Embedded Security Software & Solutions

Securing the world’s embedded systems and devices

Next Steps:


McAfee embedded security solutions help manufacturers ensure their products and devices are protected from cyberthreats and attacks. McAfee embedded system and device security solutions span a wide range of technologies, including application whitelisting, anti-virus and anti-malware protection, device management, and encryption — and all leverage the industry-leading McAfee Global Threat Intelligence. Our solutions can be tailored to meet the specific design requirements for a manufacturer’s embedded device and its architectures.

With McAfee solutions for embedded devices, manufacturers can implement a complete line of security features, including:

  • Anti-malware protection — McAfee’s application whitelisting solutions prevent malware from ever compromising and infecting embedded devices. 
  • Comprehensive threat awareness and analysis — Where devices need to access the Internet and communicate across networks, McAfee’s robust Global Threat Intelligence ensures that the traffic coming across the network is safe for devices to use. 
  • Strong data encryption — When devices need to communicate securely, McAfee embedded security software protects data at rest and in motion. 
  • Streamlined device management — Easily monitor, manage, and maintain large, globally dispersed deployments of embedded devices. 
  • Compliance with federal and industry regulations — Ensure devices fall within the various compliance and regulatory frameworks. 
  • Data loss prevention — Ensure the highest levels of protection for sensitive data on devices.

Protect critical infrastructure and industrial controls

Read White Paper

Challenges and best practices for securing POS systems

Read Report

Security that’s built-in not bolted on

McAfee Embedded Control

Read White Paper

Problems We Solve

  • Lack of zero-day protection
    Hackers and cyberthieves create and release more unique and virulent malware than ever before, so it is critical to secure embedded systems with solutions that prevent zero-day attacks. McAfee’s whitelisting solution is a wholly new approach to solve security threats on embedded devices.
  • Unauthorized software changes on production devices
    Unapproved changes to all types of embedded devices and equipment can lead to costly system shutdowns as well as create exposure to data loss, unanticipated loss of device control, and various regulatory fines and penalties. Application whitelisting and change control can help prevent these problems and boost device security.
  • High partner support costs related to device security problems
    Unauthorized changes to devices can cause device manufacturers to spend resources resolving system errors and malfunctions. Robust change control features on devices help ensure that support trucks don’t have to be sent out to customers’ facilities.
  • Frequent, costly OS patching
    New security vulnerabilities are discovered and published to the Internet every day. This makes it difficult for manufacturers and their customers to ensure devices are safe and secure from the most recent exploits. With embedded security software such as application whitelisting, manufacturers can lock down the runtime environment and help prevent costly OS patching cycles.
  • High field maintenance costs tied to unauthorized changes
    When unauthorized changes occur to software running expensive equipment (e.g., large medical devices like CT and PET scanners, or automated, robotic manufacturing equipment), both the device manufacturer and the customer can experience significant financial impact. For manufacturers, sending a technician to the customer site to resolve the problem is not only costly but also potentially damaging to the brand and product reputation. Whitelisting and change control security solutions from McAfee ensure these expensive, unauthorized changes never occur in the first place.
  • Meeting PCI compliance requirements
    Retail sales devices used to process customer transactions often require strict adherence to a series of PCI requirements. Application whitelisting and change control help device manufacturers and their customers who use these devices in their stores obtain and maintain PCI compliance.
  • Resource intensive, multiple security device solutions for security and compliance
    Companies often deploy multiple lines of defense from multiple security vendors, but updating and maintaining this complex web of cyberdefenses is challenging. Changing the businesses approach to embedded device security yields substantial cost reduction while improving a company’s security posture. Using a whitelisting approach can dramatically decrease a company’s complex security systems and achieve increased protection against malicious zero-day attacks.
  • System unavailability due to unauthorized changes
    When expensive manufacturing, medical, and financial systems go down due to unauthorized system changes, companies can experience significant financial loss as well as customer dissatisfaction. Designing embedded system security into manufacturers’ devices upfront yields significant benefits for both the device manufacturer as well as the customers that leverage these systems.

Devices We Secure

McAfee technologies support a growing number of embedded devices across multiple industries. With a flexible, open architecture, McAfee security solutions for embedded systems and devices can be customized for your requirements.

  • Aerospace/Defense: Secure communications systems, robotic controls, guidance systems, avionics, targeting and control systems, and wireless networking.  
  • Automotive: Guard sensors, robotics, system to system, telematics, infotainment systems, wireless communications, and networking. 
  • Digital Living: Ensure televisions and home networked devices remain malware-free. 
  • Gaming: Safeguard hand-held gaming devices and gambling kiosks. 
  • Industrial Controls: Protect values, sensors, monitors, robots and robotic systems, communication systems, and networking systems.  
  • Medical: Safeguard pumps, monitors, communications, networking, diagnostics, testing, and scanning systems. 
  • Retail/Point of Sale/Digital Signage: Protect ATMs, registers, point-of-sale systems, kiosks, networked devices, wireless communication systems, digital displays, and lighting. 


Supported Systems


  • Intel
  • AMD
  • Power PC

Operating Systems

  • Windows
  • Linux
  • Wind River Linux
  • Android



This demo details how McAfee Embedded Control helps protect ATMs, registers and other retail systems and devices protected with built-in application whitelisting, change control, and integrated security management.

This demo explains how McAfee Embedded Control helps keep devices secure and operational with built-in application whitelisting, change control, and integrated security management for various industries.

This demo explains how McAfee Antivirus SDK and McAfee Embedded Reputation SDK help keep the data flow within communication devices secure.

This demo explains how McAfee Embedded Control helps keeps office devices secure and operational with built-in application whitelisting, change control, and integrated security management.


McAfee, Intel and WindRiver Collaborate on IoT The Internet of Things (IoT) offers new opportunities for businesses of all sizes and across virtually all industries to develop new services, enhance productivity, improve real-time decision making, solve critical problems and create new consumer experiences. As new devices become connected every day that use various operating systems collect a variety of data, companies are challenged with addressing fragmentation, interoperability and intelligence at the edge. To address these challenges, the McAfee Embedded team is working with Intel and Wind River to deliver a comprehensive hardware and software strategy to unlock the data from the device through the network to the cloud.

Embedded Security at Design West Conference 2013Security Architect Mike Cioffi discusses why Embedded Security is critical and what solutions McAfee offers in this space.

Embedded Security for Medical DevicesLearn about McAfee’s approach and implementation strategy to embedded security on medical devices. Technologies featured include: Embedded Control and McAfee DeepCommand.

Protect Your Printers from Security Breaches and Data ThreatsMcAfee and Xerox have teamed up to provide McAfee's Embedded Control enabled on the latest Xerox multi-functional printers to protect your printers from security breaches and threats to confidential data.

Securing Embedded Systems in RetailFeaturing Mike Cioffi at IDF 2012.

Cyber Security for Medical DevicesFeaturing Tony Magallanez at IDF 2012.

Intel and McAfee Combining Technology to Protect Smart GridsThis video shows how McAfee and Intel combine systems and technologies to seamlessly manage and protect smart grids through intelligent networks, preventing unauthorized access and allowing for a fail-over capability if a breach occurs.

Medical Device Security Demo with McAfee, Intel, and Wind RiverThis demo from the 2011 Intel Developer Forum shows how technologies from Intel, Wind River, and McAfee work together to secure medical devices. The device is protected with McAfee Embedded Control, McAfee's whitelisting technology.

Driving Security Down the Stack
George Kurtz, McAfee chief technology officer, gives a keynote presentation at the RSA Conference 2011.

McAfee - Wind River Partnership
Ken Klein, president of Wind River, discusses the key elements of the partnership with McAfee.

Customer Stories

Grass Valley

Grass Valley, a provider of broadcasting solutions, adds whitelisting and change control technology to its media servers to block malware, advanced persistent threats, and zero-day attacks.

  • Protects against viruses and other known threats as well as zero-day and advanced persistent threats.
  • Provides robust protection in an environment in which performance without latency is critical.
  • Requires minimal to no administration, maintenance, or updates.


This provider of solutions that optimize IBM environments added McAfee Embedded Control scanning engine into its StandGuard antivirus product.

  • Virus protection across all platforms.
  • McAfee Labs research enables global, real-time protection.
  • McAfee brand and reputation help sales efforts.


