McAfee Advanced Threat Analysis
Home — PartnersMcAfee — McAfee Advanced Threat Analysis

Advanced threat analysis for every environment. Integrated sandboxing and analysis tools are just the start. See how these technologies can drive stronger threat protection and response. McAfee Advanced Threat Analysis solutions from McAfee identify sophisticated malware and convert threat information into action and protection. These solutions optimize existing security investments by enhancing detection with advanced malware inspection techniques, including in-depth static code analysis and machine learning that improve sandboxing capabilities and broaden detection of highly camouflaged, evasive threats. Tight integration between McAfee Advanced Threat Analysis solutions and other McAfee products lowers costs and reduces the time between detection and correction, converting malware identifications into protection to thwart similar attacks. Flexible deployment options support every network — physical, virtual, and cloud. Optimize security investments — broaden detection of integrated solutions and automatically update protections against newly discovered threats to thwart similar attacks.

Detect sophisticated malware and automate protection and investigation workflows to correct and recover post attack. McAfee Advanced Threat Analysis provides in-depth static code analysis that enhances behavioral malware analysis and sandboxing capabilities to detect hidden, evasive threats. This unparalleled analysis generates both summary reports that help you understand the scope of an attack and prioritize actions, and highly detailed reports with analyst grade data on malware. Unlike traditional sandboxes, it provides multiple analysis engines to broaden detection and expose evasive threats. A key component of the McAfee security platform, McAfee Advanced Threat Analysis is tightly integrated with other McAfee solutions — from network to endpoint — enabling immediate sharing of threat intelligence across the entire infrastructure to enhance zero day threat protection, reduce time from detection to containment, and aid investigation to remediate post attack.

McAfee Advanced Threat Analysis

Advanced malware analysis and detection. The combination of in-depth static code and dynamic analysis (malware sandboxing) provides increased zero day threat protection against advanced attacks, especially those that use sandbox evasion techniques. Balance protection and performance. Additional detection engines, including signatures, reputation, and real-time emulation, reduce the number of files requiring more resource intensive malware sandbox analysis and enhance analysis speed. Flexible, centralized deployment. Deployment flexibility with virtual and physical appliances meets organizations’ growing and diverse needs. Centralized analysis supports multiple protocols and acts as a shared resource among Intel Security solutions, simplifying deployment and scalability. Integrated advanced threat detection. Enhancing protection from network edge to endpoint. Advanced targeted attacks are designed to defeat security systems through approaches that either confuse or evade defenses.

Cloud Threat Detection

This convenient cloud service plugs into existing McAfee solutions to identify advanced malware and automate protection. With the efficiencies of a cloud based solution, you can easily take advantage of significant compute horsepower to operate an array of the latest analysis techniques to enhance detection and optimize existing security investments. Numerous features support investigation, including extensive unpacking, interactive mode, sample submission to multiple virtual environments, and unparalleled indicators of compromise (IoC) data that produces summary reports for action prioritization and analyst grade data on malware. Security components operate as one. Tight integration reduces time from encounter to containment and protection from advanced threats, enables efficient alert management, and maintains throughput and policy enforcement. Support for OpenIOC and STIX, two open standards for indicators of compromise and threat intelligence output, further enhances integration.
McAfee Advanced Threat Analysis

Endpoint Protection

Find and resolve threats in seconds. McAfee Active Response V2.0 exposes the unknown in seconds by tracing process behavior and then providing immediate context, via the cloud, to quickly convict and resolve threats. Reduce dwell times through real-time visibility, live investigations, and timelines. Use single click correction to immediately remediate threats across a single endpoint or entire organization. McAfee Complete Endpoint Threat Protection replaces McAfee Complete Endpoint Protection — enterprise.

Stop threats before they reach the endpoint. Seamless integration with McAfee Web Gateway provides inline file emulation for suspicious web traffic. The cloud assisted edge defense analyzes the actual behavior of internet code and files to deliver pervasive endpoint protection both on and off the corporate network. McAfee Complete Endpoint Protection Business provides a number of technologies to meet the needs of business customers. McAfee by Intel Complete Endpoint Threat Protection — provides advanced defenses that prevent, contain, and take action against zero day threats and sophisticated attacks.

Network Security

Deeper inspection. Better threat protection. Malware is becoming more complicated, covert, and clever. Your advanced, zero day threat protection solution needs to be as cunning as advanced targeted threats. McAfee Next-Generation Firewall (NGFW) and McAfee Firewall Enterprise are now part of Forcepoint. Reduce investigation time from days to minutes. Numerous features support investigation, including extensive unpacking, interactive mode, sample submission to multiple virtual environments, and unparalleled indicators of compromise (IoC) data that produces summary reports for action prioritization and analyst grade data on malware.

Security components operate as one. Tight integration reduces time from encounter to containment and protection from advanced threats, enables efficient alert management, and maintains throughput and policy enforcement. Support for OpenIOC and STIX, two open standards for indicators of compromise and threat intelligence output, further enhances integration. McAfee Network Security Platform is a next generation intrusion prevention system (IPS) that redefines how organizations block advanced threats.

Protection And Encryption

Safeguard data and stay compliant with McAfee enterprise data protection solutions. McAfee Complete Data Protection Suites and McAfee by Intel Data Loss Prevention (DLP) solutions provide multilayered protection for data regardless of where it resides — on the network, in the cloud, or at the endpoint. Encryption options include enterprise grade drive encryption or management of native encryption.

As a part of McAfee’s Security Connected framework, enterprise data protection solutions are fully integrated with McAfee ePolicy Orchestrator software, which unifies and simplifies data security management. McAfee Complete Data Protection Advanced — block unauthorized access to your sensitive information and prevent exfiltration — anytime, anywhere. Strong encryption, DLP, policy driven security, management of Apple FileVault and Microsoft BitLocker native encryption, and data protection for cloud storage combine with a centralized management platform in our most robust data protection suite. McAfee Complete Data Protection — enable data protection with drive, file, folder, removable media encryption, and data protection for cloud storage

Server Security

McAfee Server Security Suite Essentials provides instant discovery and control for protecting physical, virtual, and cloud deployments. McAfee Server Security Suite Essentials allows foundational cloud workload and server protection, including optimized antivirus and intrusion prevention. Obtain single pane manageability — get complete end to end visibility across all servers and cloud workloads. Optimize antivirus protection for virtualized environments — choose one solution that works across multiple hypervisors or an agentless option for VMware vCloud Networking and Security and NSX.

McAfee Server Security Suite Advanced the most comprehensive cloud workload and server protection. McAfee Server Security Suite Advanced includes optimized antivirus and intrusion prevention along with advanced whitelisting to protect against zero day threats and change control to meet regulatory requirements. Get Full Visibility Into AWS and Azure see the infrastructure, workloads, traffic, threats, and a security posture assessment of AWS and Azure security groups.