McAfee and Demisto integration features:

  • Ingest and triage alert data from McAfee ESM into Demisto Enterprise
  • Trigger specific playbooks in Demisto to gather more information about ESM alerts and to respond to these alerts
  • Trigger Demisto playbooks to run and check security policy actions from McAfee ePO
  • Triage and map alerts as incidents from McAfee Enterprise Security Manager
  • Enrich incident data like IP, hashes, filenames, and URLs using McAfee Threat Intelligence Defense
  • Detonate unknown samples using McAfee Advanced Threat Exchange
  • Respond by orchestrating changed security policies using McAfee ePolicy Orchestrator and McAfee Active Response
Download the solution brief to learn more.

Download Solution Brief