Thanks, but I already read the guide, and I still not quite sure how will this benefit our company
2 of 2 people found this helpful
Why will it not benefit when it's made to thwart most of the advanced persistent threats and block zero day attacks. Active response along with TIE is harcoded with great intelligence to monitor your environment.
McAfee Active Response discovers, detects, and responds to previously unseen threats. Active Response offers real-time visibility of endpoint data and immediate operation on endpoint systems. Out of the box, Active Response provides built-in data collectors, triggers, and reactions to get started right away. Also, incident responders can easily introduce custom content for specific usage. These powerful features increase system management capabilities while reducing time and cost, and will ensure that your organization will be able to discover, detect, and respond in a far more efficient manner than before.
Use Active Response to look for incidents. Its search and data collectors produce actionable information by exploring data.
- Discover weaknesses in your network endpoints.
- Prepare for planned protection activities.
- Identify data flows and patterns.
- Learn what to include in security policies.
Detect Use Active Response to detect threats when systems are compromised. Its triggers and reactions catch threatening events on the spot, and react immediately.
- Monitor the network for your custom indicators of compromise.
- Catch known threats automatically, and react accordingly.
- Assess needs for data protection based on ongoing data flow.
Respond Use Active Response to stop threats when they are detected. You can take immediate action on affected endpoints.
- Contain compromising events by acting on endpoints remotely.
- Minimize impact by automatically reacting to detected threats.
- Build code to run on compromised systems
"Why will it not benefit when it's made to thwart most of the advanced persistent threats and block zero day attacks. Active response along with TIE is harcoded with great intelligence to monitor your environment." - this is the kind of response i've needed, with this I need a TIE for Active response to be used properly. Therefore my present ePO alone cannot used Active response without (DXL,TIE, Cloud Storage and Endpoint Security) products right?
Yeah, You got it right. You would need to integrate the same.
1 of 1 people found this helpful
Nice thank you I've got what I needed