Cybersecurity company McAfee announced McAfee Investigator that utilizes machine learning and artificial intelligence to increase accuracy by automating data collection and empowering security analysts to assess threats in less time.
“The launch of endpoint and cloud solutions that go beyond machine learning will take advantage of the speed and accuracy of advanced analytics, deep learning and artificial intelligence, and increase efficiency of security operations,” McAfee said.
McAfee’s new solutions make use of the automation, reasoning and data curation uniquely provided by advanced analytics technologies, allowing security teams to easily discover and assess data and root out threats.
“Security teams are increasingly overwhelmed by the complexity they face in their environments which hinders their ability to defend against the growing number of threats,” said Chris Young, CEO of McAfee.
A McAfee survey discovered the most effective Security Operations Centers (SOCs) are analytics driven, with proactive threat hunting and automated investigative workflows creating an ongoing progression towards increasingly advanced security management.
Such effectiveness relies on the implementation of advanced analytics technologies, machine learning, deep learning and artificial intelligence, to curate and visualize threat data so security analysts can make sense of it in a short amount of time.
“When organizations are uncertain about the value or insights inherent in their data — or are confronted with new information they don’t know how to interpret — machine learning can help discover business value where they may not have been able to before,” Carlton E. Sapp, a Gartner research director, wrote in a January 2017 report.
McAfee Investigator allows analysts to focus on the most significant threats by using advanced analytics to automatically collect, piece together and visually present suspected attack intelligence.
Machine learning and artificial intelligence within McAfee Investigator continually learn evolving tactics, techniques and procedures to help analysts determine the right questions and explorations to yield efficient and accurate case closure.
McAfee Investigator coaches analysts into implementing advanced thought processes and increases productivity with easy case content sharing.
McAfee Endpoint Security (ENS) uses many layers of mathematical neurons, much like the human brain, to assist with decision making and ascertain potential threats.
McAfee endpoint machine learning reviews files both before and after they execute, gaining knowledge with new data and increasing protection against never-before-seen threats.
Industry analysts note that many advanced analytics solutions require significant data to build and train models. Globally, 300 million sensors serve as a source to inform algorithms, providing a vast data set for McAfee analytics technologies to learn from.
The new McAfee Cloud Workload Security (CWS) allows organizations to eliminate blind spots with automation, secure critical workloads without slowing performance and simplify management with the McAfee ePolicy Orchestrator (McAfee ePO) console.
McAfee has expanded its portfolio of technology built to run in the public cloud, enabling additional protection and advanced detection without a hardware footprint. McAfee Web Gateway will now be available to run on Amazon Web Services (AWS) and McAfee’s Advanced Threat Defense (ATD) sandboxing technology will run on Microsoft Azure.