IT Central Station is now PeerSpot: Here's why

McAfee Global Threat Intelligence OverviewUNIXBusinessApplication

Buyer's Guide

Download the Threat Intelligence Platforms Buyer's Guide including reviews and more. Updated: June 2022

What is McAfee Global Threat Intelligence?

Based on activity from millions of sensors world-wide and an extensive research team, McAfee Labs publishes timely, relevant threat activity via McAfee Global Threat Intelligence (GTI). This always-on, cloud-based threat intelligence service enables accurate protection against known and fast-emerging threats by providing threat determination and contextual reputation metrics. McAfee GTI integrates directly with our security products, instantly protecting against emerging threats to reduce operational efforts and time between detection and containment.

McAfee Global Threat Intelligence Video

McAfee Global Threat Intelligence Pricing Advice

What users are saying about McAfee Global Threat Intelligence pricing:
"The cost is affordable and it also depends on the usage of the toolset."

McAfee Global Threat Intelligence Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
reviewer1285209 - PeerSpot reviewer
Tech Lead at a tech services company with 1,001-5,000 employees
Real User
Top 5Leaderboard
Informative dashboards and integrates well with other products, but it needs artificial intelligence for more advanced threat detection
Pros and Cons
  • "All of the feeds can be enriched by using the predefined content pack, which can be deployed and used by SOC operations, threat hunting teams, and engineering teams."
  • "The analytics and big data platform integration can be improved to provide better visibility of past data to look for existing threats or missed threats."

What is our primary use case?

Presently, I am using the Threat Intel solution for reputation checks in our daily SOC operations and threat hunting. We also use it for our alert detection and rule development in our SIEM solution. This can also be used for real-time suspicious threat detection. We use the technology for static threat hunting and looking for suspicious activities around the infrastructure. SOC Operations use the dashboards to look for active threats to present security posture to our client on a daily, weekly, and monthly basis.

How has it helped my organization?

The product has an Intel repository and it can be used for other platform integration, such as SIEM and SOAR solutions. McAfee GTI file reputation McAfee GTI web reputation McAfee GTI web categorization McAfee GTI network connection reputation McAfee GTI certificate reputation We can develop it by bringing it into other use cases, integrating it with analytics and big data. We are planning to implement a predictive security solution for future threats. It can also bring in more refined and defined threat intel feeds.

What is most valuable?

All of the feeds can be enriched by using the predefined content pack, which can be deployed and used by SOC operations, threat hunting teams, and engineering teams. All of the watchlists are predefined and available in the console, with data populated on dashboards. The feed database is synchronized frequently to keep the database in SIEM up-to-date. It has the best integration with McAfee ESM and can match well with all of the rules developed in McAfee. The threat intel feeds can be directly called in McAfee ESM Content development such as rules, dashboards, and reports.

What needs improvement?

The product can be developed by bringing in AI and ML-based logic to learn from external emerging threats. This would help to keep the feeds real-time and secure the client's environment. Furthermore, it should use automation to notify customers or remediate the environment. The analytics and big data platform integration can be improved to provide better visibility of past data to look for existing threats or missed threats. It will be better able to predict future threats and be resilient against new threats, risks, or attacks. A cloud-based solution can be bought in to look for wider issues in external users or technologies.
Buyer's Guide
Threat Intelligence Platforms
June 2022
Find out what your peers are saying about McAfee, Flashpoint, Recorded Future and others in Threat Intelligence Platforms. Updated: June 2022.
609,272 professionals have used our research since 2012.

For how long have I used the solution?

I have been using McAfee Global Threat Intelligence for the past year and a half, where it is connected to one of my customer environments.

Which solution did I use previously and why did I switch?

I am presently assessing multiple threat intel products and I feel that the McAfee GTI solution has good feeds and can be well developed.

What's my experience with pricing, setup cost, and licensing?

The cost is affordable and it also depends on the usage of the toolset.

Which other solutions did I evaluate?

I did not evaluate other products beforehand, as the client had the solution readily available.

What other advice do I have?

My advice for anybody who is considering this product is to assess and look at the tool. After this, you can decide on using it.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Threat Intelligence Platforms Report and find out what your peers are saying about McAfee, Flashpoint, Recorded Future, and more!
Updated: June 2022
Buyer's Guide
Download our free Threat Intelligence Platforms Report and find out what your peers are saying about McAfee, Flashpoint, Recorded Future, and more!