In part 2 of our SOAPA video, Jason Rolleston, Vice President of product marketing for security operations products at McAfee, and I chatted about:
- Security analytics and operations. Analytics and operations are foundational elements of SOAPA, so I asked Jason to tell me about McAfee’s strategy in each area. Rolleston points out that there is more security data than ever, so finding the signals within the noise is more difficult than ever. McAfee is moving beyond event correlation for security analytics, putting a lot of resources into machine learning for anomaly detection. McAfee believes it has an advantage by applying machine learning across technologies. On the operations side, McAfee wants to help analysts take more effective and efficient actions, so it is investing in automation capabilities with Investigator, Active Response, Sandboxing, etc.
- Advanced prevention. I pointed out to Jason that enterprise companies are asking for advanced prevention capabilities that help them decrease their attack surface. McAfee plays in this area by using risk scoring to help organizations drive different security postures with endpoint security, DLP controls, and cloud security, amongst others. Once again, McAfee believes its wide-angle view gives it a lead over others.
- Since most organizations have heterogeneous security tools, there is a high demand for open security platforms. Jason agreed and mentioned that McAfee realized several years ago that it would never become all things to all people and divested in areas where it couldn’t become a market leader. McAfee now wants to be known as the ‘device to cloud’ security company and uses technologies like its data exchange layer (DXL) to tie everything together. McAfee is also active with its Security Innovation Alliance (SIA) partners like Cisco and IBM to support its customers’ heterogeneous needs.
- The future of SOAPA. Jason believes that the future of SOAPA will include new types of UIs for visual analytics that further empower SOC teams. He also thinks that the industry must do more around knowledge sharing to make analysts aware of changing tactics and cross-organization best practices.
Many thanks to Jason Rolleston and McAfee for participating in the ESG SOAPA video series. More soon!