Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

2/26/2013
10:27 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

McAfee Acquires LynuxWorks

Adds ValidEdge sandboxing technology to portfolio

SAN FRANCISCO--(BUSINESS WIRE)--RSA CONFERENCE – McAfee today announced that it has acquired from LynuxWorks, Incorporated, the ValidEdge sandboxing technology that identifies sophisticated, hard-to-detect malware, to broaden its anti-malware portfolio and further strengthen the McAfee Security Connected approach. McAfee also announced more than 30 malware-focused product enhancements that will extend the company's lead in comprehensive malware protection.

The acquired technology provides advanced threat detection by running suspected malware in a "sandbox" and learning what impact a suspected malware sample will have on an endpoint. This new technology further strengthens McAfee's current anti-malware offerings that have been proven as best in class at identifying day zero attacks.

Unlike other sandboxing solutions, this new technology, when integrated with McAfee's other network and endpoint anti-malware products, will automatically block future attacks by convicted malware samples. It will also provide signature information so that already infected endpoints can be remediated automatically by McAfee ePolicy Orchestrator (McAfee ePO). McAfee plans to deliver the first product that integrates the new sandboxing technology in the second half of 2013.

A single point product cannot deliver comprehensive malware protection. The only way to effectively combat the onslaught of malware threats now numbering close to 100,000 per day1 is through an integrated, end-to-end, holistically-managed approach to security. To support that comprehensive approach, McAfee has made over 30 significant anti malware product enhancements including the following:

McAfee Network Security Platform - Adds new "signature-less" threat detection and prevention technologies, strong botnet prevention, deep file analysis, and a powerful anti-malware engine capable of detecting advanced malware across a full range of protocols and file types. It also adds intelligent alert prioritization to automatically prioritize network events and improve integration with McAfee ePO and McAfee Enterprise Security Manager, making use of real-time information so operators have the full context of an attack, at the precise time of the attack.

McAfee Web Protection –– Now expands emulation capabilities to identify advanced malware that dynamically changes in the browser in an attempt to avoid detection. It also adds a new outbound detection technique that reveals bot infections attempting to receive additional malicious code. Expanded reporting capabilities include actionable reporting to help reduce attack vulnerability by simplifying the blacklisting process across McAfee ePO-connected products.

McAfee Email Protection - Can be deployed on-premise, in the cloud, and now as an integrated combination of both with a single pane of glass architecture, reducing cost and increasing efficiency while blocking malware away from the network. Also adds graymail filtering to improve employee productivity.

McAfee Enterprise Security Manager – Active integration with ePolicy Orchestrator, Network Security Platform and McAfee Vulnerability Manager automates quarantine, scan, and policy command execution – turning actionable intelligence into intelligent action.

McAfee Real Time for ePO – Announced earlier this month, this new product enables security decisions based on "what is" versus "what was" by querying and identifying every compromised endpoint in an organization in seconds in order to remediate those endpoints. It dramatically increases situational awareness and reduces exposure, risk, and cost of security.

McAfee Deep Defender – Provides protection against master boot record (MBR) rootkits. Any driver attempting to write or read a MBR is now monitored through Deep Defender, which operates beyond the OS and is enabled by hardware-enhanced security with Intel. It prevents MBR rootkits from modifying the MBR in real-time.

"According to our research, 59% of enterprise security professionals believe that they have been targeted by an advanced persistent threat," said Tony Prigmore, senior analyst, Enterprise Strategy Group. "An integrated approach that includes network, endpoint, threat intelligence, and other security aspects is needed to help thwart advanced threats."

McAfee's comprehensive malware protection is based on the McAfee Security Connected platform, which helps customers improve security posture, optimize security for greater cost effectiveness, and align security strategically with business initiatives. McAfee is taking an orchestrated approach to protect against malware by intelligently applying the best technologies at the right time and in the right place to thoroughly analyze and respond to suspicious files, web sites, email messages, and networks. Best-of-breed approaches and competitive solutions either create security loopholes or cause unnecessary business delays.

"McAfee has been investing in technology to help our customers protect against malware for 20 years," said Pat Calhoun, senior vice president and general manager of network security at McAfee. "We are now extending our lead in malware protection by continuing to invest in new products and product enhancements. Point products can't provide adequate protection against these advanced attacks, which is why McAfee is delivering an integrated, multi layered, managed solution that provides comprehensive malware protection across endpoints and networks."

For more information visit www.mcafee.com/cmp.

About McAfee

McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), empowers businesses, the public sector, and home users to safely experience the benefits of the Internet. The company delivers proactive and proven security solutions and services for systems, networks, and mobile devices around the world. With its Security Connected strategy, innovative approach to hardware-enhanced security, and unique Global Threat Intelligence network, McAfee is relentlessly focused on keeping its customers safe. http://www.mcafee.com

- See more at: http://www.rsaconference.com/events/2013/usa/for-media/sponsor-news.htm#sthash.kakSFQk1.dpuf

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
Unreasonable Security Best Practices vs. Good Risk Management
Jack Freund, Director, Risk Science at RiskLens,  11/13/2019
Breaches Are Inevitable, So Embrace the Chaos
Ariel Zeitlin, Chief Technology Officer & Co-Founder, Guardicore,  11/13/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-13581
PUBLISHED: 2019-11-15
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A heap-based buffer overflow allows remote attackers to cause a denial of service or execute arbitrary ...
CVE-2019-13582
PUBLISHED: 2019-11-15
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A stack overflow could lead to denial of service or arbitrary code execution.
CVE-2019-6659
PUBLISHED: 2019-11-15
On version 14.0.0-14.1.0.1, BIG-IP virtual servers with TLSv1.3 enabled may experience a denial of service due to undisclosed incoming messages.
CVE-2019-6660
PUBLISHED: 2019-11-15
On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service.
CVE-2019-6661
PUBLISHED: 2019-11-15
When the BIG-IP APM 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.4.1, or 11.5.1-11.6.5 system processes certain requests, the APD/APMD daemon may consume excessive resources.