New Intel Security products aimed at cloud

LAS VEGAS – Intel Security announced a series of new and updated products to support its corporate strategy concentrating on the endpoint and the cloud as its control points to address the expanding attack surfaces in today’s connected world.

At its annual user conference, Focus 15, the newly released McAfee Endpoint Security 10.X provides a new platform that enables real-time communication between defense products via the STIX and TAXII standards, as well as through McAfee Data Exchange Layer (DXL). This will allow layers of defense to share information about threats to make overall protection more effective throughout the threat defense lifecycle.

McAfee Active Response builds on and complements Endpoint Security. Managed through McAfee’s ePolicy Orchestrator (ePO), it provides analysts and administrators with the tools to hunt down indicators of compromise.

While anti-malware used to be all about protecting against threats, today companies have to take a three-pronged approach, explained Chris Young, senior vice president and general manager of Intel Security Group. The new mantra: protect, detect, correct.

The components of the new solutions intelligently communicate to isolate and remove threats so, for example, if a user opens an unknown file, the software can analyse it, determine if it’s malicious, and if so, deal with it as well as searching the environment to see if others have received the now known bad file and ensuring they don’t become infected. It also determines if the malware has been communicating with external sites such as command and control servers and hunts down and re-mediates any endpoints communicating with those addresses. All of this happens automatically, without human intervention. The goal is to free security professionals from routine work that a machine can do. Michael Leland, former CTO at NitroSecurity and now SIEM evangelist at Intel Security, said that the new tools allow security professionals to go from being responders to hunters.

However, said Young, the new strategy meant abandoning some non-core areas such as email security, leaving their care to partners. Since the new platform is extensible, third party products can plug in to ePO and communicate with its components. In addition, solutions using DXL can be built without any Intel Security products involved, if vendors so choose. Through the Intel Security Innovation Alliance, solutions from twelve partners now use DXL, including products from Titus, Forescout, CloudHash, Avecto, and TrapX.

“DXL lets people do what they do well,” said Paul Reid, technology strategist at Titus. “(Using DXL), Titus shares context with its partners in real time. It acts as a force multiplier.”

 

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Lynn Greiner
Lynn Greiner
Lynn Greiner has been interpreting tech for businesses for over 20 years and has worked in the industry as well as writing about it, giving her a unique perspective into the issues companies face. She has both IT credentials and a business degree

Related Tech News

CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.