McAfee Threat Intelligence Exchange

McAfee Threat Intelligence Exchange

Adaptive threat prevention

Next Steps:

Overview

McAfee Threat Intelligence Exchange delivers a cohesive framework where security products collectively pinpoint threats and act as a unified threat defense system providing security resilience and immunity to infections. Threat Intelligence Exchange significantly optimizes threat prevention by narrowing the gap from encounter to containment from days, weeks, and months down to milliseconds.

Apply the power of knowledge — Threat Intelligence Exchange makes it possible for administrators to easily tailor comprehensive threat intelligence from multiple intelligence data sources. This customization empowers administrators to assemble, override, and tune the intelligence source information so that they can modify protection for their environment and organization.

Orchestrate in real time — Threat Intelligence Exchange is the first solution to use the McAfee data exchange layer, a bidirectional communications fabric enabling security intelligence, and adaptive security through product integration simplicity and context sharing. The data exchange layer (DXL) supports the automatic configuration of products, reducing errors and eliminating effort to lower implementation and operational costs of integration.

Supercharge existing endpoint protection — Threat Intelligence Exchange provides breakthrough endpoint protection, using McAfee VirusScan Enterprise to make accurate file execution decisions. Endpoints will also be protected based on malware detected by network gateways, while network gateways block access based on endpoint convictions.

Discover how to stay ahead of threats with SIEM intelligence

Register for Webcast

Advanced targeted attacks: It takes a system

Read White Paper

Features & Benefits

Comprehensive threat intelligence

McAfee Threat Intelligence Exchange makes it possible for administrators to easily tailor comprehensive threat intelligence from global data sources, such as McAfee Global Threat Intelligence (GTI) and third-party feeds, with local threat intelligence sourced from real-time and historical event data coming from endpoints, gateways, and other security components.

Immediate visibility into the presence of advanced targeted attacks

The McAfee data exchange layer enables security components to dynamically join the McAfee Threat Intelligence Exchange. Shared insights bring deeper awareness of the threats targeting an organization. Attacks are discovered through the endpoints, gateways, and other security components united in providing real-time surveillance.

Proactive threat protection

Threat details collected from malware encounters at endpoints and network gateways can propagate through the data exchange layer in milliseconds, educating all security components to proactively immunize against newly detected threats.

Unmatched operational effectiveness lowers security cost of ownership

While increasing security resiliency, security cost of ownership is lowered by extending existing McAfee security detection, prevention, and analytic technology investments to proactively and efficiently protect your organization as soon as a threat is revealed.

System Requirements

McAfee Threat Intelligence Exchange consists of the following components:

  • McAfee Threat Intelligence Exchange Server 1.0
  • McAfee Data Exchange Layer Client 1.0
  • McAfee Threat Intelligence Exchange Module 1.0 for VSE

Additional requirements for McAfee Threat Intelligence Exchange include:

  • McAfee Endpoint Protection
    • McAfee VirusScan Enterprise 8.8, Patch 4 with Hotfix 929019
  • McAfee Security Management
    • McAfee ePolicy Orchestrator 5.1.1
  • Virtualization Infrastructure
    • VMWare ESXi 5.1.0 and above (McAfee Threat Intelligence Exchange Server is a hardened virtual appliance delivered as an OVA that is pre-configured with 16 GB of RAM and 8CPU)

Videos

Videos

McAfee Threat Intelligence Exchange integrates, automates, and simplifies to decisively reduce TCO and optimize enterprise security. It eliminates complexity, provides instantaneous speed, and illuminated knowledge that can lower operating costs while streamlining protection and response ― all while freeing valuable security team resources.

Resources

Data Sheets

McAfee Threat Intelligence Exchange

For a technical summary on the McAfee product listed above, please view the product data sheet.

Infographics

Connected Security Yields Smarter Defenses

Stop emerging threats with applied knowledge — everywhere, instantly.

Reports

ESG Report: Tackling Attack Detection and Incident Response

This report examines organizations’ security strategies, cyber-attack environments, incident response challenges and needs. A survey found that security professionals are inundated with security incidents and struggle with timely identification and resolution of targeted attacks. A lack of visibility into user and network activity, shortage of investigative skills and experience, and poor security analytics capabilities are key factors in slowing organizations’ response to incidents.

SANS Analytics and Intelligence Survey

This paper explores the use of analytics and intelligence today and exposes the impediments to successful implementation. Organizations that are deploying analytics and intelligence properly are experiencing faster response and detection times, as well as greater visibility. However, many are confused about how to integrate and automate their intelligence collection processes.

