This group is chartered to:
* Respond to critical outbreaks by providing incident response and forensics specialties, as well detailed "root cause" analysis
* Leverage the in-depth analysis performed everyday by the security experts within McAfee to further serve customers and partners * Provide detailed vulnerability analysis of malware samples * Drive vulnerability discoveries throughout McAfee and its partners to ensure quick patch creation by the vendors affected
The primary functions of the group entail two service offerings: McAfee Internet Response and McAfee Vulnerability Search. These emergency response services provide customers with immediate help to questions such as:
* Am I infected with an advanced persistent threat? * Are the intruders still present in my environment? * Have they accessed or stolen sensitive intellectual property?
The group was formed as a way to help customers better protect themselves from threats such as Operation Aurora. As part of its ongoing research into the details of Operation Aurora, McAfee has discovered that intellectual property repositories were a common target. McAfee researchers are performing ongoing analysis of software configuration management products, which have been found to contain numerous default security weaknesses including:
* Unencrypted traffic between client and server * Unencrypted usernames and passwords * Weak session management including cookie spoofing vulnerabilities * Unauthenticated user, group, and server enumeration * World readable data files
"The hacking community has evolved. Gone are the days of hackers breaking into networks for fun or notoriety," said Stuart McClure general manager of the McAfee Risk and Compliance Business Unit. "Organizations today are experiencing targeted attacks with the goal of sensitive information stealing, and eventually financial gain. McAfee is now giving customers access to immediate help to better protect themselves."
Many organizations don't have a plan in place to diagnose an incident and take actions to protect themselves should a security breach occur. While McAfee has proactive security solutions which block most attacks, it's unrealistic to think that companies have installed all the security controls to prevent every possible incident. Having an incident response program in place allows organizations to respond quickly and minimize damage and downtime when attacks and exploits occur.
For more information on the McAfee incident response services, visit www.mcafee.com/911.
About McAfee, Inc.
McAfee, Inc., headquartered in Santa Clara, California, is the world's largest dedicated security technology company. McAfee is committed to relentlessly tackling the world's toughest security challenges. The company delivers proactive and proven solutions and services that help secure systems and networks around the world, allowing users to safely connect to the Internet, browse and shop the web more securely. Backed by an award-winning research team, McAfee creates innovative products that empower home users, businesses, the public sector and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. http://www.mcafee.com
NOTE: McAfee is a registered trademark or trademark of McAfee, Inc. or its subsidiaries in the United States and other countries. Other marks may be claimed as the property of others. The product plans, specifications and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied.