MCAFEE accelerates data protection and threat prevention across device to cloud
McAfee today announced new products expanding its McAfee MVISION portfolio, a first-of-its-kind solution that allows customers to deploy security on their terms as they move to the cloud. Joining McAfee MVISION ePO, McAfee MVISION Endpoint and McAfee MVISION Mobile, announced last July, the newly announced MVISION solutions, McAfee MVISION EDR and McAfee MVISION Cloud—unveiled today at McAfee MPOWER 2018—deliver comprehensive and integrated device-to-cloud data protection and threat prevention capabilities that give customers a simpler and faster approach to mitigating their risk of data loss.
“The MPOWER Cybersecurity Summit represents an opportunity for those attending to sharpen skills
and chart a course to prepare for the future,” said Chris Young, chief executive officer, McAfee. “McAfee
is delivering a cloud-native portfolio, designed to protect data and stop threats, from device to cloud.
Digital transformation is inevitable; we urge our customers to utilize the MVISION portfolio to feel
empowered against an expanding threatscape as they advance their organization.”
Digital transformation is driving the need for a cloud-first approach to security. For organizations to
adopt the cloud with peace of mind, they not only need visibility into data and applications, but
consistent data and threat protection policies across their data and applications wherever they reside.
With the addition of MVISION EDR, MVISION Cloud and McAfee ePO-Unified Data Protection, McAfee is
enabling organizations to mount a powerful threat and data-centric defense spanning from device to the
cloud. These solutions are designed to give freedom and confidence to organizations that are
accelerating their business through digital transformation initiatives.
McAfee MVISION EDR
McAfee MVISION EDR enables security teams to act faster and with higher precision so they can do
more with their current staff and skill sets. Typically, organizations suffer from information overload
when it comes to most EDR systems because they generate volumes of data and alerts that require
skills—often in short supply—to interpret and investigate before action can be taken. MVISION EDR
implements human machine teaming to enable analysts of all skill levels to be more effective and
efficient. Integrated into the McAfee ePO management platform, analysts can identify threats, dive into
context, review the results of automated investigations and take actions to respond.
McAfee MVISION EDR utilizes advanced analytics to identify and prioritize suspicious behavior from
contextually rich endpoint data, helps guide and automate in-depth investigations to reduce the tactical
strain on security analysts and enables rapid response with direct actions and broader integration to the
security ecosystem. The solution delivers:
Cloud-based analytics: Cloud analytics leverage the Mitre ATT&CK 1 framework to uncover and
prioritize a broad spectrum of suspicious behaviors, helping analysts quickly understand risk
severity and take appropriate next steps: dismiss, respond or investigate.
Artificial Intelligence (AI) driven investigation: Accelerates investigation and evidence gathering
with dynamic investigation guides that address the cyber-skills gap by up-leveling junior analysts
and improving senior analyst efficiency. In McAfee’s own internal security operations
experience, the company was able to up-skill level-1 operators and achieve up to a 15x
reduction in time to investigate.
Rapid Response: Enables affected systems to be quickly contained with a single click, while
ecosystem integrations support security team workflows and processes to increase operational
efficiency.
“MVISION EDR approaches endpoint detection and response by providing automated investigation
capabilities, making the tool more accessible to junior analysts and reducing the level of skill required
for triage and investigations. This can help organizations maximize the value of EDR, accelerate
processes, and improve analyst efficiency,” according to Jon Oltsik, Senior Principal Analyst,
Cybersecurity with ESG
McAfee MVISION Cloud
As information moves from protected, on-premises corporate networks, to the cloud, it can be very
difficult for organizations to ensure its protection. McAfee has solved this problem with MVISION Cloud,
which brings together data protection and threat prevention across Software-as-a-Service (SaaS),
Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS). The McAfee MVISION Cloud platform
enables enterprises to adopt cloud services while securing both sanctioned and unsanctioned cloud
services, protect sensitive data across the cloud and stop the most advanced threats.
Visibility into data, context and user behavior: Provides visibility and control across all cloud
services, employing a combination of API- and proxy-enabled approaches, with DLP policy that
can be extended from devices to the cloud. This includes content scanning, logging and activity
monitoring and threat and malware detection.
Centralized management: Delivers consistent and comprehensive management across public
cloud services spanning the SaaS, PaaS, and IaaS spectrum, like Microsoft Office 365, Salesforce
and Amazon Web Services (AWS).
Advanced Threat Protection: Protects against malware and external and insider threats through
UEBA (User and Entity Behavior Analytics) driven by machine learning built for the scale and
elasticity of cloud environments.
McAfee Device-to-Cloud Unified Data Protection
The latest integration between McAfee Endpoint DLP and Skyhigh Security Cloud DLP offers the same
data loss prevention (DLP) policy engine across endpoints, networks and the cloud. McAfee Unified
Data Protection offers users a single-pane-of-glass to manage all DLP incidents and reporting via McAfee
ePO leading to simplicity, increased business efficiency and improved security.
“The new MVISION portfolio of Enterprise products is designed to help our customers stay on top of the
evolving security needs, from device to cloud, with a solution that is simple, flexible, comprehensive and
fast, so that our customers can act decisively and mitigate risks” said Raja Patel, vice president and
general manager of Corporate Security Products, McAfee.
McAfee MVISION ePO, MVISION Endpoint, MVISION Mobile and MVISION Cloud is currently available.
McAfee ePO-Unified Data Protection will be available late October and MVISION EDR will be available in
Q1 2019.
McAfee Cybersecurity Services
To fully maximize MVISION, along with other McAfee products and solutions, McAfee also announced
the McAfee Essential Success Plan, the third tier of its customer success plan. The Essential success
-plan–along with Premier and Enhanced–provides:
-a personalized, structured plan that combines success and escalation management
-consulting and education services
-expert guidance in building out security success plan
-technical support
Plus McAfee introduced a new Incident Response (IR) Service that focuses on ensuring customers are
able to plan, remediate, and minimize the impact of a cyberattack. This service consists of a readiness
assessment, using a best-in-class methodology, that prepares customers with a strong, actionable IR
plan. It also includes IR experts who help customers respond more effectively, remediate, and recover
when the emergency occurs.
If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]