sb-eu logo
Story image

McAfee embeds deep learning & AI into enterprise security offerings

19 Oct 2017

McAfee is going beyond the realm of machine learning in its security operations approach to take advantage of the latest technologies in security, including the speed and accuracy of advanced analytics, deep learning and artificial intelligence.

In addition to new innovations that can decrypt ransomware and steganography detection, the company announced two new solutions, McAfee Investigator and McAfee Cloud Workload Security, at McAfee MPOWER in Las Vegas this week.

According to McAfee’s CEO Chris Young, security teams are overwhelmed by threat complexity and this impacts their ability to defend their organisation.

The company designed its solutions to make use of automation, reasoning and data curation provided by analytics technologies, in conjunction with human-machine teaming.

According to a recent McAfee survey, the most effective security operations centres (SOCs) are ones that are driven by analytics, proactive threat hunting and automated investigated workflows. These help to progress an organisation towards advanced security management.

Gartner research director Carlton E. Sapp adds in a January 2017 report that while many organisations aren’t sure about what value or insights their data holds, machine learning is key in unlocking those secrets.

“The capability to transform data into actionable insight is the key to a competitive advantage for any organisation. But the ability to autonomously learn and evolve as new data is introduced — without explicitly programming to do so — is the holy grail of business intelligence,” Sapp explains.

McAfee took this principle and applied it to its own security solution portfolio offerings.

“McAfee is acting on our ‘Together is power’ principle with collaborative security that combines the unique advantages of people, machines and partners enabling teams to be situationally aware of security events and take swift action to thwart assaults, from the endpoint to the cloud,” Young says.

McAfee Investigator includes:

  • Accurate Threat Prioritisation: McAfee Investigator allows analysts to focus on the most significant threats by using advanced analytics to automatically collect, piece together and visually present suspected attack intelligence.
  • Fast and Thorough Malware Investigations: Machine learning and artificial intelligence within McAfee Investigator continually learn evolving tactics, techniques and procedures to help analysts determine the right questions and explorations to yield efficient and accurate case closure.
  • Increased SOC Efficiency: McAfee Investigator coaches analysts into implementing advanced thought processes and increases productivity with easy case content sharing.

McAfee Cloud Workload Security addresses challenges such as visibility across hybrid cloud workloads and enterprises service architecture. The solution is able to eliminate blind spots with automation, secure critical workloads without slowing performance and simplify management with the McAfee ePolicy Orchestrator console.   

The company has also improved its multi-layer endpoint protection (McAfee Endpoint Security) by the inclusion of deep learning capabilities, pre- and post-execution machine learning for file identification and technology that learns from more than 300 million sensors.

Story image
Emotet malware is on a rampage after months of silence
CERT agencies around the world are reporting a surge in cyber attacks related to the Emotet malware, which is being distributed by email.More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Story image
Misinformation on the rise, organisations consider how best to respond
The increase in misinformation and fake domains have left organisations perceiving the threat level to be ‘very significant’, with a third planning greater emphasis on their ability to respond in coming months.More
Story image
CrowdStrike integrates with ServiceNow program to bolster incident response
As part of the move, users can now integrate device data from the CrowdStrike Falcon platform into their incident response process, allowing for the improvement of both the security and IT operation outcomes.More
Story image
OT networks warned of vulnerabilities in CodeMeter software
Manufacturers using the Wibu-Systems CodeMeter third-party licence management solution are being urged to remain vigilant and to urgently update the solution to CodeMeter version 7.10.More