McAfee Extends Mvision Security Platform with EDR, Cloud Protection

McAfee is expanding its Mvision security platform with new cloud as well as Endpoint Detection and Response capabilities.

McAfee Mvision Cloud

McAfee kicked off its annual MPOWER conference on Oct. 17 announcing new updates to its Mvision cyber-security product portfolio,

The new updates include the Mvision EDR (Endpoint Detection and Response) offering that provides new endpoint security capabilities. The new Mvision Cloud service brings cloud data protection to the McAfee portfolio, based on technology gained via the acquisition of Skyhigh in 2017.

"Mvision Cloud is essentially the rebranding of the Skyhigh Networks acquisition that we did earlier this year to really bring the cloud control point to life," Raja Patel, VP and GM of corporate security products at McAfee, told eWEEK. "As an integration proof point between Skyhigh and McAfee, Mvision Cloud provides unified data protection, visibility and policy across endpoints, networking and cloud." 

McAfee originally unveiled its Mvision cyber-security platform on July 17 as a new foundation for the company's product portfolio. The first products announced included the ePolicy Orchestrator (ePO), as well as endpoint and mobile products. 

Patel said that while the acquisition of Skyhigh was announced in November 2017, the deal closed at the beginning of 2018, with Skyhigh staff joining McAfee in March. Since March, Patel said that the Skyhigh team has been improving the platform in a variety of ways. Skyhigh Networks developed what is known as a Cloud Access Security Broker (CASB), which monitors and controls enterprise access to cloud assets. In addition to the integration with McAfee, Patel said the Skyhigh team in 2018 has added a capability called ClassV connect.

"It's an SDK (Software Development Kit) package that allows application developers or organizations that are moving apps from private data center to the public cloud, to build in the security wrapper that connects into our Mvision Cloud platform, so that we can get visibility into those apps and then be able to provide data protection," he said.

EDR

While Mvision Cloud is based on technology from Skyhigh, the Mvision EDR is a net new technology. Patel said that the goal of Mvision EDR is to reduce the time it takes to detect a threat that has got into an environment.

A core element of the new EDR platform is integrated artificial intelligence (AI) that helps to improve the signal to noise ratio for threat indicators. Patel said the AI enables Mvision EDR to rapidly classify threats, enabling organizations to prioritize for the most critical issues.

"We believe the endpoint is one of the richest and data sets out there for security operations as well as one of the largest attack surface areas," he said. "So what we're doing is taking the data from endpoints, popping it in the cloud, running it through AI and analytics, with the purpose for our customers being to reduce the time to detect and investigate threats."

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.