Intel Security’s strategy for eliminating cybersecurity fragmentation
At RSA Conference 2017, Intel Security outlined a new, unifying approach for the cybersecurity industry that strives to eliminate fragmentation.
The workforce shortage facing the cybersecurity industry makes it increasingly difficult to hire and retain employees. These scarce resources make it harder to maintain a coherent security architecture to prevent damage from and minimize the cost of emerging threats while embracing the potential of new open source, digital, cloud and security technologies.
Intel Security’s research and customer discussions have underscored the need for trusted partners that work cooperatively to reduce the burden of fragmented technologies and help organizations stay focused on securing their business assets and productivity. With this in mind, the company is pleased to announce several new product integrations and updates, new industry partnerships and increased open source and standards-based collaboration that will strengthen the effectiveness of cybersecurity infrastructure across the industry’s largest open ecosystem.
At the heart of a unified strategy for cybersecurity is the need for integrated solutions that tie into the enterprise’s framework to address top-of-mind challenges. Intel Security announces new and updated solutions that do exactly that: McAfee Enterprise Security Manager (ESM) 10 and McAfee Virtual Network Security Platform (vNSP).
The newly released McAfee ESM 10 joins an expanded McAfee Foundstone security operations center (SOC) services portfolio to help security analysts to be far more effective. New capabilities include a new intuitive and collaborative UI, improved contextual threat intelligence, and expertise from Intel Security’s expert security consultants as part of a virtual SOC offering.
McAfee vNSP now extends virtual network protection to Amazon Web Services (AWS) cloud and OpenStack cloud deployments, with new simplified multi-cloud licensing, easily protecting virtual networks. New capabilities include virtual network protection for public clouds, virtual network traffic inspection for private clouds, and cloud-based threat analysis.
Ecosystem Momentum and Cross-Industry Collaboration
Transforming fragmentation requires the industry to work cooperatively to build meaningful integrations. Today, the Intel Security Innovation Alliance announces 15 new partnerships, bringing the total number of partners to more than 135 globally. Over the past year, 35 partners have integrated or planned integrations with the McAfee Data Exchange Layer (DXL), the industry-endorsed communication fabric, providing real-time interaction between applications.
Since announcing the OpenDXL initiative – an open industry standard for all developers to increase integration flexibility, simplicity and opportunity – Intel Security has expanded its commitment to open source and community adoption.
Intel Security also published more open source software on github.com/opendxl to further reduce high-integration complexity and cost, and replacing lengthy manual and repetitive processes for enterprises.
- New open source connectors for McAfee Threat Intelligence Exchange (TIE) and McAfee Active Response (MAR) that let applications easily use these tools to search endpoints and query and set file reputations, simplifying the process of querying endpoints within the enterprise environment to just 20 lines of code.
- The OpenDXL Python client
- New OpenDXL connectors for McAfee ePolicy Orchestrator (McAfee ePO) platform APIs that enable easy, fast options to apply policies, tag systems, move groups and trigger actions within the industry-leading security platform.
With the goal to improve cybersecurity efficiencies and maximize protection, 15 new companies have joined the Intel Security Innovation Alliance: Absolute Software, Bay Dynamics, Cyphort, DFLabs, Digicert, Dropbox, Evident.io, Fireglass, Kaspersky Labs, Opswat, Radware, SailPoint, SAS Institute, SS8 Networks and ThreatConnect.
The company also announced that it is now sharing and consuming advanced threat intelligence through the Cyber Threat Alliance Platform (CTAP) and that it has a plan to further integrate CTAP with its products. CTAP is a platform that scores and shares threat intelligence among members of the Cyber Threat Alliance.
Shared CTAP Indicators of Compromise help Intel Security and other CTA members detect and better understand new, emerging attack campaigns. This allows CTA members to more quickly protect their customers’ systems.