Intel Security unveiled its new corporate strategy aimed at enabling businesses around the globe to more aggressively and effectively defend against data breaches and targeted attacks. Through a more integrated and more open security system that unifies the key phases of the threat defense lifecycle, the new strategy focuses on the endpoint and the cloud as the most effective areas for advanced visibility and practical operational control. These control points are enabled by world-class threat detection and analytics. The strategy also emphasizes a simplified user experience powered by centralized management and a connected architecture across Intel and third-party products. Through this open and integrated system, Intel Security aims to empower organizations to resolve more threats, faster, with fewer resources.
Intel Security will continue to focus on its core strength of protecting organizations against known threats, and is expanding its investment in tools that help detect new threats faster and enable automated workflows to rapidly correct them. By unifying protection, detection and correction with real-time centralized management into an adaptive feedback loop, known as the threat defense lifecycle, security then evolves and learns in an iterative cycle that improves over time. This model helps organizations become more effective at blocking threats, identifying compromises, and implementing remediation as well as countermeasure improvements more quickly.
“The rising volume and complexity of attacks present a vicious cycle of challenges for organizations and makes speed and efficiency critical,” said Chris Young, Senior Vice President and General Manager of Intel Security Group. “With a rapidly expanding attack surface, and a shortage of relevant talent and expertise, defenders need to win on visibility into events, simplified management, and capabilities that empower teams to close the loop on attacks in progress – faster, more effectively, and with fewer resources.”
In support of the new strategy, Intel Security is also announcing new solutions that will each serve as a foundation for future technologies and products. McAfee Endpoint Security 10.X delivers a new streamlined and agile endpoint services platform, enabling protection for devices with faster scanning and deployment. McAfee Active Response, a new endpoint threat detection and response solution, supplies on-demand and continuous visibility into an array of endpoint activities with powerful, automated tools to respond to and monitor threat events. The solutions can be used and managed together using Intel Security’s broadly adopted centralized management platform for a high-speed, high-accuracy, closed-loop approach to the threat defense lifecycle. Intel Security also now supports the Structured Threat Integration Expression (STIX) and Trusted Automated eXchange of Indicator Information (TAXII) standards designed to enhance detection of threats through sharing of threat intelligence.
To improve detection of threats through sharing of threat intelligence, Intel Security now supports the STIX and TAXII standards. Explaining details of zero-day and targeted malware, McAfee Advanced Threat Defense now generates a thorough malware report in STIX format that can be consumed by other compliant analysis or reporting products, including the McAfee Enterprise Security Manager. Additionally, the McAfee Threat Intelligence Exchange and McAfee Enterprise Security Manager can both ingest third-party threat intelligence in STIX format to enrich analysis and permit correlation between internal and external threat data.