAfee’s PCI solutions help you optimize your security posture while proving PCI compliance through a layered security model that mitigates vulnerabilities and reduces the likelihood of data loss or theft. Delivering more than just security technology, we speed PCI assessments and simplify required processes, including mandatory scans and reports. Our PCI solutions employ McAfee ePolicy Orchestrator (ePO), the centralized security management platform that expedites processes from installation to reporting. McAfee ePO helps you automate otherwise manual processes, reduce administrative overhead, and significantly cut costs. Key Benefits Make compliance easier with fewer vendors to manage—Access the industry's broadest coverage across technical and policy requirements, consolidating endpoint, network, and cloud-based controls and making it easier to comply with PCI DSS. Tap the McAfee Security Innovation Alliance ecosystem for extended coverage. Consolidate your view across IT controls—Work from a single McAfee ePolicy Orchestrator (ePO) management platform to gain visibility across IT controls and PCI requirements—and reduce the headaches, expense, and delays associated with separate products. Save time and enhance accuracy with automated tasks—Avoid time-consuming ad hoc processes and eliminate errors with our automated scanning, audits, remediation, enforcement, and reporting. Enjoy simplified, centralized compliance reporting—Improve data gathering and reporting for PCI compliance with standardized templates that compile data across agent-based and agentless systems for a complete picture. Customize reports to suit executives and auditors. Control critical field systems—Lock down configurations and usage options to ensure system and data integrity on point-of-sale systems and payment servers. Count on McAfee for accredited assessments—Leverage our status as a certified Qualified Security Assessor (QSA) and Approved Scanning Vendor (ASV) for a measured approach to compliance that helps you understand and prioritize your information risks. Save time and trouble with streamlined policy definitions—Automate the mapping of IT controls to PCI DSS with industry-leading policy templates.