Security vendor McAfee (soon to be known as Intel security) has launched McAfee Threat Intelligence exchange, which it calls the first solution to orchestrate local and global threat intelligence information and enterprise-wide security tools into one integrated platform.
The vendor says this approach is a new and more effective way to eliminate the gap between when advanced targeted attacks are encountered and when they’re contained. The sharing of threat information across controls and direction of preventative action on real-time will allow for immediate protection against advanced threats across both network and endpoint controls. McAfee said the solution a significant evolution of the Security Connected Platform it launched in 2011.
According to McAfee, recent high profile data breaches show that organizations are challenged in understanding and combatting advanced targeted attacks, with breaches often not discovered until days or weeks after the initial breach has procured, and the targeted data has been procured. With McAfee Threat Intelligence Exchange, the vendor says patterns can be identified, assets immunized against newly-identified malware and data exfiltration prevent in real time.
The solution uses “SmartListing” to allow broad security controls to extract and exchange contextual information from such examples as certificate information, reputation data, file characteristics and application behaviours within the environment. It also draws on global intelligence data sources such as McAfee Global Threat Intelligence.
“With complex threats attacking businesses every day, our customers need this adaptive threat prevention now,” said Mike Fey, worldwide chief technology officer for McAfee, in a statement. “We are making it easier to tie together intelligence and actions so that our customers’ existing products deliver greater protection while simultaneously finding ways to cut operational costs. We are delivering the technology that others are just starting to think about to harden the platform upon which future security products will depend.”
Availability is expected in the second quarter of 2014.