Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

3/29/2021
12:20 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

McAfee MVISION Cloud Native Application Protection Platform Now Generally Available

McAfee MVISION Cloud Native Application Protection Platform offers an integrated platform to secure cloud native applications with a risk-based application and data context.

SAN JOSE, Calif. – March 29, 2021 – McAfee today announced the general availability of McAfee MVISION Cloud Native Application Protection Platform (CNAPP), a new security service designed to secure cloud native applications. MVISION CNAPP delivers consistent data protection, threat prevention, governance, and compliance throughout the cloud-native application development lifecycle for container and OS-based workloads

To accelerate their digital transformation journey, enterprises are leveraging the agility and innovation velocity offered by cloud-native applications hosted across private, public and hybrid clouds. Enterprises also want to unleash their developer talent to build and deploy secure applications. To do so, these enterprises need a comprehensive security platform with a simplified architecture; one that enables them to reduce the cost and complexity of point security products.

“Enterprise cybersecurity programs need to evolve to secure a growing footprint of cloud-native applications and infrastructure, a sentiment shared by 88 percent of respondents who participated in research recently completed by ESG,” said Doug Cahill, vice president and group director of ESG’s cybersecurity practice. “To do so, 73 percent of organizations cited a preference for a consolidated set of the controls based on an integrated platform for breadth of coverage and depth of functionality.”

McAfee MVISION CNAPP is the industry’s first platform that brings application and data context to converge Cloud Security Posture Management (CSPM) for public cloud infrastructure, and Cloud Workload Protection Platform (CWPP) to protect applications distributed across virtual machines, compute instances and containers. MVISION CNAPP provides five key capabilities:

  1. Deep Discovery: MVISION CNAPP provides frictionless deep discovery of all workloads, data, and infrastructure, prioritize security risk, based on misconfigurations, software vulnerabilities and sensitive data.
  2. Shift Left: MVISION CNAPP protects against configuration drift and provides automated assessment across virtual machines, containers, and developer pipelines.
  3. Workload Protection: MVISION CNAPP introduces a new light weight agent to support ephemeral workloads. Includes application allow listing, workload hardening, integrity monitoring, and detection of anomalous behavior to access true application risk.
  4. In-tenant Data Loss Prevention (DLP) Scanning: MVISION CNAPP enables local scan of data without the need for enterprises to move data outside their tenant, facilitating cost optimization, increased security, and data privacy.
  5. MITRE ATT&CK Framework for Cloud: MVISION CNAPP empowers the Security Operations Center (SOC) by mapping cloud native threats to the MITRE ATT&CK Framework for Cloud. 

“Enterprises want to leverage the innovation and velocity offered by the public cloud, in conjunction with their private data centers, while enabling a consistent security posture,” said Shishir Singh, chief product officer, McAfee. “Now generally available, MVISION CNAPP delivers an integrated platform to secure modern cloud native applications to accelerate enterprise digital transformation journey.”

“Legendary Entertainment is a cloud-first organization leveraging the public cloud,” said Dan Meacham, vice president, Global Security, for Legendary Entertainment. “We harness the power of the public cloud and cloud-native applications as we collaborate across the world, while minimizing the security risk. We prefer a single unified security platform to implementing separate point products for each security capability required. MVISION CNAPP provides security teams deep insight into service configurations for our multi-cloud usage, industry benchmarks to better assess our data and application security risk, as well as provide an integrated workload protection tool to improve security across our entire application lifecycle.”

For more information, register for McAfee’s webinar titled, “ESG Top Trends: How to Secure Cloud Native Applications,” which will take place today at 11:00 AM PT.

Additional Resources:

About McAfee

McAfee is the device-to-cloud cybersecurity company. Inspired by the power of working together, McAfee creates consumer and business solutions that make the world a safer place. www.mcafee.com

 

###

 

McAfee technologies’ features and benefits depend on system configuration and may require enabled hardware, software, or service activation. No computer system can be absolutely secure. McAfee® and the McAfee logo are trademarks of McAfee, LLC or its subsidiaries in the United States and other countries. Other marks and brands may be claimed as the property of others.

 

McAfee Contact: 

Tracy Holden

[email protected]

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27394
PUBLISHED: 2021-04-16
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.19), Mendix Applications using Mendix 8 (All versions < V8.17.0), Mendix Applications using Mendix 8 (V8.12) (All versions < V8.12.5), Mendix Applications using Mendix 8 (V8.6) (All versions <...
CVE-2020-9667
PUBLISHED: 2021-04-16
Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker could exploit this to to plant custom binaries and execute them with System permissions. Exploitation of this issue requires user interaction.
CVE-2020-9668
PUBLISHED: 2021-04-16
Adobe Genuine Service version 6.6 (and earlier) is affected by an Improper Access control vulnerability when handling symbolic links. An unauthenticated attacker could exploit this to elevate privileges in the context of the current user.
CVE-2020-9681
PUBLISHED: 2021-04-16
Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker could exploit this to rewrite the file of the administrator, which may lead to elevated permissions. Exploitation of this issue requires user interaction.
CVE-2021-26830
PUBLISHED: 2021-04-16
SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows remote attackers to access the database or delete the plugin. This is accomplished via the `ID` input field of ajax.php in the `Pugin library - delete` module.