McAfee Endpoint Threat Defense and Response Family

Similar documents
McAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks

Defend Against the Unknown

McAfee Advanced Threat Defense

McAfee Public Cloud Server Security Suite

McAfee epolicy Orchestrator

Sustainable Security Operations

Integrated McAfee and Cisco Fabrics Demolish Enterprise Boundaries

SOLUTION BRIEF RSA NETWITNESS NETWORK VISIBILITY-DRIVEN THREAT DEFENSE

Petroleum Refiner Overhauls Security Infrastructure

SIEM Solutions from McAfee

McAfee Endpoint Security

Global Manufacturer MAUSER Realizes Dream of Interconnected, Adaptive Security a Reality

SIEM: Five Requirements that Solve the Bigger Business Issues

Reducing Operational Costs and Combating Ransomware with McAfee SIEM and Integrated Security

McAfee Total Protection for Data Loss Prevention

Securing the Software-Defined Data Center

Securing Your Amazon Web Services Virtual Networks

McAfee Embedded Control

GDPR: An Opportunity to Transform Your Security Operations

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Securing Your Microsoft Azure Virtual Networks

Building Resilience in a Digital Enterprise

McAfee Database Security Insights

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

Sandboxing and the SOC

The McAfee MOVE Platform and Virtual Desktop Infrastructure

Expand Virtualization. Maintain Security.

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

McAfee Active Response 2.0.0

Seven Steps to Ease the Pain of Managing a SOC

McAfee Virtual Network Security Platform

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Enhanced Threat Detection, Investigation, and Response

CloudSOC and Security.cloud for Microsoft Office 365

McAfee Skyhigh Security Cloud for Citrix ShareFile

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Managed Endpoint Defense

DATA SHEET RSA NETWITNESS PLATFORM PERVASIVE VISIBILITY. ACTIONABLE INSIGHTS.

with Advanced Protection

ATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS

Intelligent, Collaborative Endpoint Security

ATTIVO NETWORKS THREATDEFEND PLATFORM INTEGRATION WITH CISCO SYSTEMS PROTECTS THE NETWORK

Introducing MVISION. Cohesive Cloud-based Management of Threat Countermeasures and Devices Leveraging Built-in Device Controls. Jon Parkes.

BUILT TO STOP BREACHES. Cloud-Delivered Endpoint Protection

AND FINANCIAL CYBER FRAUD INSTITUTIONS FROM. Solution Brief PROTECTING BANKING

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

SIEMLESS THREAT DETECTION FOR AWS

McAfee Skyhigh Security Cloud for Amazon Web Services

MITIGATE CYBER ATTACK RISK

IT-Security Symposium in Stuttgart. Workshop McAfee Device-to-Cloud, Erweiterte Endpunktsicherheit für Microsoft Umgebungen

Services solutions for Managed Service Providers (MSPs)

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

McAfee MVISION Cloud. Data Security for the Cloud Era

Smart Data Center From Hitachi Vantara: Transform to an Agile, Learning Data Center

McAfee Embedded Control for Healthcare

Agenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

DATA SHEET RSA NETWITNESS ENDPOINT DETECT UNKNOWN THREATS. REDUCE DWELL TIME. ACCELERATE RESPONSE.

ForeScout Extended Module for Splunk

Cisco Advanced Malware Protection for Endpoints

CA Security Management

Put an end to cyberthreats

Protecting Your Enterprise Databases from Ransomware

AKAMAI CLOUD SECURITY SOLUTIONS

The threat landscape is constantly

Cognito Detect is the most powerful way to find and stop cyberattackers in real time

SentinelOne Technical Brief

The Cognito automated threat detection and response platform

McAfee Embedded Control for Retail

McAfee Embedded Control

McAfee Application Control/ McAfee Change Control Administration

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

ARTIFICIAL INTELLIGENCE POWERED AUTOMATED THREAT HUNTING AND NETWORK SELF-DEFENSE

Compare Security Analytics Solutions

FOUR WAYS TO IMPROVE ENDPOINT SECURITY: MOVING BEYOND TRADITIONAL APPROACHES

THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM

Combatting advanced threats with endpoint security intelligence

ForeScout ControlFabric TM Architecture

RSA INCIDENT RESPONSE SERVICES

RSA NetWitness Suite Respond in Minutes, Not Months

Whitepaper. Advanced Threat Hunting with Carbon Black Enterprise Response

RSA INCIDENT RESPONSE SERVICES

You Can See Everything From Our Windows

Security by Default: Enabling Transformation Through Cyber Resilience

Carbon Black PCI Compliance Mapping Checklist

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Comprehensive Database Security

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

STAY ONE STEP AHEAD OF THE CRIMINAL MIND. F-Secure Rapid Detection & Response

How your network can take on the cloud and win. Think beyond traditional networking toward a secure digital perimeter

