McAfee extends detection and response

Cloud-native MVISION XDR offers actionable intelligence to manage attack lifecycles before and after an attack leveraging endpoint, network and third party telemetry.

  • 3 years ago Posted in

McAfee has introduced MVISION Extended Detection and Response (XDR) with inclusion of Cloud, and network telemetry, unifying and optimising threat detection and response beyond endpoints to allow for faster, more proactive investigation cycles, easier, automated response and continued modernisation of today’s security operations centres (SOC).

 

According to Enterprise Strategy Group[1] research, more than 80 percent of organisations are planning increased investment in threat detection and response solutions, affirming the heightened need to safeguard against today’s crowded threat landscape. Specifically, more than two-thirds of organisations surveyed expect to make an XDR investment in the next 6-12 months and nearly half (48 percent) would be willing to replace individual controls with integrated XDR solutions.

 

“Organisations can no longer afford ineffective disparate threat and response tools and context,” said Jon Oltsik, senior principal analyst, Enterprise Strategy Group. “With XDR, we are seeing an opportunity to take the SOC as we know it to the next level – moving from operating in a time and resource intense reactive manner with existing, disparate tools to using a comprehensive and integrated XDR solution that can not only proactively predict mal-activity, but also help drive faster remediation decisions with automation.”

 

“Security teams are struggling to replace reactive, manual and time-consuming investigation processes to combat more sophisticated and more frequent attacks – all while trying to decrease the cost and complexity of overall management,” said Shishir Singh, chief product officer, McAfee. “MVISION XDR provides proactive and actionable context across key vectors to simplify, accelerate and automate threat validation and response across the enterprise thereby making the most of SOC resources and mitigating potential disruption to the business.”

 

Gartner, Inc., research2 states, “XDR offerings are a natural evolution of endpoint detection and response (EDR) platforms, which have become a primary incident response tool for security teams. The primary value propositions of an XDR product are to improve security operations productivity and enhance detection and response capabilities by including more security components into a unified whole that offers multiple streams of telemetry, presenting options for multiple forms of detection and concurrently enabling multiple methods of response.”

 

With MVISION XDR now available, McAfee is directly improving the SOC experience. By granting analysts greater control and a more comprehensive view of threat context beyond the endpoint, they can save time and act more deliberately with a better understanding of threats – before they occur or incur damage. MVISION XDR provides:

 

  • Proactive and Actionable Intelligence: The included MVISION Insights helps to proactively prioritise threats, implement countermeasures and prescribe the right actions to be taken.
  • AI-Guided Investigations: Simplify investigations across sophisticated threat campaigns with AI-guided investigations, MITRE ATT&CK mapping and real-time hunting.
  • Cloud threat integration: Provides context for web activity and a more comprehensive overview of an attack, including improving visibility of any additional vectors of access or command of control.
  • Network telemetry prioritisation: Offers a better understanding of network threats by automatically correlating with curated threats for improved prioritisation and determination of counter measures to take.
  • SOC Infrastructure Optimisation: Maximise return on SOC investment by integrating with existing SOC Infrastructure like ticketing systems and Secure Orchestration Automation Response (SOAR) tools for more efficient automation and faster mitigation.

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...