Black Hat McAfee, one of the cybersecurity companies, announced several new innovations that expand machine learning and automation capabilities to strengthen human-machine teams.
Plus, McAfee announced support of OpenDXL.com, a new, independent collaboration portal that offers forums, free apps and more, giving OpenDXL users easy access to ideas and resources available for application integrations. These new advances build upon the company’s commitment to innovation, collaboration and trust, bringing McAfee’s mantra ‘Together is Power’ to life.
“Today’s security teams are facing 244 new cyber threats every minute, amid a serious talent shortage. Siloed security, without automation, managed by overwhelmed teams is not a sustainable defense strategy,” said Raja Patel, vice president and general manager, Corporate Security Products, McAfee.
“Expanded machine learning and integrated analytics are part of McAfee’s vision for a fundamental shift in the way humans and machines work together to secure our digital world. By aligning the strengths of humans and machines, organizations elevate their operational maturity to better defend against the cyber threats we face today—and tomorrow.”
Machine learning and automation
McAfee technology seeks to improve the way humans and machines work together to protect the digital enterprise, through implementation of an intelligent security platform, that takes advantage of powerful new technologies, such as machine learning and automation.
McAfee Advanced Threat Defense (ATD) software now joins the growing portfolio of McAfee products that incorporate machine learning, including McAfee Endpoint Security with Real Protect and McAfee Global Threat Intelligence (GTI).
The newly released McAfee® ATD v4.0 software introduces an innovative deep learning technique to enhance detection and expands advanced analysis capabilities within email attachments, resulting in more comprehensive protection across the network as new threat intelligence and reputation updates are shared throughout the ecosystem.
New capabilities include:
- Enhanced machine learning detection: Machine learning now bolsters McAfee ATD detection capabilities, resulting in an expanded ability to identify malicious markers that may be hidden, or not fully executed.
- Expanded, Closed-Loop Detection-to-Protection for Email: McAfee ATD Email Connector now enables email security gateways to forward suspicious attachments to McAfee ATD for analysis, preventing malware from spreading on internal networks.
New enhancements for McAfee Enterprise Security Manager (ESM) include integrated, patented countermeasure-aware risk analysis to help security operations teams identify threats and assess the impact of new vulnerabilities, as well as new support for critical SOC use cases.
- Accurate insight into exposure and risk: McAfee® ESM now improves risk assessment by factoring in active, relevant countermeasures and priority guidance from McAfee GTI, providing a more accurate understanding of exposure and potential impact. The new Asset Threat Risk Content Pack 2.0 feature delivers security configuration, compliance posture and patch assessment in a single view.
- Rapid use case deployment: The new McAfee Connect content portal simplifies access to freely available, simple to deploy use cases and solution integrations. Through the portal, McAfee customers can find tools to activate monitoring, detection and incident management tasks, including user behavior analysis and detection of malware exploits and reconnaissance.
- Effortlessly monitor and analyse cloud activity: Easy incorporation of Microsoft Office 365 actions and events enables monitoring and analysis of user activity within cloud services.
Fully unified data loss prevention
McAfee Data Loss Prevention (DLP) Endpoint, DLP Prevent, DLP Discover and DLP Monitor are now fully unified. New capabilities include:
- Improved business efficiency: Unified policy management across network and endpoint DLP built upon a common classification engine, dictionaries, regular expression engine and syntax.
- Faster investigation and remediation: Simplified incident and case management speeds investigation and remediation of risk or suspicious user behavior by line-of-business data stewards, and information security professionals alike.
- Consistent event analysis: Common file, email, web traffic and database analysis across endpoint and network DLP ensure consistent enforcement of corporate data usage policies.
Dynamic endpoint protection
McAfee’s dynamic endpoint protection collaborates across products, allowing new technology to easily integrate without a complete architecture rebuild, and leverages machine learning to improve detection capabilities. New capability includes:
- Integrated cloud threat detection: New integration between McAfee Cloud Threat Detection (CTD) and McAfee Threat Intelligence Exchange (TIE) enables McAfee Endpoint Security (ENS) to forward suspicious samples to a cloud sandbox for in-depth analysis.
Continued commitment to open source and industry collaboration
McAfee believes that no one person, product or organization can fight cybercrime alone, which is why McAfee announced the OpenDXL initiative in 2016, launching an open industry standard for all developers to increase integration flexibility, simplicity and opportunity. McAfee has now expanded its commitment to open source through support of a new, independent open source community, OpenDXL.com.
This vibrant, collaborative portal includes:
- Community innovation forum: A place for participants to connect, get ideas, exchange questions and solve new problems.
- Freely available app marketplace: Created for sharing, the app marketplace features new, creative use cases for OpenDXL, packaged and ready for implementation.
- “Bootstrapper” to simplify integration: Makes it even easier to create OpenDXL integrations with a “bootstrapper” toolkit, which helps developers and integrators create API service wrappers in a few easy steps.
The McAfee Security Innovation Alliance, the industry’s premiere technology partner program, providing a truly integrated and connected security ecosystem, welcomes twelve new members:
- AGAT Software
- Cisco Systems
- Extreme Networks
- Kemp Technologies
- Resolve Systems
Read the press release, and visit McAfee’s Black Hat at Booth 300