McAfee Threat Intelligence Exchange

McAfee Threat Intelligence Exchange

Adaptive threat prevention

Next Steps:

Overview

McAfee Threat Intelligence Exchange delivers a cohesive framework where security products collectively pinpoint threats and act as a unified threat defense system providing security resilience and immunity to infections. Threat Intelligence Exchange significantly optimizes threat prevention by narrowing the gap from encounter to containment from days, weeks, and months down to milliseconds.

Apply the power of knowledge — Threat Intelligence Exchange makes it possible for administrators to easily tailor comprehensive threat intelligence from multiple intelligence data sources. This customization empowers administrators to assemble, override, and tune the intelligence source information so that they can modify protection for their environment and organization.

Orchestrate in real time — Threat Intelligence Exchange is the first solution to use the McAfee data exchange layer, a bidirectional communications fabric enabling security intelligence, and adaptive security through product integration simplicity and context sharing. The data exchange layer (DXL) supports the automatic configuration of products, reducing errors and eliminating effort to lower implementation and operational costs of integration.

Supercharge existing endpoint protection — Threat Intelligence Exchange provides breakthrough endpoint protection, using McAfee VirusScan Enterprise to make accurate file execution decisions. Endpoints will also be protected based on malware detected by network gateways, while network gateways block access based on endpoint convictions.

SIEM tools are key to improving incident response

Read SANS Report

Advanced targeted attacks: It takes a system

Read White Paper

Features & Benefits

Comprehensive threat intelligence

McAfee Threat Intelligence Exchange makes it possible for administrators to easily tailor comprehensive threat intelligence from global data sources, such as McAfee Global Threat Intelligence (GTI) and third-party feeds, with local threat intelligence sourced from real-time and historical event data coming from endpoints, gateways, and other security components.

Immediate visibility into the presence of advanced targeted attacks

The McAfee data exchange layer enables security components to dynamically join the McAfee Threat Intelligence Exchange. Shared insights bring deeper awareness of the threats targeting an organization. Attacks are discovered through the endpoints, gateways, and other security components united in providing real-time surveillance.

Proactive threat protection

Threat details collected from malware encounters at endpoints and network gateways can propagate through the data exchange layer in milliseconds, educating all security components to proactively immunize against newly detected threats.

Unmatched operational effectiveness lowers security cost of ownership

While increasing security resiliency, security cost of ownership is lowered by extending existing McAfee security detection, prevention, and analytic technology investments to proactively and efficiently protect your organization as soon as a threat is revealed.

System Requirements

McAfee Threat Intelligence Exchange consists of the following components:

  • McAfee Threat Intelligence Exchange Server 1.0
  • McAfee Data Exchange Layer Client 1.0
  • McAfee Threat Intelligence Exchange Module 1.0 for VSE

Additional requirements for McAfee Threat Intelligence Exchange include:

  • McAfee Endpoint Protection
    • McAfee VirusScan Enterprise 8.8, Patch 4 with Hotfix 929019
  • McAfee Security Management
    • McAfee ePolicy Orchestrator 5.1.1
  • Virtualization Infrastructure
    • VMWare ESXi 5.1.0 and above (McAfee Threat Intelligence Exchange Server is a hardened virtual appliance delivered as an OVA that is pre-configured with 16 GB of RAM and 8CPU)

Videos

Videos

McAfee Threat Intelligence Exchange integrates, automates, and simplifies to decisively reduce TCO and optimize enterprise security. It eliminates complexity, provides instantaneous speed, and illuminated knowledge that can lower operating costs while streamlining protection and response ― all while freeing valuable security team resources.

Resources

Data Sheets

McAfee Threat Intelligence Exchange

For a technical summary on the McAfee product listed above, please view the product data sheet.

Infographics

Connected Security Yields Smarter Defenses

Stop emerging threats with applied knowledge — everywhere, instantly.

Reports

SANS Analytics and Intelligence Survey

This paper explores the use of analytics and intelligence today and exposes the impediments to successful implementation. Organizations that are deploying analytics and intelligence properly are experiencing faster response and detection times, as well as greater visibility. However, many are confused about how to integrate and automate their intelligence collection processes.

