Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

4/21/2015
01:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

INTEL EMPOWERS ORGANIZATIONS TO RECOGNIZE AND RESPOND TO CYBER-ATTACKS

Intel Extends and Integrates Enterprise Portfolio with Greater Network and Endpoint Visibility and Control; Provides New Solutions for Application Layer Exfiltration Protection

News Highlights:

·         New integrations with Intel® Security’s Data Exchange Layer enhance organizations’ abilities to share real-time reputation and data classification information between Intel Security and partner products

·         McAfee® Next Generation Firewall 5.9 provides greater network visibility and data exfiltration prevention through Endpoint Intelligence Agent (EIA)

·         McAfee Email Protection 7.6.4 now integrates with Enterprise Security Manager to share and correlate potential evidence of phishing and indicators of attack

·         McAfee Enterprise Security Manager 9.5 adds threat management and leverages new features in McAfee Advanced Threat Defense 3.4.4 to offer advanced analytics and standards support

·         Intel Security further extends security capabilities to the public cloud with the launch of McAfee Public Cloud Server Security Suite

·         Intel Security and Ericsson collaborate to jointly make managed security solutions available to operators

RSA Conference, SAN FRANCISCO, Calif. — April 21, 2015 — Today, Intel Security announced multiple product portfolio enhancements that provide organizations greater visibility into security incidents, stronger controls to prevent data exfiltration, and cloud and partner integrations that ease the management of their security environment. Together, these developments improve the integration and communication between individual solutions, strengthen organizations’ abilities to comprehend the state of their security environment, and speed up their ability to determine and take action with the appropriate response to security incidents.

Enterprise Strategy Group recently reported that security professionals are inundated with security incidents, averaging 78 investigations per organization in the last year, with 28% of those involving targeted attacks – the most damaging and challenging cyber-attacks to detect and mitigate. Many of the survey respondents indicated that they lack the ability to fully comprehend the state of their security environment, with 41% of organizations desiring a better understanding of user endpoint behavior and 37% calling for greater visibility into network behavior. Nearly half (47 percent) specifically noted that determining the impact or scope of a security incident takes up valuable time especially when they must sort unthreatening events from genuine cyber-attacks.

“Attackers will always have the advantage as long as they have unlimited opportunities to determine which tactics are effective, while defenders struggle to  understand the nature of what is confronting them,” said Chris Young, Senior Vice President and General Manager of Intel Security Group. “To shift the advantage from attackers to defenders, we need to dramatically re-think how we see, understand, and respond to security events, allowing defenses to adapt at least as fast as attackers adapt their tactics.”

Enabling Security Connected with the Data Exchange Layer

Intel Security’s Data Exchange Layer (DXL) ecosystem marks a new era in security where all components come together to work as a single cohesive system, regardless of vendor or underlying architecture. The DXL is an ultra-fast, bidirectional communications fabric that enables information and context sharing between any connected security technologies.

Updated solutions from Intel Security and new integrations from Security Innovation Alliance partners, TITUS, ForeScout and CloudHASH Security, now offer even greater protection speed and precision. New McAfee Web Protection 7.5.2 now has the ability to share threat data for more comprehensive detection of web attacks. McAfee Data Loss Prevention (DLP) Endpoint 9.3.5 now shares local threat data, acting in real time to prevent data loss. Integrations between McAfee Threat Intelligence Exchange and McAfee Enterprise Security Manager can also identify any managed endpoint that has previously accessed or executed files that have been identified as malicious.

McAfee Web Protection 7.5.2 and McAfee DLP Endpoint 9.3.5 will be available in the second quarter of 2015. For more information, visit:  https://blogs.mcafee.com/business/building-and-using-your-network-of-informants

McAfee Enterprise Security Manager 9.5 is currently available. For more information, visit:  https://blogs.mcafee.com/business/intelligent-actionable-integrated

 Expanding the Security Connected Ecosystem for Granular Visibility into Endpoint Activity

Working to build its ever-expanding ecosystem of threat defenses, Intel Security announced the latest version of McAfee Next Generation Firewall, which leverages granular endpoint contextual and process-related information via McAfee EIA. McAfee Next Generation Firewall 5.9 offers network and security administrators highly accurate control of endpoint application communications in association with user identities. Businesses will benefit from automated prevention of data breaches initiated from endpoints, and faster remediation of threats through real-time sharing of network and endpoint intelligence.

