McAfee have announced, McAfee Threat Intelligence Exchange, the first in the industry to orchestrate local and global threat intelligence information and enterprise-wide security products into one cohesive integrated security system. McAfee Threat Intelligence Exchange brings a unique approach and capability in the elimination of the gap between encounter to containment of advanced targeted attacks.
By sharing threat information across controls and directing preventative actions in real-time, McAfee is able to provide immediate protection against the threats posed by advanced targeted attacks across both network and endpoint controls. What has traditionally taken days, weeks or months now only takes milliseconds. McAfee Threat Intelligence is a significant evolution of the industry-first Security Connected Platform that was delivered by McAfee in 2011.
Recent high profile data breaches highlight the challenge that organisations face in understanding and combating advanced targeted attacks. In many cases, the breach is not discovered for days or weeks after the initial compromise has occurred, and often far after proprietary and personally identifiable information has been extracted. The ability to quickly spot and pre-empt advanced threats is now a business differentiator as companies seek to protect their intellectual property and assure customers that their data is safe and secure.
Building on McAfee’s leadership experience across network, endpoint and data security, McAfee Threat Intelligence Exchange allows organisations to orchestrate security controls to identify patterns, immunise assets against newly-identified malware, and prevent data exfiltration in real-time – optimising security for each organisation. McAfee Threat Intelligence Exchange leverages a unique capability called SmartListing that allows broad security controls to extract and exchange contextual information from such examples as certificate information, reputation data, file characteristics and application behaviors within the environment. The resulting actionable intelligence allows the organisation to accurately and instantly contain or allow any payload across the organisation’s security controls. Thus for the first time, as threats appear, defenses instantly shield assets much more intelligently and without the limitations of signatures or cloud lookups.
McAfee Threat Intelligence Exchange combines local threat data with global intelligence data sources such as McAfee Global Threat Intelligence, to offer truly comprehensive threat intelligence for businesses. The collective package provides unprecedented identification of targeted attacks and enables customised controls that protect automatically based on each organisation’s unique risks and priorities. This degree of precision offers the most complete and immediate protection against determined criminals and actors behind the most damaging attacks.
Delivering on the Security Connected Vision:
With this announcement, the McAfee Security Connected platform now includes a real-time data exchange messaging framework. The McAfee data exchange layer provides real-time context sharing and orchestration, as well as the collective threat intelligence and adaptive threat prevention in McAfee Threat Intelligence Exchange. These industry-leading breakthroughs boost the protective performance of existing McAfee solutions from endpoint, network and analytics environments, and also deliver a standardised data framework by which partners, competitors, and other third party products will be able to orchestrate together in halting advanced threats.
“With complex threats attacking businesses every day, our customers need this adaptive threat prevention now,” said Mike Fey, worldwide chief technology officer for McAfee. “We are making it easier to tie together intelligence and actions so that our customers’ existing products deliver greater protection while simultaneously finding ways to cut operational costs. We are delivering the technology that others are just starting to think about to harden the platform upon which future security products will depend.”
Features & Benefits:
The McAfee Threat Intelligence Exchange solution provides new approaches for answering increasingly urgent problems customers face more often as targeted attacks increase.
– Replaces costly manual tasks with automated, real-time data exchange that allows security components to operate as one to share security intelligence in real-time across endpoint, network and other security components.
– Brings immediate visibility to the presence of advanced targeted attacks in the organisation to answer the question “Am I exposed?”
– Protects based on the most complete collective threat intelligence built out of global and third party intelligence data sources combined with local threat intelligence and customised organisational knowledge.
– Enables endpoints to share contextual intelligence with each other to gain greater environmental threat context which improves accuracy and effectiveness.
– Integration simplicity, through McAfee’s data exchange layer, reduces implementation and operational costs and enables unmatched operational effectiveness.
Availability:
Product is expected to be available in Q2 2014. For more information on McAfee Threat Intelligence Exchange visit www.mcafee.com/TIE.
About McAfee
McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), empowers businesses, the public sector, and home users to safely experience the benefits of the Internet. The company delivers proactive and proven security solutions and services for systems, networks, and mobile devices around the world. With its Security Connected strategy, innovative approach to hardware-enhanced security, and unique Global Threat Intelligence network, McAfee is relentlessly focused on keeping its customers safe. http://www.mcafee.com
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.