McAfee Security Connected Turns Analytics into Action

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  

McAfee wants to rewrite the definition of security analytics, saying that the job of collecting security event data isn’t complete until an action is taken to stop an attack and prevent recurrences. It's the underlying premise of McAfee Security Connected philosophy.

[caption id="attachment_32337" align="alignright" width="150"]McAfee President Michael DeCesare McAfee President Michael DeCesare[/caption]

McAfee wants to rewrite the definition of security analytics, saying that the job of collecting security event data isn’t complete until an action is taken to stop an attack and prevent recurrences. It's the underlying premise of McAfee Security Connected philosophy.

Related articles

End-to-end security information management, situational awareness and accelerated remediation is a strong theme at this year’s McAfee Focus conference. The company is pushing the concepts of using its integrated portfolio of security technologies – from the endpoint to the network layer – as a means of providing greater insight into security posture and enabling faster reactions to attacks.

“Analytics is not reporting and data. Analytics isn’t done until an action is taken. Today we do analytics for a report. That’s going to change,” said Michael Fey, the company’s worldwide chief technology officer.

McAfee Focus is replete with messaging around its existing and new products, ranging from its security information management platform based on the Nitro technology it acquired in 2011 to new advanced antimalware endpoint technology and the next-generation firewall technology and products acquired from Stonesoft.

The vision is McAfee melting security management and responsiveness with the concepts of Big Data – the collection of event data to quickly correlate and deliver actionable intelligence.

[caption id="attachment_32338" align="alignright" width="150"]McAfee Worldwide CTO Michael Fey McAfee Worldwide CTO Michael Fey[/caption]

“We have reinvented endpoint… integrate and interact with anything in the infrastructure. This will help you move from simply reporting to an environment you and diagnose and fix in a moment’s notice,” said McAfee president Michael DeCesare in his keynote address.

The idea of leveraging copious amounts of security data and translating it into greater intelligence and, in some cases, automated responses, isn’t a new concept. McAfee has been pushing this concept from the days when it first launched its ePolicy Orchestrator (ePO) and Artemis threat intelligence network. And it falls in line with McAfee’s “Security Connected” channel theme, in which the company wants partners to sell multiple products per account.

To say McAfee has failed to deliver on its security connected and big data for security themes before would be an overstatement. While McAfee has had varying levels of technical capability in collecting and acting on security intelligence before, the maturation of the technology and the ability to integrate across the portfolio was sometimes lacking. Additionally, McAfee had gaps in the product portfolio or products that weren’t best of breed.

It’s by no accident that McAfee is marrying the term Big Data with security. McAfee is actually (and correctly) chasing the disruptive trends of software defined networks (SDN), Big Data, cloud computing mobility and “The Internet of Things.” DeCesare spoke of how security tacked onto the operating system won’t as more IP-enabled devices running diverse platforms come into the market. Not only will tablets, smart appliances and myriad connected devices increase the data volume, but also increase the attack surface area.

“What is happening to the network space is what happened to the data center space. Virtualization is coming to the network. When those networks are rebuilt, we have to figure out how to include security from the beginning. We’re pushing as much of technology as we can to the edge,” DeCesare said.

McAfee says much of this new technology is a result from the integration and development work resulting from acquisition of the company by Intel. The two companies have and continue to develop new technologies to address security concerns at multiple levels of the technology and application stack.

Although unstated, McAfee is responding to the shifting dynamics in the security market segment. The continued growth of next-generation firewall vendor Palo Alto Networks, the acquisition of SourceFire by Cisco, Hewlett-Packard making security a core component of its revitalization plan, and IBM pressing deeper into security is seen as a great competitive threat than upstarts such as Kaspersky Lab, Sophos and FireEye.

McAfee believes its ability to deliver “Security Connected” products that have native ability to communicate across multiple technologies will give it and partners a competitive advantage until rivals replicate the model and develop integrated strategies.

"The stuff we're working on today is literally changing the world, and it's very exciting. It won't be measured in hundreds of millions of dollars in sales, but how we  change how we do things," Fey said.

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  
More on Security
dangerous-fingers

Symantec: SMBs in danger of cyberattacks more than they think

Expert says market represented 61 percent of 2014 targeted attacks

Password login security screen

Cylance: Hackers using Adobe Reader, Quick Time and more to steal Windows login info

Newly discovered threat dubbed Redirect to SMB

Two people shaking hands

FireMon promises better security for government, enterprises with Immediate Insight acquisition

Financial details not disclosed

adviser6

Fortinet: Trusted advisor status vital after breach

Customers will need guidance, regardless of product purchase

Visitor comments
Add comments
blog comments powered by Disqus
In-depth
newspapers-and-glasses

Channelnomics' top five stories of the week

Check out which articles grabbed the most attention this week

jessica-m-225x300

Editor's voice: the week's channel chatter - 17 April 2015

What's been happening this week on Channelnomics?

Two people shaking hands

Symantec steals spotlight amid M&A mayhem

As tech and security boardrooms take on a distinctly Wall Street-like vibe, Symantec wrestles with restructuring decisions around Veritas and its own security assets

The words 'help wanted' spelled out on a keyboard

Help wanted: MSPs struggling to find good talent

Hiring the right engineers especially difficult, MSPs say