McAfee adds automated threat detection to Mvision XDR

Get a free Techzine subscription!

McAfee has announced updates for Mvision Extended Detection and Response (XDR) during the RSA Conference. With the new capabilities, it wants to protect companies against the most sophisticated threats and simplify security operations.

The update integrates telemetry from other Mvision products with XDR, such as from the Secure Access Service Edge solution. Cyber incidents detected by XDR are complemented with insights from the SASE solution. SASE detects cloud threats in web and SaaS environments.

Working more efficiently

According to McAfee, this integration gives companies more knowledge about the situation, allows them to make faster and better decisions, and leads to a more efficient and effective Security Operation Center (SOC). “SOC processes involve siloed monitoring and detection tools that generate an overwhelming volume of security alerts,” explains Chief Product Officer Shishir Singh. This usually results in a lot of work to analyse everything. The Chief Product Officer says Mvision XDR can help by providing end-to-end threat visibility across the entire attack surface, with the context and automation to streamline operations.

Mvision XDR has advanced threat detection for this purpose. This enables the automatic correlation of attack telemetry from different data sources. Besides CASB, these include endpoint detection and response (EDR), data loss prevention (DLP) and secure web gateway (SWG).

McAfee also mentions ‘automated threat management tasks’ as an option for organising work more efficiently. This means simplifying analysis workflows by supplementing human analysis with machine learning. The investigation of a complex attack should thus proceed more quickly.

Finally, McAfee talks about ‘proactive threat hunting and optimized response’, referring to the integration of Mvision Insight with Mvision Cloud Security Advisor. Security teams will gain insight into the security landscape, from endpoints to the cloud.

Recently, the divesting of McAfee’s business branch was announced, becoming part of Symphony Technology Group. The acquisition is expected to be completed by the end of 2021.