This blog was written by Brian Dye.
The escalation and sophistication of cyber threats is very real. So are the challenges associated with having too many siloed security tools. Rather than compounding complexity and inefficiency by using products that don’t work in unison or communicate with each other, McAfee made a fundamental shift in how we engineer solutions, moving from point products to integrated systems that deliver better security outcomes.
Protect, detect and correct are better together
As Candace Worley suggested in her blog last fall, some things are simply better together! Integrating the threat defense builds the best protection possible, finds and contains advanced threats, and rapidly remediates them, while adapting to do a better job blocking the next threats. Quite simply, organizations with integrated security are 30%1 better protected.
Automating the Threat Defense Lifecycle helps eliminate routine tasks, enables faster new hire onboarding, and frees your strongest talent to tackle your hardest problems.
At the endpoint, McAfee provides this advantage through our new solution – Dynamic Endpoint Threat Defense. This multi-stage solution outsmarts even the savviest cyber threats and emerging malware, including ransomware. By leveraging the cloud dynamically to drive threat detection and analysis, and automating the Threat Defense Lifecycle, it shortens the window of vulnerability and makes it easier for endpoint administrators to focus on critical tasks.
Integrated, multi-stage protection improves efficacy
Not only is Dynamic Endpoint the only solution built on a connected platform, it’s also unique in the way it provides pre- and post-execution analysis powered by proven machine learning (Real Protect), greyware containment (Dynamic Application Containment) and native endpoint detection response (Active Response). This solution uniquely addresses the entire Threat Defense Lifecycle with a single agent and console. It allows multi-stage protection to share insight as it stops malware across each stage:
- Before it reaches the endpoint
- Before it executes
- While it executes
- After it executes
McAfee Labs tested ENS 10.5, with Real Protect, vs ENS 10.2, and demonstrated a 34% higher detection rate. Most importantly, our tests confirmed its ability to stop zero-day malware, like ransomware, and secure the endpoint BEFORE the threat can infect the host. The advantage is further illustrated by private third-party real world testing conducted by AVTest showing perfect efficacy scores in 3 consecutive rounds.
Beyond the initial test results, customers are also sharing their enthusiasm for the new solution.
“Not only does ENS handle the ‘commodity’ threats that can significantly occupy team resources, it now gives us even stronger advanced threat detection, protection and visibility.” – Large Manufacturer
ENS 10.2 has had the fastest endpoint adoption in history
Even simple upgrades are no small task for large organizations. However, since the release of Endpoint Security (ENS) 10.2 in August 2016, we have seen more than 2.5 million nodes already migrated, including a full 100K+ node environment. This rapid adoption represents the fastest adopted endpoint release in McAfee’s history. With over 80% of our installed base already on ENS-ready ePO versions, and more than half engaged in planning and deployment, we anticipate the adoption record being shattered during 2017.
For those interested in migrating to ENS 10.2 or 10.5, we’ve created a migration assistant to educate and aid customers while they migrate their data to the new platform. Automatic migration can create new policies and client tasks based on your current product settings and automatically assign them to groups and managed systems. For more information on migrating, visit www.mcafee.com/movetoens.
Native EDR closes the window of vulnerability
Built on the same connected architecture, using the same agent, and same ePO management console, Dynamic Endpoint includes endpoint detection and response (EDR) capabilities. Instantly, you have all the information necessary to detect, convict and remediate a threat in seconds rather than days or weeks. Using one-click actions, it’s possible to delete a malicious file from a single endpoint or across the entire organization; or, immediately update protection across all connected components based on the insight from the investigation.
“Active Response 2.0 definitely saves time. The modern workspace makes remediation much faster. Specifically, the speed to search, gather information on a threat and take action is done in mere minutes.” – Large Bank
Dynamic Endpoint breaks security silos to create a closed-loop system
Unlike other security vendors, McAfee provides a connected platform with integrated tools delivering better protection while preserving the most valuable resource – time. Our Dynamic Endpoint integrates with other McAfee products as well as third-party products through DXL, the industry’s leading (now open source!) threat sharing infrastructure. This allows users to automatically adapt defenses to stay ahead of emerging threats, using a connected infrastructure prepared for the future, rather than merely layering components.
Dynamic Endpoint Threat Defense is an integral part of McAfee’s core strategy, which was introduced at FOCUS ’16. Just as I emphasized in the Automating the Threat Lifecycle blog last year, we are committed to using integration, automation and orchestration to help users address more threats, faster, with fewer resources. Join us, and see for yourself!
1Penn Schoen Berland. Research on behalf of McAfee, 2016
Brian Dye is Corporate Vice President and General Manager of Corporate Products at McAfee.