Senior Information Security Manager at a real estate/law firm with 10,001+ employees
Real User
Top 5
2024-08-19T03:02:59Z
Aug 19, 2024
I use Trellix ESM to monitor inbound communication from known threat hosts and detect cyberattacks. It's also useful for outbound communication, but we block threat communication via a firewall.
In my company, we don't use Trellix ESM in our environment because we are a small company, but we have implemented it for our customers. My company's customers use Trellix ESM to monitor and report on servers in their environment. My company's customers also have some of the virtual machines in their environment, along with firewalls integrated into Trellix ESM.
Senior Information Security Manager at a real estate/law firm with 10,001+ employees
Real User
Top 5
2022-09-29T15:13:00Z
Sep 29, 2022
The primary use case of the solution is central log management for the company. It allows us to see all the traffic coming in and going out to and from the internet. It provides various views from the firewall and web application firewall and event logs from the endpoint. The command view will tell us the current status of the threats from various threat sources. While the normalized view will give us correlated events from sources to destinations and related applications.
VP Cyber Security & IT at a computer software company with 1,001-5,000 employees
Real User
2021-02-19T15:47:06Z
Feb 19, 2021
I work with an integration company and implement tools such as McAfee ESM. We are an MSSP for a lot of clients. We gather their logs, correlate them, create rules, and assume the role of their SOC. We have skilled operators 24/7 who take care of these clients.
Information Security Engineer at a financial services firm with 51-200 employees
Real User
2020-06-25T10:49:15Z
Jun 25, 2020
We are a service provider and we implement it for our customers, as well as use it internally. This is a SIEM product that makes up part of our overall security solution.
Cyber Security Consultant at a computer software company with 51-200 employees
Consultant
2019-08-08T07:02:00Z
Aug 8, 2019
We use this solution to provide managed security services. We use loggers at the client site to generate logs for monitoring their devices. We handle the monitoring, administration, and troubleshooting of their endpoints. For some customers, we manage everything, while for other customers we only monitor their critical devices. We are using an on-premises deployment model.
Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.
I use Trellix ESM to monitor inbound communication from known threat hosts and detect cyberattacks. It's also useful for outbound communication, but we block threat communication via a firewall.
In my company, we don't use Trellix ESM in our environment because we are a small company, but we have implemented it for our customers. My company's customers use Trellix ESM to monitor and report on servers in their environment. My company's customers also have some of the virtual machines in their environment, along with firewalls integrated into Trellix ESM.
We use McAfee for security features.
McAfee ESM is utilized to gather logs from Microsoft Windows servers and Palo Alto firewalls.
The primary use case of the solution is central log management for the company. It allows us to see all the traffic coming in and going out to and from the internet. It provides various views from the firewall and web application firewall and event logs from the endpoint. The command view will tell us the current status of the threats from various threat sources. While the normalized view will give us correlated events from sources to destinations and related applications.
McAfee ESM is used for my customers in the financial sector.
We use this solution for correlation, alerting, and log management. We are integrators.
We are using this solution primarily for SIEM logs.
We use it for malware detection and authentication or login failures.
We implement it in our hospital applications.
I work with an integration company and implement tools such as McAfee ESM. We are an MSSP for a lot of clients. We gather their logs, correlate them, create rules, and assume the role of their SOC. We have skilled operators 24/7 who take care of these clients.
We are using the solution for log analyzing endpoints and investigating all types of applications, files or network devices login collection.
We use McAfee ESM for IT operations and a few security-related things.
We are a service provider and we implement it for our customers, as well as use it internally. This is a SIEM product that makes up part of our overall security solution.
We use this solution to provide managed security services. We use loggers at the client site to generate logs for monitoring their devices. We handle the monitoring, administration, and troubleshooting of their endpoints. For some customers, we manage everything, while for other customers we only monitor their critical devices. We are using an on-premises deployment model.
We use this solution to monitor everything in our hybrid-cloud environment. This includes IoT devices and a couple of data centers.
My primary use case for this solution is to secure the data on my laptop.
As a bank, we have different cases use cases that are typical for the industry.
It has performed well and delivered the results that I have been looking for.