McAfee Next Generation Firewall 5.9 will be available later this year. For more information, visit:  https://blogs.mcafee.com/business/your-network-security-diagnosis

Uncover Compromise through Correlation of Threat Information

A secure email gateway collects a trove of information that can be extremely valuable for security teams in their processes of threat investigation and incident response.  Information about the files that are received, URLs seen, IP addresses of email senders and the identity of the recipients can all be useful. To take advantage of that valuable data, the new version of McAfee Email Protection 7.6.4 now integrates with Enterprise Security Manager to share and correlate potential indicators of compromise, and help reduce their time to containment and more reliably uncover the scope of a breach.

To help security operations teams more easily identify, scope, and contain incidents, McAfee Enterprise Security Manager now also offers a cyber-threat manager that can consume and interpret third-party threat feeds, as well as correlate threat intelligence with rich payload data revealed by McAfee Advanced Threat Defense (ATD). ATD produces Structured Threat Information eXpression (STIX) – formatted details on malware contents, which ESM interprets alongside other data to better understand malware intent and guide responses, such as hunting past activity, blacklisting malicious IP addresses, and adding the data to watch lists and correlations to continuously monitor for new interactions.

Expanding Security into the Public Cloud

As cloud adoption and infrastructure as a service continue to grow in popularity and gain traction in the market, companies using these services need to take steps to secure the guest operating systems and above within these infrastructures. McAfee Public Cloud Server Security Suite, uniquely addresses the need to achieve an added level of security for these cloud infrastructures by providing greater visibility, protection and control to secure the Guest OS and above of public cloud workloads. Automated operations provide the same level of agility and scale as the cloud servers, and the solution is priced by the hour. Integrated communications share threat information and file reputation scores across all connected endpoints, for faster reactions to emerging attacks.

McAfee Public Cloud Server Security Suite is available for download from AWS Marketplace. For more information, visit:  https://blogs.mcafee.com/business/building-secure-castles-in-the-cloud

Together with long standing and strategic Intel Security partner, InfoReliance, Intel Security is also offering McAfee Public Cloud Server Security Suite as a paid, direct listing on AWS Marketplace.  For more information, visit AWS Marketplace McAfee Public Cloud Server Security listing

Intel Security Collaborates with Ericsson to Bring Managed Security to Telecom Operators

Intel Security and Ericsson have announced a collaboration to make managed security solutions available for telecom operators to bundle with the existing enterprise service offerings. Combining Ericsson’s managed services expertise, global delivery capability and network security expertise with Intel Security’s broad portfolio of consumer and enterprise security solutions will enable enterprises to efficiently strengthen their security posture.

By supporting networks that connect more than 2.5 billion subscribers and carry more than 40 percent of the world’s mobile traffic, Ericsson is helping to realize a truly Networked Society. Together with Intel Security, Ericsson aims to make it easier for telecom operators to support their enterprise clients in protecting valuable intellectual property, data, devices and identities.

For more information on Ericsson’s collaboration with Intel Security, visit:  Ericsson Press and/or https://blogs.mcafee.com/business/intel-security-and-ericsson-managed-security-services

Intel Security can be found at North Expo, booth #N3705 at the RSA Conference in San Francisco.

About Intel Security

McAfee is now part of Intel Security. With its Security Connected strategy, innovative approach to hardware-enhanced security, and unique Global Threat Intelligence, Intel Security is intensely focused on developing proactive, proven security solutions and services that protect systems, networks, and mobile devices for business and personal use around the world. Intel Security is combining the experience and expertise of McAfee with the innovation and proven performance of Intel to make security an essential ingredient in every architecture and on every computing platform. The mission of Intel Security is to give everyone the confidence to live and work safely and securely in the digital world.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27132
PUBLISHED: 2021-02-27
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
CVE-2021-25284
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
CVE-2021-3144
PUBLISHED: 2021-02-27
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
CVE-2021-3148
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
CVE-2021-3151
PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...