McAfee Integrates Advanced Analytics to Increase Security Operations Center Efficiency and Protect Endpoints and Cloud


McAfee Defends Most Prominent Attack Points On Premises and in the Cloud, Empowers Security Teams with Artificial Intelligence and Deep Learning for Efficient Security Operations


  • New McAfeeÒ Investigator solution applies advanced analytics to increase SOC productivity
  • New McAfeeÒ Cloud Workload Security solution facilitates enterprises’ safe cloud use by discovering and defending elastic workloads within minutes
  • McAfeeÒ Web Gateway is now available to run on Amazon Web Services
  • McAfeeÒ Advanced Threat Defense sandbox technology available in Microsoft Azure Marketplace
  • McAfee machine learning technology learns from 300 million sensors
  • New McAfee innovations feature ransomware decryption and steganography detection


MPOWER – LAS VEGAS, Nev., October 23, 2017 – McAfee, one of the world’s leading cybersecurity companies, announced new endpoint and cloud solutions that go beyond machine learning to take advantage of the speed and accuracy of advanced analytics, deep learning and artificial intelligence, and increase efficiency of security operations. Cyber threats and the data needed to defend against them continue to increase, overwhelming security teams and driving the need for open, efficient security operations. McAfee’s new solutions make use of the automation, reasoning and data curation uniquely provided by advanced analytics technologies, allowing security teams to easily discover and assess data and root out threats. Through human-machine teaming and an open and interoperable cybersecurity platform, McAfee proves ‘Together is power,’ with collaborative security that defends against shared adversaries.

“Security teams are increasingly overwhelmed by the complexity they face in their environments which hinders their ability to defend against the growing number of threats,” said Chris Young, CEO of McAfee. “McAfee is acting on our ‘Together is power’ principle with collaborative security that combines the unique advantages of people, machines and partners enabling teams to be situationally aware of security events and take swift action to thwart assaults, from the endpoint to the cloud.”



Enhanced Security Operations with Analytics

A recent McAfee survey discovered the most effective Security Operations Centers (SOCs) are analytics driven, with proactive threat hunting and automated investigative workflows creating an ongoing progression towards increasingly advanced security management. Such effectiveness relies on the implementation of advanced analytics technologies, machine learning, deep learning and artificial intelligence, to curate and visualize threat data so security analysts can make sense of it in a short amount of time.

“When organizations are uncertain about the value or insights inherent in their data — or are confronted with new information they don’t know how to interpret — machine learning can help discover business value where they may not have been able to before,” Carlton E. Sapp, a Gartner research director, wrote in a January 2017 report. “The capability to transform data into actionable insight is the key to a competitive advantage for any organization. But the ability to autonomously learn and evolve as new data is introduced — without explicitly programming to do so — is the holy grail of business intelligence.”1


McAfee’s new product, McAfeeÒ Investigator utilizes both machine learning and artificial intelligence, to increase accuracy and confidence of investigations by automating data collection and empowering security analysts of varied experience to fully assess threats in less time.

New McAfee Investigator benefits include:

  • Accurate Threat Prioritization: McAfee Investigator allows analysts to focus on the most significant threats by using advanced analytics to automatically collect, piece together and visually present suspected attack intelligence.
  • Fast and Thorough Malware Investigations: Machine learning and artificial intelligence within McAfee Investigator continually learn evolving tactics, techniques and procedures to help analysts determine the right questions and explorations to yield efficient and accurate case closure.
  • Increased SOC Efficiency: McAfee Investigator coaches analysts into implementing advanced thought processes and increases productivity with easy case content sharing.

Multi-layer Endpoint Protection

Threats continue to grow consistently in both number and complexity given new attack vectors, tactics and actors. To help organizations stay ahead of even the most advanced cyber attacks, McAfee has evolved its endpoint solutions to include even more complex analytics, arming security teams with the data needed to thwart an attack.

New McAfee endpoint capabilities include:

  • Decision Making with Deep Learning: McAfee Endpoint Security (ENS) uses many layers of mathematical neurons, much like the human brain, to assist with decision making and ascertain potential threats.
  • Pre and Post Execution Machine Learning: McAfee endpoint machine learning reviews files both before and after they execute, gaining knowledge with new data and increasing protection against never-before-seen threats.
  • Machine Learning with Reach: Industry analysts note that many advanced analytics solutions require significant data to build and train models. Globally, 300 million sensors serve as a source to inform algorithms, providing a vast data set for McAfee analytics technologies to learn from.

Enhanced Security for Hybrid Cloud

Leading industry analysts expect hybrid cloud workloads to quickly become the predominant enterprise service architecture. With the benefits of this model, however, come new visibility, management and security challenges for organizations to contend with. The new McAfee Cloud Workload Security (CWS) addresses these issues, allowing organizations to eliminate blind spots with automation, secure critical workloads without slowing performance and simplify management with the McAfeeÒ ePolicy OrchestratorÒ (McAfeeÒ ePOÔ) console.

As organizations look to transition from on-premise to the cloud, one key requirement to both ease and enable this transition is support for hybrid architectures with consistent security across the different deployment models. To help support customers as they shift, McAfee has expanded its portfolio of technology built to run in the public cloud, enabling additional protection and advanced detection without a hardware footprint. McAfee Web Gateway will now be available to run on Amazon Web Services (AWS) and McAfee’s Advanced Threat Defense (ATD) sandboxing technology will run on Microsoft Azure.

[1] Gartner, “Preparing and Architecting for Machine Learning,” Carlton E. Sapp, 17 January 2017


About McAfee

McAfee is one of the world’s leading independent cybersecurity companies. Inspired by the power of working together, McAfee creates business and consumer solutions that make the world a safer place. Learn more at