michaeljohngoff
IS-IT--Management
I work in a educational environment and we use McAfee ePo 4.5 to monitor security on the network.
My head of systems has charged me with optimizing ePO 4.5 so that the queries we receive can be glanced at and remedied in 5 minutes or so.
At the moment i have setup queries for VSE threats by user / host / threat name and they get emailed in PDF format to my inbox for review.
The trouble is that the PDF is 50 - 100 pages long and contains minor security threats and take to long to review.
Im not entirely sure what i should be looking out for as to 'what' a critical security breach is.
any help configuring alerts with query builder or sql database and outputting it in a optimized way would be most appreciated.
thanks in advance,
Michael
My head of systems has charged me with optimizing ePO 4.5 so that the queries we receive can be glanced at and remedied in 5 minutes or so.
At the moment i have setup queries for VSE threats by user / host / threat name and they get emailed in PDF format to my inbox for review.
The trouble is that the PDF is 50 - 100 pages long and contains minor security threats and take to long to review.
Im not entirely sure what i should be looking out for as to 'what' a critical security breach is.
any help configuring alerts with query builder or sql database and outputting it in a optimized way would be most appreciated.
thanks in advance,
Michael
