Chris Young, CEO
In digital combat, cybercriminals benefit from the success of others. Successful breaches provide the motivation and resources for further attacks, whether for financial gain, economic disruption, or corporate intelligence. Organizations of all sizes are at risk from nation-states, hacktivists, organized crime, and malicious and accidental insider threats. The knowledge and capabilities gap between attackers and defenders is mandating fundamental changes to endpoint defences, cybersecurity’s frontline. “The reason we see exponential growth in the complexity of the attack landscape is because there are force multipliers at work,” Chris Young, the CEO of McAfee. To overcome the attacker advantage, endpoint defences need to collaborate with each other and with other security technologies to quickly detect, analyze, block, and contain attacks in progress. Leading the way is McAfee. The company’s Endpoint Security enables customers to respond to and manage the threat defence lifecycle and provides a collaborative, extensible framework to reduce the complexity of conventional multivendor endpoint security environments. “McAfee is the only company now that is empowering organisations to holistically manage security capabilities from device to cloud, and we are doing it all from within the cloud,” sates Young.
McAfee’s Endpoint Security framework provides administrators with visibility into advanced threats to speed detection and remediation response times. Global threat intelligence and real-time local event intelligence are shared between endpoints to further aid in rapid detection and response, while management is kept simple through a true centralized console and easy-to-read dashboards and reports. The framework is built for real-time communication between threat defences. Events and threat insights are shared with multiple technologies to take immediate actions against suspicious applications, downloads, websites, and files.
Redundancies caused by multiple point products or defences can be found and removed, while a common endpoint architecture integrates several layers of protection to allow threat insights to be shared for faster convictions and analysis.
McAfee is the only company now that is empowering organisations to holistically manage security capabilities from device to cloud, and we are doing it all from within the cloud
Additional advanced threat defences, like Dynamic Application Containment (DAC), are also available as part of the integrated McAfee Endpoint Security framework to help organizations defend against the very latest advanced threats. For example, DAC will analyze and take action against greyware and other emerging malware, containing them to prevent infection. Another available technology for advanced threat is Real Protect, which uses machine-learning behaviour classification to detect zero-day malware and improve detection. The signature-less classification is performed in the cloud and maintains a small client footprint while providing near real-time detection. Actionable insights are delivered and can be used to create indicators of attack and indicators of compromise. This can be particularly useful for lateral movement detection, patient-zero discovery, threat actor attribution, forensic investigations, and remediation. Real Protect also speeds future analysis by automatically evolving behaviour classification to identify behaviours and adding rules to identify future attacks that are similar using both static and runtime features. Lastly, to immediately prevent infection and reduce the time required for IT security administrators, the client repairs the endpoint following a conviction to the last known good state.
Looking to the future, Young said McAfee is setting its sights on providing unique insights into what is happening in any IT environment b ased on advanced analytics on data gathered from nearly a billion sensors deployed on consumer devices, within enterprises worldwide and across cloud environments. “We believe that for all the convergence that is happening, it is time to harness that to give you unique insights, and it is the next phase of our journey,” he concludes.