cancel
Showing results for 
Search instead for 
Did you mean: 

MVM 7.0 and SIEM exchange information

Does MVM 7.0 have the option to automatically send information to a SIEM solution such as scan results, generated tickets, etc?

Can you give me any guidelines on how to do it?

Regards,

JR

6 Replies
cgrim
Level 13
Report Inappropriate Content
Message 2 of 7

Re: MVM 7.0 and SIEM exchange information

Hi JR,

I've not heard of it - not to say it can't be done.  If it can be done with SNMP traps  then yes, otherwise it would likely be a Professional Services engagement.

it might be on the road-map, or you can submit it as a Product Enhancement Request.  Click on the Submit Feature Request button here:

https://community.mcafee.com/groups/mvm-news

Thanks!
Cathy

Re: MVM 7.0 and SIEM exchange information

thanks Cathy!

Re: MVM 7.0 and SIEM exchange information

Hi,

With MVM and SIEM, the config would be a pull rather than pushing events to the SIEM product. I know that both Arcsight and Q1 Labs Qradar support MVM and connect to the foundstone database to pull out vulnerability information about assets.

Re: MVM 7.0 and SIEM exchange information

Thanks Moniker. I think it is as what you said.

ajacobs
Level 12
Report Inappropriate Content
Message 6 of 7

Re: MVM 7.0 and SIEM exchange information

We've launched a new SIEM community here: https://community.mcafee.com/community/business/siem

Re: MVM 7.0 and SIEM exchange information

Symantec SIM (Security Information Manager) also supports pulling events from MVM 7.0

More McAfee Tools to Help You
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • Visit: Business Service Portal
  • More: Search Knowledge Articles
  • ePolicy Orchestrator Support

    • Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center