enterprisesecuritymag

McAfee: Tilting the Endpoint Security Battlefield

Follow McAfee on :

Chris Young, CEO, McAfeeChris Young, CEO
In digital combat, cybercriminals benefit from the success of others. Successful breaches provide the motivation and resources for further attacks, whether for financial gain, economic disruption, or corporate intelligence. Organizations of all sizes are at risk from nation-states, hacktivists, organized crime, and malicious and accidental insider threats. The knowledge and capabilities gap between attackers and defenders is mandating fundamental changes to endpoint defences, cybersecurity’s frontline. “The reason we see exponential growth in the complexity of the attack landscape is because there are force multipliers at work,” Chris Young, the CEO of McAfee. To overcome the attacker advantage, endpoint defences need to collaborate with each other and with other security technologies to quickly detect, analyze, block, and contain attacks in progress. Leading the way is McAfee. The company’s Endpoint Security enables customers to respond to and manage the threat defence lifecycle and provides a collaborative, extensible framework to reduce the complexity of conventional multivendor endpoint security environments. “McAfee is the only company now that is empowering organisations to holistically manage security capabilities from device to cloud, and we are doing it all from within the cloud,” sates Young.

McAfee’s Endpoint Security framework provides administrators with visibility into advanced threats to speed detection and remediation response times. Global threat intelligence and real-time local event intelligence are shared between endpoints to further aid in rapid detection and response, while management is kept simple through a true centralized console and easy-to-read dashboards and reports. The framework is built for real-time communication between threat defences. Events and threat insights are shared with multiple technologies to take immediate actions against suspicious applications, downloads, websites, and files.
Redundancies caused by multiple point products or defences can be found and removed, while a common endpoint architecture integrates several layers of protection to allow threat insights to be shared for faster convictions and analysis.

McAfee is the only company now that is empowering organisations to holistically manage security capabilities from device to cloud, and we are doing it all from within the cloud

Additional advanced threat defences, like Dynamic Application Containment (DAC), are also available as part of the integrated McAfee Endpoint Security framework to help organizations defend against the very latest advanced threats. For example, DAC will analyze and take action against greyware and other emerging malware, containing them to prevent infection. Another available technology for advanced threat is Real Protect, which uses machine-learning behaviour classification to detect zero-day malware and improve detection. The signature-less classification is performed in the cloud and maintains a small client footprint while providing near real-time detection. Actionable insights are delivered and can be used to create indicators of attack and indicators of compromise. This can be particularly useful for lateral movement detection, patient-zero discovery, threat actor attribution, forensic investigations, and remediation. Real Protect also speeds future analysis by automatically evolving behaviour classification to identify behaviours and adding rules to identify future attacks that are similar using both static and runtime features. Lastly, to immediately prevent infection and reduce the time required for IT security administrators, the client repairs the endpoint following a conviction to the last known good state.

Looking to the future, Young said McAfee is setting its sights on providing unique insights into what is happening in any IT environment b ased on advanced analytics on data gathered from nearly a billion sensors deployed on consumer devices, within enterprises worldwide and across cloud environments. “We believe that for all the convergence that is happening, it is time to harness that to give you unique insights, and it is the next phase of our journey,” he concludes.
Share this Article:

Company
McAfee

Headquarters
Santa Clara, CA

Management
Chris Young, CEO

Description
McAfee enable customers to respond to and manage the threat defence lifecycle and provides a collaborative, extensible framework to reduce the complexity of conventional multivendor endpoint security environments. The company’s Endpoint Security framework provides administrators with visibility into advanced threats to speed detection and remediation response times. Global threat intelligence and real-time local event intelligence are shared between endpoints to further aid in rapid detection and response, while management is kept simple through a true centralized console and easy-to-read dashboards and reports. The framework is built for real-time communication between threat defences

McAfee News

McAfee to Acquire NanoSec to Enhance its Market-Leading Capabilities in Cloud Security

SANTA CLARA, Calif: McAfee, the device-to-cloud cybersecurity company, announced the acquisition of NanoSec, a multi-cloud, zero-trust application and security platform. The acquisition will enable organizations to improve governance and compliance and to reduce risk of their cloud and container deployments.

Organizations are increasingly looking to adopt container technologies to help modernize legacy applications and create new cloud-native applications that are scalable and agile. Gartner predicts that “by 2022, more than 75% of global organizations will be running containerized applications in production, which is a significant increase from fewer than 30% today.”1 Gartner recommends the following security and governance best practice, “security can’t be an afterthought. It needs to be embedded in the DevOps process, which Gartner refers to as ‘DevSecOps’. Organizations need to plan for securing the containerized environment across the entire life cycle, which includes the build and development process, deployment and run phase of an application.”1

The acquisition of NanoSec will strengthen the container security capabilities of McAfee MVISION Cloud and MVISION Server Protection products, giving its customers the ability to speed up application delivery while enhancing governance, compliance and security of their hybrid, multi-cloud deployments. NanoSec’s security capabilities will be applied to applications and workloads deployed in containers and Kubernetes and will be integrated into McAfee MVISION Cloud and MVISION Server Protection offerings. These capabilities include continuous configuration compliance and vulnerability assessment as well as runtime application-level segmentation for detecting and preventing lateral movement of threats.

“McAfee’s focus and innovation have allowed it to deliver industry-leading cloud security capabilities to help our customers securely leverage the cloud to accelerate their business,” said Rajiv Gupta, senior vice president and general manager of the cloud security business unit, McAfee. “NanoSec’s technology is a natural extension for McAfee MVISION Cloud, enhancing our current CASB and CWPP products, and adding to our ‘Shift-Left’ capabilities to deliver on the DevSecOps best practice to improve governance and security. NanoSec’s team brings a wealth of experience to McAfee, and together we are committed to enabling organizations to reach their full cloud potential.”

“Joining forces with McAfee means that our groundbreaking capabilities including our unique application-identity based approach for app-level protection and micro-segmentation will be available on a global scale,” said Vishwas Manral, founder and CEO of NanoSec. “McAfee has demonstrated not only its leadership in cloud security, but its desire to continually innovate and deliver new capabilities that reshape how organizations can operate workloads and applications safely in the cloud. It felt like a natural fit to join McAfee to deliver to application development and security professionals greater visibility and control over detecting, responding and resolving threats to reduce risk.”

McAfee’s acquisition of NanoSec further demonstrates how McAfee is working to integrate security natively into DevSecOps processes and toolsets to discover and address security issues before applications are deployed.

Terms of the acquisition were not disclosed.