Application Whitelisting

McAfee Embedded Control
McAfee Embedded Control

McAfee Embedded Control focuses on solving the problem of increased security risk arising from the adoption of commercial operating systems in embedded systems. Embedded Control is a small-footprint, low-overhead, application-independent solution that provides “deploy-and-forget” security.

Embedded Device Management

McAfee ePolicy Orchestrator (ePO)
McAfee ePolicy Orchestrator (ePO)

McAfee ePolicy Orchestrator (ePO) is a key component of the McAfee Security Management Platform and the only enterprise-class software provide unified management of endpoint, network, and data security. With end-to-end visibility and powerful automations that slash incident response times, McAfee ePO software dramatically strengthens protection for embedded devices and drives down the cost and complexity of managing risk and security.

Global Threat Intelligence

McAfee GTI SDK powered by McAfee Global Threat Intelligence
McAfee GTI SDK powered by McAfee Global Threat Intelligence

McAfee Global Threat Intelligence (GTI) delivers the most comprehensive threat intelligence in the market. Using a broad network of sensors, it provides visibility across all threat vectors — file, web, message, and network. The McAfee® GTI SDK is a software library that provides an API for obtaining ratings of the trustworthiness of email messages, IP addresses, network connections, and URLs. Those ratings can be are typically integrated by an Embedded device manufacturer directly into their products, typically used to provide protection of data passing through their device.

News / Events


Data Sheets

McAfee 5800 Scan Engine and .DATs

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee Endpoint Protection for OEMs

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee Embedded Control

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee Embedded Reputation SDK

For a technical summary on the McAfee product listed above, please view the product data sheet.


Maintain Security for XP Systems

Learn about how application whitelisting can maintain security for Microsoft Windows XP systems no longer supported by Microsoft.

Maintain PCI Retail Compliance for Systems No Longer Supported

Learn about how to maintain PCI retail compliance for systems no longer supported.


Store Systems Security: Preparing for the Paradigm Shift

McAfee and IHL Group surveys retailers on their top concerns for POS System Security.

Retail Reputations: A Risky Business

As a consumer, you can research products, find out about return policies, general pricing, or service issues, but there’s one important piece of information missing—can you trust the retailer’s security and how they protect your information?

Embedded Security for an IP-Enabled World

Forrester discusses how embedded security will be expected to secure data, devices, and networks.

Solution Briefs

Intel Security and Siemens Healthcare Form Healthcare Cybersecurity Partnership

Intel Security and Siemens Healthcare have partnered to design and build medical devices that protect vital healthcare data and patient information—without hindering performance. Siemens Healthcare products—such as Ultrasound System Security—now integrate Intel Security technologies creating safe and reliable medical devices. 

KIOSK and Intel Security Offer the Enhanced Security Suite

Kiosks offer consumers convenience and drive lower costs for deployers, but they are also on the frontline of a new cyberattack environment outside the perimeter of corporate networks. With Enhanced Security Suite, Intel Security and KIOSK Information Systems have joined forces to provide advanced security and compliance protection to self-services devices. Now you can secure and differentiate your self-service platform while addressing today’s most pressing customer issues.

Securing the Internet of Things

The Internet of Things (IoT, or Internet-connected smart devices) is rapidly changing the way we live and the way we do business. McAfee is working closely with OEMs to address the expanding security requirements of IoT devices for every layer—devices, connections, the cloud, and data centers.

Intel Security & Empathy: Improve Retail Payment Security

Securing business-to-consumer retail transactions is an ongoing battle. Recent breaches at US retailers Home Depot and Target Stores highlight the serious risks, including the loss of consumer confidence, trust, and satisfaction. In addition to alienating customers, retailers that suffer a security breach may face tough scrutiny by the press, regulatory bodies, and investors. To date, most payment-system OEMs have relied on retailers—who often have limited IT and security resources—to secure their devices. Forward-thinking OEMs are seizing this opportunity and differentiating their products by designing advanced security capabilities into their devices. Discover how payment-system OEM Empathy has partnered with Intel Security to solve this pressing issue.

Intel Gateway Solutions for the Internet of Things

Discover the connectivity and interoperability benefits of intelligent gateways

McAfee Application Control Extends the Life of Legacy Microsoft Windows XP Systems

McAfee Application Control provides an effective way to block unauthorized applications from running and will continue to support Windows XP systems even after Microsoft’s phase-out of support has taken effect.

