McAfee and RSA partner for compliance and risk management solution

McAfee and RSA announced a new joint solution which integrates security data from the McAfee ePolicy Orchestrator platform (McAfee ePO) with business infrastructure and compliance data in the RSA Archer eGRC Platform and the RSA Archer Enterprise Management solution.

“The McAfee and RSA solution provides greater visibility into the state of security and compliance across the enterprise infrastructure and enables a more comprehensive understanding of the business’ risk and compliance posture,” said Dave Anderson, senior director of Security Management at McAfee. “The integration allows organizations to utilize McAfee security management products to manage system level security while also incorporating data and findings from those products into their risk and compliance management processes within the RSA Archer eGRC Platform.”

McAfee and RSA are delivering on a technology partnership announced earlier this year. The two industry leaders now offer integrated solutions designed to help customers address complex security challenges, lower risk, improve compliance, and ensure data security across the IT infrastructure.

RSA Archer Enterprise Management is engineered to provide a central repository of information on enterprise’s business hierarchy and operational infrastructure. This web-based solution allows enterprises to develop an aggregate view of organizational divisions, determine the criticality of supporting technologies, and use that information in the context of eGRC processes.

McAfee ePO enables organizations to centrally manage their enterprise security posture through an open framework that unifies security management for systems, applications, networks, data, and compliance solutions.

The integrated solution includes the following capabilities:

• The integration can populate the devices application within RSA Archer with systems in the infrastructure being managed by McAfee ePO. This ongoing synchronization helps ensure that device/platform level information is consistent between GRC processes and IT operations.
• Within the Devices application in the RSA Archer eGRC platform, customers can gain visibility into ownership and relationship to business processes and applications for a better understanding of the criticality of the issues captured from ePO and the appropriate accountability to ensure proper and timely response.
• McAfee VirusScan Enterprise software, McAfee Host Intrusion Prevention, McAfee Vulnerability Manager, McAfee Policy Auditor and McAfee Risk Advisor products all provide additional device level information within McAfee ePolicy Orchestrator software to better define the current device level security within RSA Archer. Each product adds additional reporting data as well as insight into the current state of security within the infrastructure.
• Risk and compliance calculations and reporting can be based on the data coming from McAfee Risk Advisor and improve overall visibility of the current security risk and holistic visibility of how that device’s security risk impacts overall business performance.