Connect with us

Hi, what are you looking for?


Security Infrastructure

McAfee: Integration, Context-Aware Security Key to Strategy

LAS VEGAS – McAfee FOCUS 2012 – The security community generally can be counted on to agree on one thing – the amount of malware is growing. The question then becomes what to do about it.

LAS VEGAS – McAfee FOCUS 2012 – The security community generally can be counted on to agree on one thing – the amount of malware is growing. The question then becomes what to do about it.

At McAfee’s FOCUS conference, running this week in Las Vegas, the answer being put forth involves both the application of “contextual security” and a commitment to integration.

“Context becomes critically important as we move forward and look at the diversity of devices,” explained Candace Worley, senior vice president and general manager of endpoint security at McAfee.

McAfee Logo“I can do a boatload with my iPad,” she continued. “I can download any app on it; I can surf the net at will on it; I can also get to my corporate email on it. Obviously on my corporate laptop, it’s a much more locked down environment.”

Depending on a number of factors such as where she is geographically, what device she is using and what data she is trying to access, a company administrator may want to apply a different policy, she said.

“So the direction that we’re taking our endpoint security services… [is the] direction of enabling IT administrators to apply dynamic policy based on context.”  

Key to this is the company’s portfolio of security software stretching from the PC to the smartphone and its global threat intelligence information, she said.

The company announced several additions to its endpoint portfolio today, which are slated to be available in the fourth quarter: a new version of Deep Defender, enhanced with the ability to detect rootkits that infect the master boot record (MBR); Endpoint Encryption for PC or Mac, updated to improve performance; and McAfee Application Control, which includes the ability to control how a non-whitelisted application can be approved. In addition, the company also announced a new version of Enterprise Mobility Manager that supports Apple iOS 6 and integrates with the latest version of McAfee Secure Container for Android 2.0.

Advertisement. Scroll to continue reading.

Another technology added to the mix is a new Asset Manager included in McAfee Vulnerability Manager that allows organizations to automatically discover and inspect assets as they connect to the network. This includes smartphones, tablets, servers, laptops and other devices. 

But no one vendor has the answer for all things security, company officials said. In that vein, McAfee established the Security Innovation Alliance (SIA) program a few years and created a set of APIs and SDKs to help other security vendors to integrate with ePolicy Orchestrator (ePO), Worley noted.

“The whole driver behind that was we recognized as a corporation that we will not be able to be all things to all companies from a security perspective,” she said. “If we try, we probably wouldn’t very good at any of it.”

“That was really our first step towards enabling other vendors – some of which were competitors, some of which were not – to integrate into ePO and allow our customers to get greater value in the investment they made in ePO,” she said.

As the company moves forward with its “Security Connected” platform strategy, there will be elements in that platform that will also require McAfee to work with partners in order to enable customers to get greater value, she said.

Security Connected has evolved for the company, said Michael Fey, McAfee’s worldwide CTO. Today, the company wants to set up a “data exchange layer” where technologies can be integrated and data can be queried to apply context and make it more secure. The idea, he said, is to open up some of McAfee’s architecture to allow partners to work with the company and enable them to deliver solutions that can be tailored to certain verticals.

“What I envision is less about McAfee and other security providers getting together and putting our stuff in one big database,” said Michael Fey, worldwide CTO. “What I’m more excited about is opening up my plumbing so that customers [saying], ‘I also want these guys, and this guy, and this guy’ running through the veins of my solution, they can do that. I feel like that’s more viable because it lets each security company maintain their identity, maintain who they are.” 

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Security Infrastructure

Comcast jumps into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace.

Management & Strategy

Hundreds of companies are showcasing their products and services this week at the 2023 edition of the RSA Conference in San Francisco.

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture


Identity and access governance vendor Saviynt has closed a $205 million financing round.

Cloud Security

The term ‘zero trust’ is now used so much and so widely that it has almost lost its meaning.


Security orchestration, automation and response (SOAR) provider Swimlane on Monday announced the launch of a security automation solution ecosystem for operational technology (OT) environments.

Identity & Access

The National Security Agency (NSA) has published a series of recommendations on how to properly configure IP Security (IPsec) Virtual Private Networks (VPNs).