Solution Briefs

McAfee Threat Intelligence Exchange and Endpoint Protection

McAfee Threat Intelligence Exchange delivers innovative endpoint protection with a system that adapts and learns from threat encounters, and immediately neutralizes emerging attacks.

Abuse of Trust

Attackers prey upon the institution of trust in many ways, with exploiting unsuspecting victims the primary pursuit. Learn how McAfee security technology can help protect against attacks seeking to abuse the trust your company has in its day-to-day operations.

McAfee Enterprise Security Manager and McAfee Threat Intelligence Exchange

There’s no doubt that organizations face significant challenges protecting their intellectual property and critical assets from the emerging threats that target their environments. This solutions brief highlights how McAfee® Enterprise Security Manager and McAfee Threat Intelligence Exchange work together to provide organizations with exactly what they need to fight today’s advanced threats.

Security in Unison

McAfee Threat Intelligence Exchange and McAfee Advanced Threat Defense work together to provide enterprises with automated, adaptive threat response, which reduces time-to-containment of malicious files. The moment a file is convicted, the entire security infrastructure is informed and updated immediately, providing greatly enhanced visibility and control, from endpoint to network.

White Papers

Securosis: Applied Threat Intelligence

One of the most compelling uses for threat intelligence is helping to detect attacks earlier. Examining for attack patterns identified via threat intelligence in your security monitoring and analytics processes shortens the window between compromise and detection. This Securosis white paper focuses on how to use threat intelligence to improve your ability to detect, prevent, and investigate attacks.

SANS White Paper: Be Ready for a Breach with Intelligent Response

How do we get more visibility into attacks across our environments, improve our response, and reduce response time? The solution is automating functions that should be automated and connecting the dots between detection systems and response. Connecting these dots and applying intelligence provides responders rich context into the observed behaviors for taking action. Integrating these processes improves accuracy, while reducing time, manpower, and costs involved in detecting and managing events. This white paper explores how to achieve this.

Advanced Targeted Attacks: It Takes a System

Adaptive intelligence and real-time communications orchestrate protection in the McAfee Security Connected Platform.

Community

Blogs

  • Franchising Ransomware
    Vincent Weafer - July 2, 2015

    Got a great business idea? Want to expand with less risk? Build a good product, develop some training, put them together into a repeatable formula, and collect the royalties from your franchisees. This model, used successfully for everything from fast food to hair salons to tax preparation, is now available for criminal ransomware. Cybercriminals have […]

    The post Franchising Ransomware appeared first on McAfee.

  • Beat the Ticking Clock Against Emerging Threats
    Paul Zimski - July 1, 2015

    In order to beat todays advanced threats, your security defense system relies on good communication. However, when your security posture is dependent on a slew of different products from a spread of vendors, communication can break down. This breakdown in communication means you’re losing valuable time in detecting cyberthreats. To address this communication breakdown, there […]

    The post Beat the Ticking Clock Against Emerging Threats appeared first on McAfee.

  • Securing Critical Infrastructure
    Lorie Wigle - July 1, 2015

    Protecting the Industrial Internet of Things from cyberthreats is a national priority.  Industrial automation and control systems are increasingly online, sending out information and receiving commands from local and remote control centers and corporate data systems. Technologies in this Industrial Internet of Things (IIoT) have tremendous potential to improve operations, reduce costs, enhance safety, increase […]

    The post Securing Critical Infrastructure appeared first on McAfee.

  • Cyber Resilience And Spear Phishing
    Mo Cashman - June 29, 2015

    Balanced security capability, defense in depth, integrated countermeasures, and a threat-intelligence strategy are critical to defending your business from spear-phishing attacks. Spear phishing continues to be the most successful means of gaining entry to an enterprise network and to valuable business or personal data. According to the latest Verizon Data Breach Investigations Report, two-thirds of […]

    The post Cyber Resilience And Spear Phishing appeared first on McAfee.

  • Government Agencies Should Turn to CDM During 30-Day Sprint
    Tom Gann - June 29, 2015

    The fallout from the OPM breach continues with news that clearance information may have been stolen and that more than 10 million federal employee records may have been breached. In response, the White House has ordered every agency to engage in a “30 day sprint” to shore up and bolster their defensive cybersecurity capabilities. During […]

    The post Government Agencies Should Turn to CDM During 30-Day Sprint appeared first on McAfee.

Threats and Risks