Security Consideration for Retail Systems OEMs

Helping OEMs and retailers address a wide range of security challenges, Intel and McAfee have developed solutions that take advantage of leading-edge hardware and software technologies.

Technology Blueprints

Securing ATMs

McAfee has integrated application whitelisting with other important controls — file integrity monitoring and change management — into a single “deploy and forget” solution optimized for ATM devices. McAfee Embedded Control provides tight control over attempted changes, as well as broad visibility into changes to ensure that ATM devices remain up and running and free of malware.

White Papers

Automotive Security Best Practices

This white paper discusses security and privacy issues in the next-generation car and how computer attacks are now a clear and present danger for car users, dealers, manufacturers, and suppliers alike. Computer security joins reliability and safety as a cornerstone for consumer confidence and continued success in the automotive industry.

Strengthening Security, Control, and Compliance for Retail OEMs and Their Customers

This white paper provides retail OEMs and their customers with insights into the technologies that are part of the McAfee embedded security solution, along with security, management, and compliance benefits made possible by shipping retail devices with security built in. You’ll learn how this integrated solution goes beyond device protection and extends security across the entire retail environment.

POS Security That Pays Its Own Way

Adding McAfee Integrity Control to your POS solution simply makes your offering more appealing to your retailer customers.

Kiosks: The Point of Service Frontier

This paper explores the self-service kiosk solutions available today and explains how dynamic whitelisting and application control can facilitate not only the strongest security for these systems, but also open the door to potential new business models.

McAfee Embedded Control

Learn how McAfee Embedded Control enhances embedded device integrity, maximizing uptime, reducing support costs, and helping to ensure compliance throughout the lifecycle of your devices.

Increasing Medical Device Security with Mainstream IT Platforms and Technologies

Although not typically the target of cyberattacks, medical equipment can become "collateral damage" in a malware outbreak, or even be the weak link that opens the door to a cyberattack.



  • McAfee Customers Protected from Regin Malware Since 2011
    Raj Samani - December 1, 2014

    Protecting customers take precedence over seeking headlines – this was the title of a recent blog by our very own Christiaan Beek into the priorities of the team.  Yet, within 72 hours we were awoken with news of a recently discovered espionage campaign using a toolkit under the name of Regin. McAfee is aware of […]

    The post McAfee Customers Protected from Regin Malware Since 2011 appeared first on McAfee.

  • Dealing with the Bash Bug
    Raj Samani - September 26, 2014

    By Brad Antoniewicz and Raj Samani Headlines across multiple media outlets are sounding the alarm on a new vulnerability affecting Linux and Unix systems. Nicknamed “Shellshock,” the vulnerability is said by some to have wider reach and impact than the recent Heartbleed vulnerability in April that, by some estimates, affected over million Internet-accessible systems.  For […]

    The post Dealing with the Bash Bug appeared first on McAfee.

  • How Much Are Your Assets Worth?
    Cybermum Australia - September 26, 2013

    Now, if your tax returns are up to date and you have a healthy relationship with a financial planner, I have no doubt you could answer this question in an instant. But what about your other assets? And I am not referring to your children because clearly they are priceless – most of the time!! […]

    The post How Much Are Your Assets Worth? appeared first on McAfee.

  • What is Encryption?
    Robert Siciliano - September 10, 2013

    Encryption is the science of encoding and decoding secret messages.  It began as cryptography—the ancient Greeks used it to protect sensitive information that might fall into the hands of their enemies. More recently, governments have used encryption for military purposes, but these days the term if often used in reference to online security. Encryption is […]

    The post What is Encryption? appeared first on McAfee.

  • Hesperus (Evening Star) Shines as Latest ‘Banker’ Trojan
    Vikas Taneja - September 6, 2013

    Hesperus, or Hesperbot, is a newly discovered banker malware that steals user information, mainly online banking credentials. In function it is similar to other “bankers” in the wild, especially Zbot. Hesperus means evening star in Greek. It is very active in Turkey and the Czech Republic and is slowly spreading across the globe. This sophisticated […]

    The post Hesperus (Evening Star) Shines as Latest ‘Banker’ Trojan appeared first on McAfee.