McAfee Threat Intelligence Exchange
Home — SecurityData Center Network Security Solutions — McAfee By Intel Threat Intelligence Exchange

Shared threat intelligence across multiple security solutions. McAfee Threat Intelligence Exchange optimizes threat detection and response by closing the gap from malware encounter to containment from days, weeks, and months down to milliseconds. This collaborative system operationalizes threat intelligence data in real-time, delivering protection to all points in your enterprise as new threats emerge. Leveraging the McAfee Data Exchange Layer (DXL), instantly share threat data to all your connected security solutions, including third-party solutions. McAfee Threat Intelligence Exchange provides adaptive threat detection on unknown files, resulting in faster time to protection and lower costs. Broader, collective threat intelligence makes accurate file execution decisions and customizes policies based on your risk tolerance level. Gain immediate visibility. Integrated intelligence from multiple sources combined with contextual data from the encounter enable better decision-making to handle never-before-seen and potentially malicious files.

McAfee Threat Intelligence Exchange enables adaptive threat detection and response by operationalizing intelligence across your endpoint, gateway, network, and data center security solutions in real-time. Combining imported global threat information with locally collected intelligence and sharing it instantly, allows your security solutions to operate as one, exchanging and acting on shared intelligence. McAfee Threat Intelligence Exchange narrows the gap from encounter to containment from days, weeks, and months down to milliseconds. McAfee Threat Intelligence Exchange transmits over the McAfee Data Exchange Layer to share information and provide integrated security. Combined inputs from multiple threat information sources are instantly shared with all your connected security solutions, including third-party solutions. Operationalize threat intelligence in real-time. Combine global imported threat information from McAfee Global Threat Intelligence and third parties with locally collected intelligence from your security solutions and share across your network in real-time.

Operationalize Threat Intelligence In Real Time

Now you can combine threat intelligence from imported global sources, such as McAfee Global Threat Intelligence (McAfee GTI), third-party threat information, and shared Indicators of Compromise (IoCs), such as Structured Threat Information eXpression (STIX) files. McAfee Global Threat Intelligence collects local real-time and historical data from endpoints, data center, gateways, your network, and the McAfee Advanced Threat Defense sandboxing solution. This combined global and local threat data is operationalized and shared across your entire security ecosystem in real-time. McAfee Threat Intelligence Exchange makes it possible for administrators to easily tailor comprehensive threat intelligence from global sources, such as McAfee GTI, third-party data and imported STIX files. This is combined with local threat intelligence sourced from real-time and historical event data delivered from endpoints, gateways, sandbox solutions, and other security components.

McAfee Threat Intelligence Exchange

Every shared insight, detected from all locations on your network, encourages deeper awareness in the battle against targeted attacks. Since these threats are laser-focused attacks by design, organizations need a local surveillance system to capture the trends and any unique assaults they encounter. This local contextual data gathered from the encounter, combined with global threat intelligence, enables better decision-making on files that have never previously been seen, resulting in faster time to protection and detection. An unidentified file, encountered anywhere on your network, is evaluated locally by McAfee Threat Intelligence Exchange. Based on convictions, protection is propagated back out to all your systems in real-time. This local threat intelligence is stored for future encounters, meaning that if it is seen again on another device or server, it will no longer be an unknown, but will be immediately detected.

McAfee Cloud Threat Detection

Simplify deployment of advanced threat analysis. With this cloud-based service, provisioning is fast and ongoing maintenance is eliminated as new functionality is transparently implemented. Volume based subscription pricing eliminates cost based barriers to entry, particularly for smaller organizations. Insight from over 25 years of data and over 2 billion files is applied to inspection, expanding detection against evasive and emerging threats and minimizing false positives. McAfee Cloud Threat Detection is a convenient service that plugs into existing McAfee security solutions to detect advanced malware and reveal threats. This cloud service lets you easily access an array of the latest cloud analysis techniques to enhance threat detection and optimize existing security investments. Static analysis engines extract file characteristics while sandboxing, or dynamic analysis, performs behavioral analysis. Each step of the cycle applies the power of Big Data analytics and machine learning to inspection results to detect emerging threats and minimize false positives.
McAfee Threat Intelligence Exchange

