McAfee Expands Cloud Security with MVISION XDR, CNAPP Platforms

Vivek, November 4, 2020

766 0

McAfee Expands Cloud Security with MVISION XDR, CNAPP Platforms

McAfee this week made several significant announcements designed to further its reach in all areas of cloud security, MVISION(XDR) most centered on extended detection and response.

The company’s new cloud-based MVISION XDR platform aims to give organizations greater visibility and a full set of threat management capabilities across the attack lifecycle so they can better protect their enterprises both before and after attacks.

The ability to detect threats before a system is compromised is important, said Jon Oltsik, senior principal analyst at Enterprise Strategy Group. Typically, threat detection occurs when a system is compromised or when it starts communicating over a network, so what McAfee is doing—what it calls “shifting left”—is important. Shifting left means detecting a threat before a system is compromised.

McAfee this week made several significant announcements designed to further its reach in all areas of cloud security, most centered on extended detection and response (XDR).

McAfee also announced a new platform designed to secure cloud-native applications. The MVISION Cloud Native Application Protection Platform (CNAPP) provides data loss prevention (DLP), malware detection, threat prevention, governance and compliance, allowing developers to work in a secure environments.

Doug Cahill, a cybersecurity vice president at ESG, explained that a cloud-native, integrated cloud security platform requires these capabilities: support for multiple server workload types; support for hybrid, multicloud environments; integrated cloud security posture management; cloud workload protection; and object store DLP capabilities and native integrations into the continuous integration and continuous delivery (CI/CD) toolchain to span the application lifecycle from pre-deployment to runtime.

Essentially, CNAPP converges Cloud Security Posture Management (CSPM) for public cloud infrastructure and Cloud Workload Protection (CWPP) to protect hosts and workloads including virtual machines, containers and serverless functions, according to McAfee. This allows for deep discovery and prioritization of all workloads, data and infrastructure across endpoints, networks and cloud based on risk.

It also helps protect against “configuration drift” and against vulnerabilities in virtual machines, containers and serverless environments. Plus, it provides the ability to build policy based on zero trust and allows Security Operations Centers (SOCs) to map cloud-native threats to the MITRE ATT&CK framework for faster remediation.

Connect The Dots