the future of endpoint integrated threat defense with insights...unique cloud services 20% of files...
TRANSCRIPT
The future of endpoint – Integrated threat defense with insights
Robert Lourenco – Regional presales SecOps specialist
2McAFEE CONFIDENTIAL
CISOs Struggle with One or More Strategic Priorities
Risk & Resiliency Automation & Efficacy
80% of cloud traffic is cloud
to cloud
2,000unique cloud services
20%of files in the cloud
contain sensitive data
2,000misconfigurations per month
Transformation
$600BAnnual cybercrime
costs globally
24months (CISO tenure)
40% of orgs have 25+ tools
39%manually collect feeds
27%spend most time
fighting fires
93%unable to triage all relevant
threats
4McAFEE CONFIDENTIAL
McAfee Endpoint Major TimelinesA history of excellence and innovation
1971 20061987 20182013 2014
Creeper / Reaper
2019
First AV
1987
Avert LabsFirst Global Emergency
Response Team
1999
EPO
Site Advisor
Sandboxing
DXL
Insights
MVISION
2018
EDR
2015
McAfee ENSNext Gen Endpoint Protection
5McAFEE CONFIDENTIAL
The endpoint security market history
Started with Antivirus
Then added HIPS functionality
Then more advanced HIPS functions like exploit prevention and memory protection
Web control modules
Host based firewalls
6McAFEE CONFIDENTIAL
The current market
Full endpoint security featuring – malware protection with ML/AI, Fileless protection, containment capabilities, AMSI
Reputation databases
Integration fabrics
Sandboxing
EDR
7McAFEE CONFIDENTIAL
Future of endpoint technologies
Single agent single UI
Detection and response capabilities to security incidents not just file based malware
Investigating security incidents and threat hunting
SaaS offerings for simplicity and low cost maintenance
Threat sharing and Insight driven analytics
McAfee – securing the device to cloud
9McAFEE CONFIDENTIAL
Major Announcements and Innovations in the last 18 Months…
CASB ConnectA first-and only-of-its-kind
service to rapidly secure any
cloud application via a self-
serve API framework
2018
An enterprise SaaS version
of our ePO orchestration
solution
Get ahead of modern
threats with AI-guided
investigations
SIEM: ESM 11
A new data architecture
optimized for scalability,
performance, faster search, &
collaboration
Data protection, threat
prevention, and
continuous compliance
across SaaS, PaaS and
IaaS
AWS Security
Competency
First and only CASB to
achieve AWS Security
Competency and Well-
Architected designation
Database
Security
Real-time protection for DB
workloads migrated to
Amazon RDS
Microsoft Teams
MVISION Cloud is the first
and only CASB to extend
data visibility and control
capabilities to Microsoft
Teams
2018
MVISION Cloud first CASB to
integrate with and deliver
consistent capabilities across
AWS, Azure and Google
Multi-cloud
2019
McAfee Acquires
NanoSec
Container security for the
cloud.
McAfee Acquires
Uplevel Security
Data analytics company using
graph theory and machine
learning
10McAFEE CONFIDENTIAL
MVISION
Cloud
Data and workload protection across the entire cloud spectrum —SaaS, PaaS, and IaaS
environments.
A cloud-native portfolio family that protects data and stops threats, from device to cloud
MVISIONMVISION
Endpoint
Advanced augmented defense for Windows
10 with a unified management experience.
MVISION
ePO
A dramatically simple cloud-based SaaS
management service.
MVISION
Mobile
Central management and defense of IOS and Android “just like any
other device.”
MVISION
EDR
Powerful threat
detection and
response—simplified.
Simple. Flexible. Comprehensive. Fast. Everywhere.
10
McAfee Confidential
11McAFEE CONFIDENTIAL
12McAFEE CONFIDENTIAL
EDR
Telemetry driven analytics
Endpoint Defense Future – Convergence of EPP/EDR
Endpoint Advanced Protect
EndpointThreat Defense
Endpoint Flexible Protect
13McAFEE CONFIDENTIAL
14McAFEE CONFIDENTIAL
The capacity to gain an accurate and deep intuitive understanding. Telemetry from 1 Billion
sensors deployed globally.
Alert when a customer is being
targeted or a campaign is active
in the region with guidance on
what to do about it.
Customer Report with IOCs of
known campaigns, geographics,
and if there are any indicators of
the threat in your environment.
Am I being targeted? Are known campaigns impacting me?
Insights
These products and services are in development. All information provided herein is subject to change without notice at McAfee’s sole discretion.
15McAFEE CONFIDENTIAL
Region
Security Posture
Distinct Threat Analysis
Human Machine Teaming
Compares.Assess.
Prioritizes.
Potential attack alert
Industry
Mvision EDR
17McAFEE CONFIDENTIAL
EDR must evolve – analyst reports May 2019
• Today, many EDR solutions are focused on providing investigation capabilities to the most sophisticated SOC analysts, a focus that hasn’t proven effective or scalable
Negative consequences
Positive outcomes
• EDR products that enable triage by junior analysts through guided investigation open this superior level of detection to many markets that were previously unable to benefit from this technology.
Empower Security Analysts Through Guided EDR Investigation
18McAFEE CONFIDENTIAL
McAfee’s Approach to EDRFaster resolution with higher fidelity
Respond
Validate
High Confidence
Gather Data / Assess / ScopeDynamic, Guided Investigation
Alert
Analytics
Data/Context
Data
Hunting
ESM
19McAFEE CONFIDENTIAL
20McAFEE CONFIDENTIAL
21McAFEE CONFIDENTIAL
Advanced, Integrated Defenses; A Sustainable Framework for the Future
▪ Enhanced native OS controls with Application, Memory,
Script containment and protection
▪ Integrated EDR and endpoint for prevention, detection
and containment
▪ Guided investigations
▪ Easy, intuitive insights for corrective actions
▪ Cloud delivered enterprise endpoint protection
Summary
Learn more by visiting: Booth #P3
All information provided here is subject to non-disclosure agreements. It is for informational purposes only and should not be deemed an offer by McAfee or create an obligation on
McAfee. McAfee reserves the right to discontinue products at any time, add or subtract features or functionality, or modify its products, at its sole discretion, without notice and
without incurring further obligations. McAfee and the McAfee logo are trademarks of McAfee, LLC in the U.S. and/or other countries. *Other names and brands may be claimed as the
property of others.
© 2018 McAfee, LLC