McAfee Threat Intelligence Exchange

McAfee Threat Intelligence Exchange

Prévention adaptative des menaces

Etapes suivantes :

Présentation

Avec McAfee Threat Intelligence Exchange, vous bénéficiez d'un cadre harmonisé et cohérent au sein duquel l'ensemble des produits de sécurité peuvent identifier les menaces et agir en tant que système unifié de protection offrant résilience et immunité contre les infections. McAfee Threat Intelligence Exchange optimise considérablement la prévention des menaces en réduisant le délai entre la détection et l'endiguement — quelques millisecondes au lieu de plusieurs jours, semaines ou mois.

Exploitation de la connaissance — McAfee Threat Intelligence Exchange permet aux administrateurs d'adapter facilement un large éventail d'informations sur les menaces, issues de divers systèmes et sources de renseignements. Une telle personnalisation leur offre la possibilité de collecter, de remplacer et d'affiner les informations transmises par les sources d'informations afin d'adapter la protection de leur environnement et de leur entreprise.

Orchestration en temps réel — McAfee Threat Intelligence Exchange est la première solution à utiliser la couche d'échange de données McAfee, une structure de communication bidirectionnelle permettant l'emploi d'informations de sécurité et une protection adaptative grâce à une intégration simplifiée des produits et au partage des données contextuelles. La couche d'échange de données permet de configurer automatiquement les produits, limitant ainsi le risque d'erreur et réduisant le coût d'implémentation et d'exploitation associé à l'intégration.

Renforcement de la protection des postes clients existante — McAfee Threat Intelligence Exchange offre une protection révolutionnaire aux postes clients et s'appuie sur McAfee VirusScan Enterprise pour prendre des décisions précises concernant l'exécution des fichiers. Les postes clients sont également protégés en fonction des logiciels malveillants détectés par les passerelles du réseau, lesquelles bloquent l'accès selon les menaces identifiées sur les postes clients.

SIEM tools are key to improving incident response

Read SANS Report

Advanced targeted attacks: It takes a system

Read White Paper

Fonctions et avantages

Renseignements complets sur les menaces

McAfee Threat Intelligence Exchange permet aux administrateurs d'adapter facilement les renseignements sur les menaces transmis par diverses sources de données mondiales, notamment McAfee Global Threat Intelligence (GTI) et d'autres systèmes de collecte d'informations tiers. Ces renseignements sont issus des données d'événements historiques et en temps réel recueillies auprès des postes clients, des passerelles et d'autres composants de sécurité.

Visibilité instantanée sur la présence d'attaques ciblées avancées

La couche d'échange de données McAfee permet aux composants de sécurité de communiquer de façon dynamique avec McAfee Threat Intelligence Exchange. Ces informations partagées apportent une connaissance plus précise des menaces ciblant une organisation. Les attaques sont détectées via les postes clients, les passerelles et d'autres composants de sécurité qui fonctionnent de concert pour assurer une surveillance en temps réel.

Protection proactive contre les menaces

Les informations détaillées sur les logiciels malveillants identifiés sur les postes clients et les passerelles réseau peuvent être propagées via la couche d'échange de données en quelques millisecondes, ce qui permet à tous les composants de sécurité de se protéger proactivement contre les menaces récemment détectées.

Réduction du coût total de possession grâce à une efficacité opérationnelle sans précédent

Parallèlement à une résilience accrue du système de protection, le coût de possession de la sécurité est réduit par l'extension des technologies d'analyse, de prévention et de détection existantes de McAfee dans lesquelles une organisation a déjà investi, afin de lui garantir une protection efficace et proactive dès l'émergence de la menace.

Configuration système requise

McAfee Threat Intelligence Exchange nécessite l'installation des produits suivants :

  • McAfee ePolicy Orchestrator 5.1
  • McAfee Agent 5.0
  • McAfee VirusScan Enterprise 8.8 Patch 4

 

Vidéos

Vidéos

McAfee Threat Intelligence Exchange integrates, automates, and simplifies to decisively reduce TCO and optimize enterprise security. It eliminates complexity, provides instantaneous speed, and illuminated knowledge that can lower operating costs while streamlining protection and response ― all while freeing valuable security team resources.

Ressources

Fiches techniques

McAfee Threat Intelligence Exchange

Pour un compte rendu technique sur le produit McAfee présenté ci-dessus, veuillez consulter la fiche technique correspondante.

Infographics

Connected Security Yields Smarter Defenses (English)

Stop emerging threats with applied knowledge — everywhere, instantly.

Livres blancs

Securosis: Applied Threat Intelligence (English)

One of the most compelling uses for threat intelligence is helping to detect attacks earlier. Examining for attack patterns identified via threat intelligence in your security monitoring and analytics processes shortens the window between compromise and detection. This Securosis white paper focuses on how to use threat intelligence to improve your ability to detect, prevent, and investigate attacks.

