McAfee recently announced the industry-first extended detection and response (XDR) capabilities with the introduction of MVISION XDR platform, a cloud-based advanced threat management solution with complete coverage across the attack lifecycle, prioritization to protect what matters, easy orchestration and efficient response.
MVISION XDR improves security operations centers (SOC) effectiveness with quick risk mitigation and delivers total cost of ownership (TCO) for threat response with the inclusion of MVISION Insight’s proactive threat analytics.
SOCs are still maturing and face three key challenges that impact time to resolve: 1) Reactive processes and workflows, 2) Alert fatigue and fragmented tools, and 3) Limited staff and expertise. According to recent ESG research, 66 percent of organizations says that detection & response effectiveness is limited due to multiple independent tools. Siloed tools inhibit faster and better security outcomes by requiring security operations to manually correlate data and orchestrate response across the disparate tools. Time to resolve or contain a threat continues to be in months allowing dwell time for the adversary to do more damage.
According to SANS research, only 40 percent of the SOCs have incident response function. The shortage of cybersecurity staff and expertise continues to limit security effectiveness. MVISION XDR removes the complexity of fragmented tools and provides new levels of proactivity, prioritization and orchestration to improve the SOC effectiveness.
“SOCs continue to face a dynamic threat landscape especially in this work-from-everywhere environment. The fragmented nature of their traditional tools, which require a lot of manual and cumbersome processes, make it near impossible for their already stretched teams to be as effective as they need to be. MVISION XDR is the industry’s first XDR platform that allows organizations to proactively get ahead of adversaries and manage threats across their entire enterprise with unified visibility, control, and automation to protect what matters most,” said Ash Kulkarni, executive vice president and chief product officer of the enterprise business group at McAfee.
MVISION XDR capabilities address the entire attack lifecycle before and after an attack with:
- Organizations can be proactive and act on external threats that matter before the attack. Organizations can prioritize threats, predict if countermeasures will work and prescribe corrective actions.
- Visibility and control of threats across the entire enterprise (endpoint, network and cloud) from a unified view equips analyst of any experience level to speed threat triage with their choice of automatic or AI-guided investigations.
- Unique data awareness allows for automatic prioritization of threats based on the risk and the impact to the organization. Incidents are assessed based on user, data classification, device, vulnerability and threat intelligence. A good example is if a threat is targeting sensitive data on a device it will take a higher priority for action.
- Open and cloud-delivered security platform simplifies integration with external threat intelligence, existing SOC tools like ticketing systems and lowers TCO.