The future of endpoint – Integrated threat defense with insights

Robert Lourenco – Regional presales SecOps specialist

2McAFEE CONFIDENTIAL

CISOs Struggle with One or More Strategic Priorities

Risk & Resiliency Automation & Efficacy

80% of cloud traffic is cloud

to cloud

2,000unique cloud services

20%of files in the cloud

contain sensitive data

2,000misconfigurations per month

Transformation

$600BAnnual cybercrime

costs globally

24months (CISO tenure)

40% of orgs have 25+ tools

39%manually collect feeds

27%spend most time

fighting fires

93%unable to triage all relevant

threats

4McAFEE CONFIDENTIAL

McAfee Endpoint Major TimelinesA history of excellence and innovation

1971 20061987 20182013 2014

Creeper / Reaper

2019

First AV

1987

Avert LabsFirst Global Emergency

Response Team

1999

EPO

Site Advisor

Sandboxing

DXL

Insights

MVISION

2018

EDR

2015

McAfee ENSNext Gen Endpoint Protection

5McAFEE CONFIDENTIAL

The endpoint security market history

Started with Antivirus

Then added HIPS functionality

Then more advanced HIPS functions like exploit prevention and memory protection

Web control modules

Host based firewalls

6McAFEE CONFIDENTIAL

The current market

Full endpoint security featuring – malware protection with ML/AI, Fileless protection, containment capabilities, AMSI

Reputation databases

Integration fabrics

Sandboxing

EDR

7McAFEE CONFIDENTIAL

Future of endpoint technologies

Single agent single UI

Detection and response capabilities to security incidents not just file based malware

Investigating security incidents and threat hunting

SaaS offerings for simplicity and low cost maintenance

Threat sharing and Insight driven analytics

McAfee – securing the device to cloud

9McAFEE CONFIDENTIAL

Major Announcements and Innovations in the last 18 Months…

CASB ConnectA first-and only-of-its-kind

service to rapidly secure any

cloud application via a self-

serve API framework

2018

An enterprise SaaS version

of our ePO orchestration

solution

Get ahead of modern

threats with AI-guided

investigations

SIEM: ESM 11

A new data architecture

optimized for scalability,

performance, faster search, &

collaboration

Data protection, threat

prevention, and

continuous compliance

across SaaS, PaaS and

IaaS

AWS Security

Competency

First and only CASB to

achieve AWS Security

Competency and Well-

Architected designation

Database

Security

Real-time protection for DB

workloads migrated to

Amazon RDS

Microsoft Teams

MVISION Cloud is the first

and only CASB to extend

data visibility and control

capabilities to Microsoft

Teams

2018

MVISION Cloud first CASB to

integrate with and deliver

consistent capabilities across

AWS, Azure and Google

Multi-cloud

2019

McAfee Acquires

NanoSec

Container security for the

cloud.

McAfee Acquires

Uplevel Security

Data analytics company using

graph theory and machine

learning

10McAFEE CONFIDENTIAL

MVISION

Cloud

Data and workload protection across the entire cloud spectrum —SaaS, PaaS, and IaaS

environments.

A cloud-native portfolio family that protects data and stops threats, from device to cloud

MVISIONMVISION

Endpoint

Advanced augmented defense for Windows

10 with a unified management experience.

MVISION

ePO

A dramatically simple cloud-based SaaS

management service.

MVISION

Mobile

Central management and defense of IOS and Android “just like any

other device.”

MVISION

EDR

Powerful threat

detection and

response—simplified.

Simple. Flexible. Comprehensive. Fast. Everywhere.

10

McAfee Confidential

11McAFEE CONFIDENTIAL

12McAFEE CONFIDENTIAL

EDR

Telemetry driven analytics

Endpoint Defense Future – Convergence of EPP/EDR

Endpoint Advanced Protect

EndpointThreat Defense

Endpoint Flexible Protect

13McAFEE CONFIDENTIAL

14McAFEE CONFIDENTIAL

The capacity to gain an accurate and deep intuitive understanding. Telemetry from 1 Billion

sensors deployed globally.

Alert when a customer is being

targeted or a campaign is active

in the region with guidance on

what to do about it.

Customer Report with IOCs of

known campaigns, geographics,

and if there are any indicators of

the threat in your environment.

Am I being targeted? Are known campaigns impacting me?

Insights

These products and services are in development. All information provided herein is subject to change without notice at McAfee’s sole discretion.

15McAFEE CONFIDENTIAL

Region

Security Posture

Distinct Threat Analysis

Human Machine Teaming

Compares.Assess.

Prioritizes.

Potential attack alert

Industry

Mvision EDR

17McAFEE CONFIDENTIAL

EDR must evolve – analyst reports May 2019

• Today, many EDR solutions are focused on providing investigation capabilities to the most sophisticated SOC analysts, a focus that hasn’t proven effective or scalable

Negative consequences

Positive outcomes

• EDR products that enable triage by junior analysts through guided investigation open this superior level of detection to many markets that were previously unable to benefit from this technology.

Empower Security Analysts Through Guided EDR Investigation

18McAFEE CONFIDENTIAL

McAfee’s Approach to EDRFaster resolution with higher fidelity

Respond

Validate

High Confidence

Gather Data / Assess / ScopeDynamic, Guided Investigation

Alert

Analytics

Data/Context

Data

Hunting

ESM

19McAFEE CONFIDENTIAL

20McAFEE CONFIDENTIAL

21McAFEE CONFIDENTIAL

Advanced, Integrated Defenses; A Sustainable Framework for the Future

▪ Enhanced native OS controls with Application, Memory,

Script containment and protection

▪ Integrated EDR and endpoint for prevention, detection

and containment

▪ Guided investigations

▪ Easy, intuitive insights for corrective actions

▪ Cloud delivered enterprise endpoint protection

Summary

Learn more by visiting: Booth #P3

All information provided here is subject to non-disclosure agreements. It is for informational purposes only and should not be deemed an offer by McAfee or create an obligation on

McAfee. McAfee reserves the right to discontinue products at any time, add or subtract features or functionality, or modify its products, at its sole discretion, without notice and

without incurring further obligations. McAfee and the McAfee logo are trademarks of McAfee, LLC in the U.S. and/or other countries. *Other names and brands may be claimed as the

property of others.

© 2018 McAfee, LLC