Solution Briefs

McAfee Threat Intelligence Exchange and Endpoint Protection

McAfee Threat Intelligence Exchange and McAfee Advanced Threat Defense work together to provide enterprises with automated, adaptive threats response, which reduces time-to-containment of malicious files. The moment a file is convicted, the entire security infrastructure is informed and updated immediately, providing greatly enhanced visibility and control, from endpoint to network.

Abuse of Trust

Attackers prey upon the institution of trust in many ways, with exploiting unsuspecting victims the primary pursuit. Learn how McAfee security technology can help protect against attacks seeking to abuse the trust your company has in its day-to-day operations.

McAfee Enterprise Security Manager and McAfee Threat Intelligence Exchange

There’s no doubt that organizations face significant challenges protecting their intellectual property and critical assets from the emerging threats that target their environments. This solutions brief highlights how McAfee® Enterprise Security Manager and McAfee Threat Intelligence Exchange work together to provide organizations with exactly what they need to fight today’s advanced threats.

Security in Unison

McAfee Threat Intelligence Exchange and McAfee Advanced Threat Defense work together to provide enterprises with automated, adaptive threat response, which reduces time-to-containment of malicious files. The moment a file is convicted, the entire security infrastructure is informed and updated immediately, providing greatly enhanced visibility and control, from endpoint to network.

White Papers

SANS White Paper: Be Ready for a Breach with Intelligent Response

How do we get more visibility into attacks across our environments, improve our response, and reduce response time? The solution is automating functions that should be automated and connecting the dots between detection systems and response. Connecting these dots and applying intelligence provides responders rich context into the observed behaviors for taking action. Integrating these processes improves accuracy, while reducing time, manpower, and costs involved in detecting and managing events. This white paper explores how to achieve this.

Advanced Targeted Attacks: It Takes a System

Adaptive intelligence and real-time communications orchestrate protection in the McAfee Security Connected Platform.

Community

Blogs

  • Five Easiest Ways to Get Hacked – Part 1
    Carric Dooley - February 23, 2015

    A conversation with principal security consultant Amit Bagree. I had the opportunity recently to sit down with Amit Bagree, one of our principal security consultants, for a chat about the most common weak points in network security. Amit has been breaking things apart since childhood, has been working in the security field for almost 10 […]

    The post Five Easiest Ways to Get Hacked – Part 1 appeared first on McAfee.

  • You’re Under Attack! Eight Ways to Know for Sure
    Karl Klaessig - February 23, 2015

    The parade of breaches, attacks and various other digital maladies hitting corporations in 2014 made it clear that default, out-of-the-box compliance and security isn’t enough to protect organizations. But the nature of advanced persistent threats (APTs), and other forms of malware, makes it difficult to find an investment that can keep the next threat from […]

    The post You’re Under Attack! Eight Ways to Know for Sure appeared first on McAfee.

  • Cyberespionage: You’re Not Paranoid, Someone Is Spying on Your Company
    Michael Sentonas - February 19, 2015

    It’s time for all of your counter-espionage tools to work together. By now you, your peers, and your board should have accepted that cyberespionage is real, active, and not going away. Whether it is a customer or competitor, country or criminal, someone wants to know a lot more about you. They could be looking for […]

    The post Cyberespionage: You’re Not Paranoid, Someone Is Spying on Your Company appeared first on McAfee.

  • Microsoft Patch Tuesday – February 2015
    PageOne Pr - February 12, 2015

    Hello everyone, This is Greg Blaum again with the Microsoft Patch Tuesday newsletter for February 2015. The month Microsoft released a total of nine (9) security updates. For this month, three (3) of these are rated Critical, which Microsoft terms as a vulnerability whose exploitation could allow code to execute without any user interaction. These […]

    The post Microsoft Patch Tuesday – February 2015 appeared first on McAfee.

  • We Tried the NIST Framework and It Works
    Kent Landfield - February 11, 2015

    By Kent Landfield, Director of Standards and Technology Policy, Intel Security, and Malcolm Harkins, Chief Security and Privacy Officer at Intel When the Administration released the Framework for Improving Critical Infrastructure Cybersecurity (the Framework) on February 12, 2014, many of us at Intel and Intel Security were familiar with the details, as we had participated […]

    The post We Tried the NIST Framework and It Works appeared first on McAfee.

Threats and Risks