ESG Validation

The Challenges

As organizations of all sizes embrace digital transformation and the shift to modern cloud architectures, their IT infrastructure is both growing and becoming more complex. Indeed, two-thirds (68%) of respondents to an ESG research survey said that their IT environment had become more complex in the last two years.¹

Complex infrastructures have large attack surface areas, necessitating a variety of cybersecurity tools and techniques to protect them against ever-increasing volumes and sophistication of attacks. However, cybersecurity teams report numerous challenges managing an assortment of security products from different vendors, such as the inefficiencies created by having separate management and operations for each tool, cited by 27% of ESG research respondents as a challenge, or different tools for various parts of the IT infrastructure (24%), or the number of security tools making operations complex and time consuming (22%)

Introduction

This ESG Lab Validation report documents hands-on testing of the McAfee next-generation SIEM solution. ESG Lab focused on the McAfee Enterprise Security Manager (ESM), the core product of McAfee’s end-to-end solution for addressing comprehensive threat detection and remediation. Testing was designed to explore how the solution accurately detects advanced threats using a layered approach, the speed and effectiveness of responding to an attack, and the operational efficiencies of this integrated solution.

Abstract

This report provides a first look at the key benefits of integrating ForeScout CounterACT with IBM BigFix endpoint management and security solution. ESG Lab focused on how the ForeScout Extended Modules can combine ForeScout’s endpoint insight, classification, and control capabilities with IBM BigFix. This integration is designed to discover and classify users and devices, verify the presence and operation of BigFix Agents, enforce compliance, and take automated host or network actions when needed.

Abstract

This ESG Lab Review documents hands-on testing of Acalvio ShadowPlex autonomous deception. We focused on how easy it is to deploy ShadowPlex at scale, and how Acalvio’s deception technology provides high-fidelity low-volume breach detection.

Introduction

ESG Lab evaluated the Forcepoint Cloud Access Security Broker (CASB) to validate how it secures the use of any cloud applications across an organization’s users and endpoints. We tested how the Forcepoint CASB provides visibility into an organization’s cloud applications and its users, identifies and assesses the potential risks associated with the cloud applications, and automates threat prevention and policy enforcement.

Abstract

This report provides a first look at the key benefits of ForeScout’s bidirectional integration with Splunk Enterprise and Splunk Enterprise Security (ES), with a focus on how the ForeScout Extended Module can combine ForeScout’s endpoint insight, access control, and automated response capabilities with Splunk’s correlation, analysis, and search features. This integration provides visibility into and control of managed and unmanaged endpoints while helping security teams better understand their security risk posture and respond quickly to mitigate security issues.

Abstract

This report provides a first look at the key benefits of ForeScout CounterACT’s integration with Palo Alto Networks next-generation firewall (NGFW) and Palo Alto Networks WildFire threat analysis service. ESG Lab focused on how the ForeScout Extended Modules can combine ForeScout’s endpoint insight, classification, and control capabilities with Palo Alto Networks’ NGFW traffic classification, fine-grained security policies, and WildFire multilayered, cloud-delivered, advanced threat analysis security service. This integration is designed to provide more than just visibility into and classification of users and devices; it shares endpoint properties and labels to enhance dynamic segmentation, provides real-time user identity and context information in support of Palo Alto Networks’ fine-grained security policies and enforcements, and detects known and unknown advanced threats and prevents them from laterally spreading.

Abstract

This ESG Lab review documents hands-on testing of the Exabeam Security Intelligence Platform, Exabeam’s entry in the security information and event management (SIEM) market. We focus on how Exabeam’s Log Management System, Advanced Analytics, and Incident Responder empower security operations center (SOC) and incident response (IR) analysts to be more timely and effective in responding to threats and attacks. Exabeam positions these products collectively as a next-generation SIEM.