Endpoint Protection

Find and resolve threats in seconds. McAfee Active Response V2.0 exposes the unknown in seconds by tracing process behavior and then providing immediate context, via the cloud, to quickly convict and resolve threats. Reduce dwell times through real-time visibility, live investigations, and timelines. Use single click correction to immediately remediate threats across a single endpoint or entire organization. McAfee Complete Endpoint Threat Protection replaces McAfee Complete Endpoint Protection — enterprise.

Stop threats before they reach the endpoint. Seamless integration with McAfee Web Gateway provides inline file emulation for suspicious web traffic. The cloud assisted edge defense analyzes the actual behavior of internet code and files to deliver pervasive endpoint protection both on and off the corporate network. McAfee Complete Endpoint Protection Business provides a number of technologies to meet the needs of business customers. McAfee by Intel Complete Endpoint Threat Protection — provides advanced defenses that prevent, contain, and take action against zero day threats and sophisticated attacks.

Network Security

Deeper inspection. Better threat protection. Malware is becoming more complicated, covert, and clever. Your advanced, zero day threat protection solution needs to be as cunning as advanced targeted threats. McAfee Next-Generation Firewall (NGFW) and McAfee Firewall Enterprise are now part of Forcepoint. Reduce investigation time from days to minutes. Numerous features support investigation, including extensive unpacking, interactive mode, sample submission to multiple virtual environments, and unparalleled indicators of compromise (IoC) data that produces summary reports for action prioritization and analyst grade data on malware.

Security components operate as one. Tight integration reduces time from encounter to containment and protection from advanced threats, enables efficient alert management, and maintains throughput and policy enforcement. Support for OpenIOC and STIX, two open standards for indicators of compromise and threat intelligence output, further enhances integration. McAfee Network Security Platform is a next generation intrusion prevention system (IPS) that redefines how organizations block advanced threats.

Protection And Encryption

Safeguard data and stay compliant with McAfee enterprise data protection solutions. McAfee Complete Data Protection Suites and McAfee by Intel Data Loss Prevention (DLP) solutions provide multilayered protection for data regardless of where it resides — on the network, in the cloud, or at the endpoint. Encryption options include enterprise grade drive encryption or management of native encryption.

As a part of McAfee’s Security Connected framework, enterprise data protection solutions are fully integrated with McAfee ePolicy Orchestrator software, which unifies and simplifies data security management. McAfee Complete Data Protection Advanced — block unauthorized access to your sensitive information and prevent exfiltration — anytime, anywhere. Strong encryption, DLP, policy driven security, management of Apple FileVault and Microsoft BitLocker native encryption, and data protection for cloud storage combine with a centralized management platform in our most robust data protection suite. McAfee Complete Data Protection — enable data protection with drive, file, folder, removable media encryption, and data protection for cloud storage

Server Security

McAfee Server Security Suite Essentials provides instant discovery and control for protecting physical, virtual, and cloud deployments. McAfee Server Security Suite Essentials allows foundational cloud workload and server protection, including optimized antivirus and intrusion prevention. Obtain single pane manageability — get complete end to end visibility across all servers and cloud workloads. Optimize antivirus protection for virtualized environments — choose one solution that works across multiple hypervisors or an agentless option for VMware vCloud Networking and Security and NSX.

McAfee Server Security Suite Advanced the most comprehensive cloud workload and server protection. McAfee Server Security Suite Advanced includes optimized antivirus and intrusion prevention along with advanced whitelisting to protect against zero day threats and change control to meet regulatory requirements. Get Full Visibility Into AWS and Azure see the infrastructure, workloads, traffic, threats, and a security posture assessment of AWS and Azure security groups.