McAfee launches MVISION XDR for Endpoint, Cloud and Network

Get a free Techzine subscription!

The Cloud-native MVISION XDR offers actionable intelligence to manage attack lifecycles before and after an attack.

This week McAfee announced the general availability of MVISION Extended Detection and Response (XDR). The new platform addresses Cloud as well as network telemetry to unify and optimize threat detection and response beyond endpoints.

The company claims MVISION XDR allows for faster, more proactive investigation cycles and easier, automated response. The new product also facilitates continued modernization of today’s security operations centers (SOC), according to McAfee.

What is Extended Detection and Response?

According to analyst firm Gartner, Extended Detection and Response (XDR) is “a SaaS-based, vendor-specific, security threat detection and incident response tool.”

XDR natively integrates multiple security products into a cohesive security operations system that unifies all licensed components.

XDR delivers real-time information needed to deliver threats to business operations for better, faster outcomes.

Helping security teams become proactive

Shishir Singh, McAfee chief product officer, explained the need for the new platform. “Security teams are struggling to replace reactive, manual and time-consuming investigation processes to combat more sophisticated and more frequent attacks,” he said.

“MVISION XDR provides proactive and actionable context across key vectors to simplify, accelerate and automate threat validation and response across the enterprise thereby making the most of SOC resources and mitigating potential disruption to the business.”

Improving Security Operation Centres

McAfee is aiming to directly improving the SOC experience. It grants analysts greater control and a more comprehensive view of threat context beyond the endpoint, according to McAfee. This gives them a better understanding of threats – before they occur or incur damage.

A central feature of the new solution is network telemetry prioritization. This offers customers a better understanding of network threats, according to the company. It works by automatically correlating with curated threats for improved prioritization and determination of counter measures to take.

McAfee also claims that MVISION XDR will maximize return on SOC investment by integrating with existing SOC Infrastructure. For example, ticketing systems and Secure Orchestration Automation Response (SOAR) tools can be integrated for more efficient automation and faster mitigation.