McAfee Advanced Threat Defense enhances protection from network edge to endpoint and enables investigation.
Detect Advanced Malware
McAfee Advanced Threat defence enables organizations to detect advanced, evasive malware and convert threat information into immediate action and protection. Unlike traditional sandboxes, it includes additional inspection capabilities that broaden detection and expose evasive threats. Tight integration between security solutions—from network and endpoint to investigation—enables instant sharing of threat information across the environment, enhancing protection and investigation. Flexible deployment options support every network.
McAfee Advanced Threat Defence Key Differentiators:
Broad Solution Integration:
Powerful analysis capabilities:
Flexible, centralized deployment:
McAfee Advanced Threat Defence: Detect Advanced Threats
McAfee Advanced Threat Defence detects today’s stealthy, zero-day malware with an innovative, layered approach. It combines low-touch analysis engines such as antivirus signatures, reputation, and real-time emulation with dynamic analysis (sandboxing) to analyse actual behaviour. Investigation continues with in-depth static code analysis that inspects file attributes and instruction sets to determine intended or evasive behaviour and assesses similarity with known malware families. A final step in the analysis, McAfee Advanced Threat Defence specifically looks for malicious indicators that have been identified through machine learning via a deep neural network.
Combined, this represents the strongest advanced malware security protection on the market and effectively balances the need for both in-depth inspection and performance. While lower analytical intensity methods such as signatures and real-time emulation benefit performance by catching more easily identified malware, the addition of in-depth static code analysis and insights gained through machine learning to sandboxing broadens detection of highly camouflaged, evasive threats. Malicious indicators that may not execute in a dynamic environment can be identified through unpacking, in-depth static code analysis, and machine learning insights.
Malware writers use packing to change the composition of the code or to hide it in order to evade detection. Most products cannot properly unpack the entire original (source) executable code for analysis. McAfee Advanced Threat Defense includes extensive unpacking capabilities that remove obfuscation, exposing the original executable code. It enables in-depth static code analysis to look beyond high-level file attributes for anomalies, analysing attributes and instruction sets to determine the intended behaviour.
Together, in-depth static code, machine learning, and dynamic analysis provide a complete, detailed evaluation of suspected malware. Unparalleled analysis output produces summary reports that provide a broad understanding and action prioritisation and more detailed reports that provide analyst-grade data on malware.
Advanced Capabilities Support Investigation
McAfee Advanced Threat Defence offers numerous, advanced capabilities including:
Flexible advanced threat analysis deployment options support every network. McAfee Advanced Threat Defense is available as an on-premises appliance or a virtual form factor, with support for both private and public cloud with availability in the Azure Marketplace. All form factors act as a shared resource between multiple McAfee solutions, cost-effectively scaling and reducing cost.
Speak to ITB about McAfee Advanced Threat Defence – ATD licences today:
CALL for Information and Pricing