Intel Security has outlined a new, unifying approach for the cybersecurity industry that strives to eliminate fragmentation through updated integrated solutions, new cross-industry partnerships and product integrations within the Intel Security Innovation Alliance and Cyber Threat Alliance (CTA).
“Transforming isolated technologies into a cohesive security system is without a doubt the most daunting challenge facing practitioners today,” said Chris Young, senior vice president and general manager of Intel Security Group. “The battle against our adversaries cannot be fought alone; it will take people, products, organizations and industries working together to eliminate the fragmentation of security through automation, partnerships and unified architectures.”
The workforce shortage facing the cybersecurity industry makes it increasingly difficult to hire and retain employees. These scarce resources make it harder to maintain a coherent security architecture to prevent damage from and minimize the cost of emerging threats while embracing the potential of new open source, digital, cloud and security technologies.
Our research and customer discussions have underscored the need for trusted partners that work cooperatively to reduce the burden of fragmented technologies and help organizations stay focused on securing their business assets and productivity. With this in mind, Intel Security is pleased to announce several new product integrations and updates, new industry partnerships and increased open source and standards-based collaboration that will strengthen the effectiveness of cybersecurity infrastructure across the industry’s largest open ecosystem.
Integrated Solutions
At the heart of a unified strategy for cybersecurity is the need for integrated solutions that tie into the enterprise’s framework to address top-of-mind challenges. Intel Security announces new and updated solutions that do exactly that: McAfeeEnterprise Security Manager (ESM) 10 and McAfee Virtual Network Security Platform (vNSP).
With the high cost of detecting and resolving cyberattacks, the need for SIEM solutions that are intelligent and intuitive has never been greater. The newly released McAfee ESM 10 joins an expanded McAfee Foundstone security operations centre (SOC) services portfolio to help security analysts to be far more effective. New capabilities include:
- Intuitive and Collaborative User Interface: A new user interface reflects extensive incident management workflow usability testing, delivering on increased efficiency, faster and more effective threat detection and response, and the ability to manage multiple incidents within the same dashboard.
- Contextual Threat Intelligence: Significant advancements have improved ongoing contextual threat intelligence and immediate access to critical threat data to identify, scope and orchestrate responses to emerging attacks.
- Trusted Expertise Offerings: Foundstone threat researchers (i.e., Intel Security’s expert security consultants) can now augment staffing as part of a virtual SOC offering, adding expertise, capacity and coverage to supplement existing enterprise capabilities and extending the Foundstone services lifecycle SOC portfolio.
The need for advanced malware protection within the public cloud environment calls for integrated virtual solutions. McAfee vNSP now extends virtual network protection to Amazon Web Services* (AWS) cloud and OpenStack* cloud deployments, with new simplified multi-cloud licensing, easily protecting virtual networks. New capabilities include:
- Virtual Network Protection for Public Clouds: McAfee vNSP is an industry-leading solution that protects AWS workloads from attacks like zero-day, bots, malware and application-level DOS with both detection and protection mode. It integrates seamlessly with AWS Auto Scaling to deliver a fully scalable security solution with a single pane of glass.
- Virtual Network Traffic Inspection for Private Clouds: vNSP continues to add support for multi-hypervisor platforms, which now includes VMware® ESX®, VMware NSX™ and OpenStack cloud with its best-of-breed next-generation IPS. Security Operations can now manage their public and private cloud security from a single network security management console giving them full visibility.
- Cloud-Based Threat Analysis: New integration with McAfee® Cloud Threat Detection allows McAfee® Network Security Platform (NSP) to easily and efficiently augment existing inspection capabilities with sophisticated cloud-based malware analysis.
Ecosystem Momentum and Cross-Industry Collaboration
Transforming fragmentation requires the industry to work cooperatively to build meaningful integrations. Today, the Intel Security Innovation Alliance, the industry’s premier technology partnering program, announces 16 new partnerships, bringing the total number of partners to more than 135 globally. Over the past year, 35 partners have integrated or planned integrations with the McAfee Data Exchange Layer (DXL), the industry-endorsed communication fabric, providing real-time interaction between applications.
Since announcing the OpenDXL initiative – an open industry standard for all developers to increase integration flexibility, simplicity and opportunity – Intel Security has expanded its commitment to open source and community adoption. Today, Intel Security is publishing more open source software on github.com/opendxl to further reduce high-integration complexity and cost, and replacing lengthy manual and repetitive processes for enterprises. These advancements include:
- New Integrations: New open source connectors for McAfeeâ Threat Intelligence Exchange (TIE) and McAfeeâ Active Response (MAR) let applications easily use these tools to search endpoints and query and set file reputations, simplifying the process of querying endpoints within the enterprise environment to just 20 lines of code.
- Expedited Availability: Responding to customer demand, Intel Security has expedited availability of the OpenDXL Python client, which is now available for organizations to download, develop and deploy with confidence. For demonstrations of technology integrations using OpenDXL, visit the Intel Security booth at #N3801 – North Hall of the Moscone Center.
- New Capabilities: New OpenDXL connectors for McAfee ePolicy Orchestrator® (McAfee ePO™) platform APIs enable easy, fast options to apply policies, tag systems, move groups and trigger actions within the industry-leading security platform. The new capabilities open up the most frequently used capabilities of the McAfee ePO platform web APIs, and permit more applications to leverage centralised and efficient management with a lightweight integration process.
- New Partnerships: With the goal to improve cybersecurity efficiencies and maximise protection, 15 new companies have joined the Intel Security Innovation Alliance: Absolute Software*, Bay Dynamics*, Cyphort*, DFLabs*, Digicert*, Dropbox*, Evident.io*, Fireglass*, Kaspersky Labs*, Opswat*, Radware*, SailPoint*, SAS Institute*, SS8 Networks* and ThreatConnect*.
Intel Security also announced that it is now sharing and consuming advanced threat intelligence through the Cyber Threat Alliance Platform (CTAP) and that it has a plan to further integrate CTAP with its products. CTAP is a platform that scores and shares threat intelligence among members of the Cyber Threat Alliance.
Shared CTAP Indicators of Compromise help Intel Security and other CTA members detect and better understand new, emerging attack campaigns. This allows CTA members to more quickly protect their customers’ systems.
As announced last week by the Cyber Threat Alliance, it is now formally incorporated as an independent, 501(c)(6) entity, with a president, board of directors and permanent standing committees. It is generously funded by the founding members – Intel Security, Fortinet*, Palo Alto Networks*, Symantec*, Check Point* and Cisco Systems*. Each founding member has committed $1 million over the next two years to the success of the Cyber Threat Alliance.