SYMANTEC DATA CENTER SECURITY

NIST Special Publication

Endpoint Security for DeltaV Systems

SONICWALL GLOBAL MANAGEMENT SYSTEM

Incident Response Agility: Leverage the Past and Present into the Future

Product Guide Revision B. McAfee Cloud Workload Security 5.0.0

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

Unmask Evasive Threats

McAfee Network Security Platform

Transcription:

Defense and Family Detect zero-day malware, secure patient-zero, and combat advanced attacks The escalating sophistication of cyberthreats requires a new generation of protection for endpoints. Advancing threats and the increasing risk of unknown vulnerabilities are causing organizations to piece together overlapping, disconnected security solutions that provide limited visibility and increased complexity. solves this problem with Defense and Defense and. Both solutions leverage static and behavioral analysis and synthesized intelligence to protect, detect, correct, and adapt to combat emerging threats. Unified security components act as one through an open, integrated approach with shared visibility and threat intelligence and simplified workflows. Connected security and actionable threat forensics provide a secure infrastructure to quickly and confidently convict threats and stay ahead of potential attackers. Defeat Zero-Day Malware, Greyware, and Ransomware Stay ahead of emerging threats with static and dynamic threat analysis leveraging enhanced reputation and behavioral analytics to detect potential exploits. Apply synthesized intelligence with Intelligence Exchange to immediately block and contain threats and instantly update threat reputation to prevent future attacks. Defense and Defense and defeat zero-day malware by identifying similarities between exhibited malicious behaviors and the extensive Real Protect threat models using a cloud lookup (data centers hosted in the United States). This behavioral classification technique is used to root out live threats that may have evaded other security software defenses. It provides actionable threat intelligence through epolicy Orchestrator Key Advantages Detect, protect, and correct while proactively adapting your defenses against zero-day malware, greyware, and ransomware. Protect more effectively using dynamic reputations, behavioral analysis, and machine-learning. Minimize impact to users and trusted enterprise applications with enhanced protection. Respond and remediate more threats, faster with threat intelligence shared across your security ecosystem. Streamline incident investigation and remediation with unified workflows and a single console for management through epolicy Orchestrator ( epo ) software. 1 Defense and Family

software to enable zero-day discovery and real-time remediation. Behavioral classification is automatically evolved through dynamic machine-learning, providing maximum protection and efficiency while limiting security exposure. Reduce the Number of Events and Resolve s Faster Focus on what s most important by reducing the number of security events, automatically convicting more threats, sharing intelligence, and utilizing proactive alerts to define automatic responses. Ease the effort required to investigate and resolve threats with simplified workflows that resolve events faster and expand security capacity while increasing protection across your entire organization. Connected components automatically share valuable security information through Data Exchange Layer. Intelligence allows you to synthesize comprehensive threat intelligence across your entire ecosystem, including Global Intelligence and other third-party sources, and immediately share threat information to automatically adapt your protection. Secure Patient-Zero Detect and stop zero-day malware from making malicious changes to endpoint systems. Dynamic Application Containment watches the behavior of greyware and prevents malicious changes to effectively stop exploits before they begin. Secure endpoints on and off networks and contain malicious behavior with protection that is invisible to users. Operationalize Security Processes to Scale and Adapt Policy enforcement, incident investigation, and remediation are streamlined through epo software, a single-pane-of-glass management console that provides visibility across all systems so you can readily assess the security posture of endpoints and enable protection in real time. Reduce monitoring, search, and response efforts with unified workflows and single-click remediation across a single endpoint or the entire infrastructure. With Defense and Defense and, leverage automated machine-learning to update behavior classification models and instantly share threat intelligence across all security components so they can act as a single, unified system against emerging threats. Prevent future attacks and leverage pre-configured reactions to contain potential threats, so you can free up your staff and allow them to focus on other security management priorities. 2 Defense and Family

Uncover, Prioritize, and Remediate Advanced Attacks Defense and helps you determine the origin, scope, and impact of an attack. It uses Active technology to provide both live and historical visibility across endpoints in your infrastructure. Indicators of attack are identified and prioritized with robust context to enable faster response. Proactively hunt with precision, speed, and agility to defeat threats that are actively propagating, lying in wait, or have erased their tracks to evade detection. Knowledgedriven visibility and control can pinpoint where threats are attempting to establish a foothold and allow your responders to immediately contain and remediate, reducing exposure from months to minutes or even milliseconds. Figure 1. The threat workspace traces the origin and behavior of s uspicious incidents to speed incident response. Defense and Family Capabilities Component Advantage Customer Benefits Differentiation Dynamic Application Containment 1 Secures patient zero by preventing greyware from making malicious changes to endpoints both on or off the network. Enable potential threat analysis without sacrificing patient zero. Enhance protection without impacting users or trusted applications Reduce the time from encounter to contain with minimal manual intervention. Secure patient zero while maintaining endpoint productivity and isolating the network from infection. Integrated part of the infrastructure for optimal protection and efficiency. Works with or without an internet connection and requires no external input or analysis. Transparent to the user. Observe mode provides instant threat visibility to potential exploit behaviors within the environment. Defense Defense and 3 Defense and Family