SANS White Paper: Be Ready for a Breach with Intelligent Response (English)

How do we get more visibility into attacks across our environments, improve our response, and reduce response time? The solution is automating functions that should be automated and connecting the dots between detection systems and response. Connecting these dots and applying intelligence provides responders rich context into the observed behaviors for taking action. Integrating these processes improves accuracy, while reducing time, manpower, and costs involved in detecting and managing events. This white paper explores how to achieve this.

Advanced Targeted Attacks: It Takes a System (English)

Adaptive intelligence and real-time communications orchestrate protection in the McAfee Security Connected Platform.

Présentations de solution

McAfee Threat Intelligence Exchange and Endpoint Protection (English)

McAfee Threat Intelligence Exchange delivers innovative endpoint protection with a system that adapts and learns from threat encounters, and immediately neutralizes emerging attacks.

Abus de confiance

Attackers prey upon the institution of trust in many ways, with exploiting unsuspecting victims the primary pursuit. Learn how McAfee security technology can help protect against attacks seeking to abuse the trust your company has in its day-to-day operations.

McAfee Enterprise Security Manager and McAfee Threat Intelligence Exchange (English)

There’s no doubt that organizations face significant challenges protecting their intellectual property and critical assets from the emerging threats that target their environments. This solutions brief highlights how McAfee® Enterprise Security Manager and McAfee Threat Intelligence Exchange work together to provide organizations with exactly what they need to fight today’s advanced threats.

Security in Unison (English)

McAfee Threat Intelligence Exchange and McAfee Advanced Threat Defense work together to provide enterprises with automated, adaptive threat response, which reduces time-to-containment of malicious files. The moment a file is convicted, the entire security infrastructure is informed and updated immediately, providing greatly enhanced visibility and control, from endpoint to network.

Rapports

ESG Report: Tackling Attack Detection and Incident Response (English)

This report examines organizations’ security strategies, cyber-attack environments, incident response challenges and needs. A survey found that security professionals are inundated with security incidents and struggle with timely identification and resolution of targeted attacks. A lack of visibility into user and network activity, shortage of investigative skills and experience, and poor security analytics capabilities are key factors in slowing organizations’ response to incidents.

SANS Analytics and Intelligence Survey (English)

This paper explores the use of analytics and intelligence today and exposes the impediments to successful implementation. Organizations that are deploying analytics and intelligence properly are experiencing faster response and detection times, as well as greater visibility. However, many are confused about how to integrate and automate their intelligence collection processes.

Communauté

Blogs

  • Empowering Organizations to Better Recognize and Respond to Cyber-Attacks
    McAfee - avril 21, 2015

    RSA Conference 2015 is here, and with it, groundbreaking innovations in the security space. This year, we’re bringing to the table some major announcements that will help bolster defenses against a cyber threat landscape that is increasing both in size and in complexity. So—how exactly are we shaking up security this year? Here’s a quick […]

    The post Empowering Organizations to Better Recognize and Respond to Cyber-Attacks appeared first on McAfee.

  • Predictive Analytics: The Future Is Now
    Vincent Weafer - avril 16, 2015

    Enhanced analytical capabilities will help organizations better understand how attacks will unfold, and how to stop them in their earliest stages.  Prediction is as old as humankind, as we’ve search for clues to the future. Big data, computer models, and sophisticated algorithms have brought us much closer to accurately predicting things such as actuarial tables, […]

    The post Predictive Analytics: The Future Is Now appeared first on McAfee.

  • Botnet to Cybersecurity: Catch Me If You Can
    Raj Samani - avril 15, 2015

    Tracking and disrupting the crime ring behind a polymorphic botnet.  On April 8, global law enforcement, with the assistance of Intel Security/McAfee, took down the Beebone botnet, which propagates a particularly tricky polymorphic worm. Law enforcement and criminals often act like predators and prey, each evolving and adapting, trying to gain an advantage. A few […]

    The post Botnet to Cybersecurity: Catch Me If You Can appeared first on McAfee.

  • Microsoft Patch Tuesday – April 2015
    PageOne Pr - avril 15, 2015

    Hello everyone, This is Greg Blaum again with the Microsoft Patch Tuesday newsletter for April 2015. The month Microsoft released a total of eleven (11) security bulletins. For this month, four (4) of these are rated Critical, which Microsoft terms as a vulnerability whose exploitation could allow code to execute without any user interaction. These […]

    The post Microsoft Patch Tuesday – April 2015 appeared first on McAfee.

  • RSA Conference 2015: Shaking Up Security
    McAfee Enterprise - avril 14, 2015

    With RSA Conference drawing near, the information security industry is abuzz. In today’s digital, always-on (rather, always-online) world, it is more critical than ever to keep data protection top of mind. RSA Conference provides an open forum for security professionals to do just that, from learning the latest industry trends to exchanging ideas on how […]

    The post RSA Conference 2015: Shaking Up Security appeared first on McAfee.