McAfee, in an effort to help companies defend against advanced malware, announced a new appliance-based solution designed to help its customers respond to attacks faster and move from detection and analysis to protection and resolution.
McAfee says the new solution, the McAfee Advanced Threat Defense appliance, goes beyond single-feature, static analysis sandboxing products to address three key requirements: Finding, Freezing and Fixing stealthy threats via an end-to-end solution:
• Find: McAfee’s analysis technologies work together to detect advanced threats across multiple protocols.
• Freeze: Integration with McAfee network solutions can prevent the threat from infecting additional devices.
• Fix: McAfee Real Time identifies the device(s) that require remediation and streamlines the response, enabling automated investigation across all endpoints resulting in cost-effective remediation.
Going beyond what traditional sandboxing products do, McAfee’s Advanced Threat Defense layers full static code analysis on top of a dynamic analysis engine for more cost effective, efficient and accurate detection, the company said.
“Many organizations are relying on their legacy security products and waiting for additional advanced malware protections to be incorporated, thereby exposing their organization to malware threats,” the Intel subsidiary explained in a statement. “Or they are using standalone malware products and plugging in third party products that are not integrated with the rest of the environment. While this may be expedient it is not a good strategy and can end up costing more money in the long run.”
“Advanced malware is a difficult problem facing organizations of all sizes,” said Pat Calhoun, general manager of network security at McAfee. “Detecting malware is only one piece of the whole solution. You also have to stop it from further infecting the network and remediate any infections. Difficult problems don’t require difficult solutions.” McAfee Advanced Threat Defense and McAfee Real Time are part of the McAfee Security Connected framework.
“The gap between recognizing advanced attacks and remediating them with a high degree of confidence has remained wide,” said John Grady, research manager for Security Products at IDC. “With employees being more mobile and multi-device oriented than they’ve ever been, it is impossible to defend against all attacks with a single product. Integrated solutions that combine network and endpoint-level visibility and controls are the best way to combat targeted attacks and quickly enable remediation.”
The new appliance is scheduled to be available in Q4 2013.