Component Advantage Customer Benefits Differentiation Real Protect Applies machinelearning Easily defeat more zero-day malware, including difficult-to behavior detect objects, such as ransomware. classification to block Automatically unmask, analyze, and remediate threats zero-day malware without requiring manual intervention. before it executes and stops live threats Adapt defenses using automated classification and a that evaded previous connected security infrastructure. detection. Intelligence Exchange Data Exchange Layer epo Management Platform Active Connects security components to share contextual insights and provide organizationwide visibility and control for adaptive threat protection. Connects security to integrate and streamline communication with both and other third-party products. A single pane of glass for highly scalable, flexible, and automated management of security policies to identify and respond to security issues. Proactive threat visibility, timelines, live and historical hunting, and detection, with the ability to take immediate actions and adapt protection. Enable patient-zero threat identification and instant sharing across the security system to prevent the next infection. Reduce total cost of ownership and efficiently operationalize endpoint security. Connect security components to create closed-loop protection by transforming independent security technologies into a single coordinated system. Reduce risk and response time. Lower overhead and operational staff costs. Optimize processes and practical recommendations. Unify and simplify security workflows for proven efficiencies. Single-pane visibility across all systems to readily assess security posture and protection in real time. Quickly deploy and manage protection with customized policy enforcements. Reduce the time from insight to response with dynamic automated queries, dashboards, and responses. Quickly search live and historical threat data to determine the full scope of an attack, accelerate investigations, and reduce the time to respond. Automate threat responses and provide live security protection without manual intervention. Prioritize high-priority threats. Use continuous monitoring and customizable collectors to search deeply for indicators of attack that are not only running or lying dormant, but that may have even been deleted. Static and dynamic behavioral analysis provide better protection than single-stage approaches. Detects malware that can only be found through dynamic behavioral analysis. Deep integration shares real-time reputation updates and enhances security efficacy for all security components. Synthesize Global Intelligence feeds, third-party, and local intelligence. Define what is trusted and not trusted with local or third-party intelligence. Instantly connect threat reputation information across endpoint, web, network, and cloud products. Extract detailed actionable threat intelligence reports to adapt defenses. Share threat information across all security products. Instantly share patient-zero threat insight with all other endpoints to prevent infections and update protection. Granular control, lower costs, and faster operational security management through a single console. Drag-and-drop dashboards provide increased realtime visibility across the entire ecosystem. Open platform software development kits (SDKs) facilitate rapid adoption of future security innovations. Instant visibility of unknown exploit attempts and risky behaviors executing in the environment that were not detected by protection technologies. Investigate timeline of events on each endpoint with integrated live search across all endpoints to hunt for threats. Single-click action to protect, correct, and adapt, reducing multiple tools and steps into a single operation. Defense Defense and 4 Defense and Family

Specifications Defense Supported Platforms: Microsoft Windows: 7, To Go, 8, 8.1, 10, 10 November, 10 Anniversary Mac OSX version 10.5 or Later Linux: RHEL, SUSE, CentOS, OEL, Amazon Linux, and Ubuntu latest versions Servers: Windows Server (2003 SP2 or greater, 2008 SP2 or greater, 2012), Server 2016 Windows Embedded (Standard 2009, Point of Service 1.1 SP3 or greater) Citrix Xen Guest Citrix XenApp 5.0 or greater Defense and Supported Platforms: Microsoft Windows: 7, 8, 8.1, 10, 10 Anniversary RedHat 6.5 CentOS 6.5 Windows Server 2008, 2012, 2016 Learn More Learn more about the benefits of Defense at www.mcafee.com/endpointdefense. Learn more about the benefits of Defense and at www.mcafee.com/etdr. 1. Defense and includes hosted data centers located in the United States used to validate customer authentication, check file reputations and store data relevant to suspicious file detection and hunting. Although not required, Dynamic Application Containment will perform optimally with a cloud connection. Full Active, Dynamic Application Containment and Real Protect product capabilities require cloud access, active support and are subject to Cloud Service Terms and Conditions. 2821 Mission College Boulevard Santa Clara, CA 95054 888 847 8766 www.mcafee.com and the logo, epolicy Orchestrator, and epo are trademarks or registered trademarks of, LLC or its subsidiaries in the US and other countries. Other marks and brands may be claimed as the property of others. Copyright 2017, LLC. 1790_1016 OCTOBER 2016 5 Defense and Family

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback