What we do

At McAfee Labs Advanced Threat Research (ATR), our goal is to identify and illuminate a broad spectrum of threats in today's complex landscape. ATR researchers are responsible for research in nearly every vertical of threat, including those targeting banking, retail, medical, and other industries. We have experts in vulnerability and threat research who find and report critical vulnerabilities in popular hardware and software and who use a global network of endpoints to track malware campaigns as well as the nation-states and malicious actors behind them. These findings are fed back into the solutions that ultimately power McAfee’s products.

McAfee Advanced Threat Research Lab

The Advanced Threat Research Lab provides our researchers access to state-of-the-art hardware and equipment targeting the discovery, exploitation, and responsible disclosure of critical vulnerabilities. The lab also showcases demos of research projects, such as attacks against medical devices, cars, and more.

Watch Video


August 2019 Threats Report

This edition highlights the significant investigative research and trends in threats statistics and observations in the threat landscape gathered by the McAfee Advanced Threat Research and McAfee Labs teams in Q1 2019.

Read Report

Research spotlight

HVACking: Understanding the Delta Between Security and Reality

McAfee ATR investigated a major building controller and discovered a critical, zero-day vulnerability.

Read Blog

Avaya Deskphone: Decade-Old Vulnerability Found in Phone's Firmware

McAfee ATR investigated the Avaya 9600 series IP desk phone and uncovered a remote code execution (RCE) vulnerability.

Read Blog

Clop Ransomware

McAfee ATR explains the technical details on how this new ransomware family works.

Read Blog

RDP Security Explained

McAfee ATR shares actionable insights to secure Remote Desktop Protocol (RDP).

Read Blog

McAfee ATR Aids in Arrest of Suspected Cybercriminal

McAfee ATR aids the Dutch National High-Tech Crime Unit (NHTCU) to arrest an individual suspected of building and selling a criminal toolkit.

Read Blog

Industry research

The ATR team continually conducts leading-edge research into the threats that impact a variety of industries. Below are a few of the key areas we are currently focused on. They will be updated as new research is released.


ATR investigates the attack surfaces in autonomous vehicles as well as the machine learning algorithms and physical-to-digital attacks related to them.

SCADA & Industrial Control Systems

ATR investigates multiple areas of SCADA and ICS implementations, including human machine interface (HMI) software, programmable logic controllers (PLCs), and network protocols, such as MODBUS, ICCP, and others.

Healthcare & Medical Devices

Our research explores medical devices, networks, protocols, and security practices to help healthcare organizations innovate securely.

Software-defined Radio

Our research looks at radio frequency, including near-field-communications (NFC and RFID) and wireless transmissions to determine potential impacts to network and proximity devices.

Enterprise Software

By discovering and disclosing these critical vulnerabilities in the world’s most popular software, the ATR team continuously reduces the overall attack surface for one of the most attractive targets for cybercriminals.

Consumer Electronics

Our researchers look for vulnerabilities in consumer devices to identify threats and guide manufacturers toward more secure products, reducing the potential for attackers to gain access to home or business networks.

News & events

Check out the ATR team in the news and at various security conferences around the world.