McAfee MVISION

McAfee, the device to cloud cybersecurity company, today announced new product innovations to its McAfee MVISION portfolio.

a first-of-its-kind cloud-based product family that allows organizations to deploy security on their terms as they move to the cloud. The new features and functionality lie within McAfee MVISION Cloud, McAfee MVISION Endpoint, McAfee MVISION EDR and McAfee MVISION ePO, and have been purpose-built to help organizations protect data and stop threats across devices, networks and the cloud.

The biggest issues security practitioners face today relate to people, devices and data—for organizations to adopt the cloud with peace of mind, they not only need visibility into their data and applications, but consistent data and threat protection policies wherever their data and applications reside.

The wide dispersion of their data and limited time and resources make this a challenge for most organizations today. With the MVISION portfolio, McAfee is enabling organizations to mount a powerful threat and data-centric defense spanning from device to cloud. These solutions are designed to give freedom and confidence to organizations that are accelerating their business through digital transformation initiatives.

“We are on a mission to deliver comprehensive data and threat defense across our customers’ “device to cloud” expanse and to give them the capabilities they need to act in a decisive and timely manner to mitigate risk,” said Rajiv Gupta, senior vice president and general manager of the cloud security, McAfee. “We see a future where enterprise security is simpler, smarter and simultaneously broader than anything that’s ever come before, and with McAfee MVISION we are delivering on that vision.”


McAfee MVISION Cloud

McAfee MVISION Cloud brings together data protection and threat prevention across Software-as-a-Service (SaaS), Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) environments. The McAfee MVISION Cloud platform enables organizations to adopt cloud services with the requisite security, governance, and compliance they need.

New features include:

  • Extended threat protection: The new Gateway Antimalware Engine aims to detect zero-day attacks based on behavior in a matter of milliseconds rather than minutes or hours.

  • Cloud Value and Maturity Advisor: provides an objective and peer-compared assessment of the maturity of an organization’s cloud security posture, recommendations and workflows to improve maturity and reduce risk and provide insights into the business value of their MVISION Cloud deployment.

  • End User Remediation: Provides the ability for organizations to involve end users in the Incident Remediation process by providing business justification or marking false-positives. Incidents can be auto-resolved based on end-user input. This significantly and measurably reduces the burden on SOC analysts.

In addition, McAfee has been selected by the Joint Authorization Board (JAB) for the Federal Risk and Authorization Management Program (FedRAMP) Connect program based on demand from federal government agencies and approval by the JAB. McAfee MVISION Cloud is FedRAMP Moderate Authorized and FedRAMP Ready for FedRAMP High.


McAfee MVISION Endpoint and McAfee MVISION EDR

Endpoint Security and Endpoint Detection and Response (EDR) are converging. McAfee offers them as an integrated deployment, where native security controls, advanced behavioral analysis and credential theft monitoring operate together to elevate threat event data for investigation and remediation.

Instead of organizations assembling a collection of tools and interfaces that slow the time to uncover and remediate threats, McAfee accelerates and simplifies the process through integrated products that operate seamlessly within the same McAfee ePO interface.

New features include:

  • Automated AI-Guided Investigations mapped to the MITRE ATT&CK™Â  Framework: McAfee EDR now seamlessly aligns the alert triage process, ensuring that a well-defined standards-based process can be followed throughout investigation and remediation.
  • Advanced Analytics: Identifies and prfioritize suspicious behavior from contextually rich endpoint data, helps guide and automate in-depth investigations to reduce the tactical strain on security analysts and enables rapid response with direct actions and broader integration to the security ecosystem.

  • Rollback Remediation: Reverses malicious changes by malware and returns an endpoint to its last known healthy state and recovers time for administrators otherwise spent on remediation or reimaging systems.


McAfee MVISION ePO

Security management is complex and requires unwieldy maneuvering between tools and data. As a result, cybersecurity professionals cannot be consumed with managing and updating security infrastructure. Instead, they need to focus on critical security tasks such as detection and enforcement—otherwise, adversaries will take advantage of the time they spend away from these important tasks and cause significant damage.

McAfee® MVISION ePolicy Orchestrator® (McAfee MVISION ePO™) eliminates the need for maintenance of an on-premises security infrastructure, allowing the security professional to focus exclusively on security.

New features include:

  • MVISION Management of Native Encryption: Expanded MVISION support for native operating system encryption, including Microsoft Bitlocker and Apple FileVault, for added data security capabilities.

  • Native Approval Workflows: Helps customers vet policy changes for quality control and risk management.

  • Expanded Global Services: McAfee can provide the cloud-native SaaS offering in additional countries, including through data centers in Sydney, Singapore and Frankfurt.

McAfee’s endpoint solutions have received the “FedRAMP In Process” designation under the Federal Risk and Authorization Management Program (FedRAMP) for a cloud-based technology platform. This moves McAfee’s endpoint solutions one step closer to securing FedRAMP authorization at the moderate level for MVISION for Endpoint, composed of McAfee MVISION ePO, Real Protect Machine Learning Cloud, and McAfee MVISION Endpoint Detection and Response (EDR).


McAfee ePO

To further streamline management with the industry-acclaimed integrated console, which is available on premises and from the cloud, McAfee ePO now offers:

  • Simplified Upgrade Process: Provides cumulative updates so customers stay current and secure, while reducing the time spent on maintenance and upgrade activities.

  • Support Center Extension: Provides insight and guidance into the health of McAfee ePO elements, the ability to receive and tag Support Notification Service alerts and search capabilities across McAfee content repositories.


Highlights:

  • Extended threat protection, cloud value and maturity advisor, end-user remediation, plus McAfee MVISION Cloud is FedRAMP Moderate Authorized and FedRAMP Ready for FedRAMP High
  • Integrated EDR and Endpoint security solution elevates threat data for investigation and remediation
  • Management of native encryption, native approval workflows, and expanded global services now included in McAfee MVISION ePO, plus simplified upgrade process and support center extension in McAfee ePO
  • McAfee MVISION EDR and McAfee MVISION ePO have received the FedRAMP Moderate In-Process designation under McAfee MVISION for Endpoint on the FedRAMP Marketplace.