Intel Security announced multiple product portfolio enhancements that provide organizations greater visibility into security incidents, stronger controls to prevent data exfiltration, and cloud and partner integrations that ease the management of their security environment. Together, these developments improve the integration and communication between individual solutions, strengthen organizations’ abilities to comprehend the state of their security environment, and speed up their ability to determine and take action with the appropriate response to security incidents.
Enterprise Strategy Group recently reported that security professionals are inundated with security incidents, averaging 78 investigations per organization in the last year, with 28% of those involving targeted attacks – the most damaging and challenging cyber-attacks to detect and mitigate. Many of the survey respondents indicated that they lack the ability to fully comprehend the state of their security environment, with 41% of organizations desiring a better understanding of user endpoint behavior and 37% calling for greater visibility into network behavior. Nearly half (47 percent) specifically noted that determining the impact or scope of a security incident takes up valuable time especially when they must sort unthreatening events from genuine cyber-attacks.
“Attackers will always have the advantage as long as they have unlimited opportunities to determine which tactics are effective, while defenders struggle to understand the nature of what is confronting them,” said Chris Young, Senior Vice President and General Manager of Intel Security Group. “To shift the advantage from attackers to defenders, we need to dramatically re-think how we see, understand, and respond to security events, allowing defenses to adapt at least as fast as attackers adapt their tactics.”
Enabling Security Connected with the Data Exchange Layer
Intel Security’s Data Exchange Layer (DXL) ecosystem marks a new era in security where all components come together to work as a single cohesive system, regardless of vendor or underlying architecture. The DXL is an ultra-fast, bidirectional communications fabric that enables information and context sharing between any connected security technologies.
Updated solutions from Intel Security and new integrations from Security Innovation Alliance partners, TITUS, ForeScout and CloudHASH Security, now offer even greater protection speed and precision. New McAfee Web Protection 7.5.2 now has the ability to share threat data for more comprehensive detection of web attacks. McAfee Data Loss Prevention (DLP) Endpoint 9.3.5 now shares local threat data, acting in real time to prevent data loss. Integrations between McAfee Threat Intelligence Exchange and McAfee Enterprise Security Manager can also identify any managed endpoint that has previously accessed or executed files that have been identified as malicious.
McAfee Web Protection 7.5.2 and McAfee DLP Endpoint 9.3.5 will be available in the second quarter of 2015. For more information, visit: https://blogs.mcafee.com/business/building-and-using-your-network-of-informants
McAfee Enterprise Security Manager 9.5 is currently available. For more information, visit: https://blogs.mcafee.com/business/intelligent-actionable-integrated
Expanding the Security Connected Ecosystem for Granular Visibility into Endpoint Activity
Working to build its ever-expanding ecosystem of threat defenses, Intel Security announced the latest version of McAfee Next Generation Firewall, which leverages granular endpoint contextual and process-related information via McAfee EIA. McAfee Next Generation Firewall 5.9 offers network and security administrators highly accurate control of endpoint application communications in association with user identities. Businesses will benefit from automated prevention of data breaches initiated from endpoints, and faster remediation of threats through real-time sharing of network and endpoint intelligence.
McAfee Next Generation Firewall 5.9 will be available later this year. For more information, visit: https://blogs.mcafee.com/business/your-network-security-diagnosis
Uncover Compromise through Correlation of Threat Information
A secure email gateway collects a trove of information that can be extremely valuable for security teams in their processes of threat investigation and incident response. Information about the files that are received, URLs seen, IP addresses of email senders and the identity of the recipients can all be useful. To take advantage of that valuable data, the new version of McAfee Email Protection 7.6.4 now integrates with Enterprise Security Manager to share and correlate potential indicators of compromise, and help reduce their time to containment and more reliably uncover the scope of a breach.
To help security operations teams more easily identify, scope, and contain incidents, McAfee Enterprise Security Manager now also offers a cyber-threat manager that can consume and interpret third-party threat feeds, as well as correlate threat intelligence with rich payload data revealed by McAfee Advanced Threat Defense (ATD). ATD produces Structured Threat Information eXpression (STIX) – formatted details on malware contents, which ESM interprets alongside other data to better understand malware intent and guide responses, such as hunting past activity, blacklisting malicious IP addresses, and adding the data to watch lists and correlations to continuously monitor for new interactions.
Expanding Security into the Public Cloud
As cloud adoption and infrastructure as a service continue to grow in popularity and gain traction in the market, companies using these services need to take steps to secure the guest operating systems and above within these infrastructures. McAfee Public Cloud Server Security Suite, uniquely addresses the need to achieve an added level of security for these cloud infrastructures by providing greater visibility, protection and control to secure the Guest OS and above of public cloud workloads. Automated operations provide the same level of agility and scale as the cloud servers, and the solution is priced by the hour. Integrated communications share threat information and file reputation scores across all connected endpoints, for faster reactions to emerging attacks.
McAfee Public Cloud Server Security Suite is available for download from AWS Marketplace. For more information, visit: https://blogs.mcafee.com/business/building-secure-castles-in-the-cloud
Together with long standing and strategic Intel Security partner, InfoReliance, Intel Security is also offering McAfee Public Cloud Server Security Suite as a paid, direct listing on AWS Marketplace. For more information, visit AWS Marketplace McAfee Public Cloud Server Security listing.
Intel Security Collaborates with Ericsson to Bring Managed Security to Telecom Operators
Intel Security and Ericsson have announced a collaboration to make managed security solutions available for telecom operators to bundle with the existing enterprise service offerings. Combining Ericsson’s managed services expertise, global delivery capability and network security expertise with Intel Security’s broad portfolio of consumer and enterprise security solutions will enable enterprises to efficiently strengthen their security posture.
By supporting networks that connect more than 2.5 billion subscribers and carry more than 40 percent of the world’s mobile traffic, Ericsson is helping to realize a truly Networked Society. Together with Intel Security, Ericsson aims to make it easier for telecom operators to support their enterprise clients in protecting valuable intellectual property, data, devices and identities.
For more information on Ericsson’s collaboration with Intel Security, visit: Ericsson Press and/or https://blogs.mcafee.com/business/intel-security-and-ericsson-managed-security-services
Intel Security can be found at North Expo, booth #N3705 at the RSA Conference in San Francisco.
About Intel Security
McAfee is now part of Intel Security. With its Security Connected strategy, innovative approach to hardware-enhanced security, and unique Global Threat Intelligence, Intel Security is intensely focused on developing proactive, proven security solutions and services that protect systems, networks, and mobile devices for business and personal use around the world. Intel Security is combining the experience and expertise of McAfee with the innovation and proven performance of Intel to make security an essential ingredient in every architecture and on every computing platform. The mission of Intel Security is to give everyone the confidence to live and work safely and securely in the digital world. www.intelsecurity.com