TL; DR: For years, McAfee has been committed to protecting customers across the globe from cyber threats — and continues to relentlessly pursue that goal to this day with purpose-built, cloud-native initiatives. These solutions, orchestrated across a series of product lines, are designed to keep businesses and the security operations centers that support them one step ahead of adversaries. Ultimately, McAfee is taking a collaborative approach to uniting customers, partners, and even competitors in its mission to secure an increasingly connected world.
Just a decade ago, the term digital enterprise was used to describe organizations that leveraged technology to inform their core value propositions, business models, or capabilities — think Amazon, Netflix, and Google.
Today, as businesses incorporate digital technologies and tools across all aspects of their operations, the term is becoming all-encompassing.
Between payment processing systems, online marketing systems, and internal and external communication tools, today’s businesses rely on the internet’s vast network of servers to get things done. And if they don’t, they’re probably on the verge of a much-needed digital transformation.
“I believe every customer of mine is now a digital enterprise,” said Anand Ramanathan, VP of Product Management at McAfee. “Who knew a year ago that we would call Chipotle a digital enterprise — but it is. Everybody’s going to the cloud, developing new applications in the cloud, and trying to be agile.”
McAfee is working to help businesses defend themselves against a new era of online threats through a cloud-native approach inclusive of all server environments and devices. The company’s purpose-built cloud initiatives span a series of product lines carefully orchestrated to streamline workflows and even work with other security players.
“Even if employees are just browsing the internet to get their jobs done or using an application they found on the internet because it was easier to use than the tools their company did (or did not) provide — all kinds of data is leaving the company premises all day long,” Anand said. “That’s why we’re focused on protecting the end user through data and threat protection in and out of the cloud.”
Evolving Cloud Initiatives Across a Series of Product Lines
From a bird’s eye view, McAfee centers its efforts on three strategic pillars. Above all, the company aims to provide cutting-edge security solutions across IT environments — from devices to the cloud.
“First and foremost, we focus on device-to-cloud cybersecurity — what we think of as the two bookends of security,” Anand said. “When you think about your daily work, you’re using some type of device to do that work in the cloud. Your network could be Starbucks; it could be your home network. It could be a company network or your cellphone on 5G. We provide visibility control across all these different threat vectors and data points.”
The second pillar involves delivering solutions in and for the cloud.
“Everything we are doing is delivering cloud solutions to protect devices and users from what is happening in the cloud,” Anand said. “It’s just not about deploying our solutions in the cloud. It’s also about protecting customers going to the cloud, whether for Software-as-a-Service (SaaS), Infrastructure-as-a-Service (IaaS), or Platform-as-a-Service (PaaS) application models.”
Finally, McAfee is intent on helping security operations centers make the most of the company’s products to protect the businesses they serve.
“We’re deeply focused on how to help security operations centers be more effective and efficient when using our product,” Anand said. “The goal of our newest product, MVISION Insights, is to help them be proactive and act ahead of the adversaries as opposed to always playing catch up and being reactive.”
Carefully Streamlined Platform Orchestration
Anand told us McAfee’s product portfolio is more concise today than ever before. The company is currently known for its MVISION, a comprehensive, cloud-native solution designed to help customers combat emerging threats while enhancing business capabilities. The multi-cloud security platform for enterprise simplifies security for distributed workforces and accelerates cloud adoption.
Part of that solution is MVISION Cloud, a cloud access security broker (CASB) that enables visibility across all users, devices, servers, and cloud services. The solution applies continuous protection to sensitive information inside or outside the cloud and takes real-time action deep within cloud services to correct policy violations and stop security threats.
Among other significant advantages provided by McAfee is a streamlined user experience that applies to all offerings. “Our heritage at McAfee has been to build everything as a platform from the get-go as opposed to point products,” Anand said. “Even when we acquire companies, we always make them part of the platform.”
McAfee has also built a reputation for providing integrated products that simplify deployment on the endpoint side via its ePolicy Orchestrator (ePO). And the company has extended that strength to the cloud with MVISION ePO. “Every capability is part of the same platform from the customers’ perspective,” Anand said.
Another key differentiator for McAfee is the company’s open approach. “The MVISION platform was designed for integration with other security solutions — even competing ones.
“We are not asking our customers to rip out and replace their current security investments but are working within the context of what they have,” Anand said.
Extended Detection and Response & the Unified Cloud Edge
Anand walked us through three of McAfee’s most critical initiatives of late — Extended Detection and Response (XDR), Unified Cloud Edge (UCE), and the new Cloud Native Application Protection Platform (CNAPP).
McAfee’s Extended Detection and Response (XDR) solution aims to provide unified visibility and control across endpoints, server networks, and cloud services. It also helps address the cybersecurity talent gap.
“Tech analysts for security operations centers are among the hardest employees to find,” Anand said. “And detection and containment still take tremendous amounts of time. Our customers are finding they’re not able to think proactively because they’re too consumed with the daily alerts that they get from a multitude of sources.”
McAfee’s XDR tool is designed to help teams stay one step ahead of adversaries by better leveraging insights into the threat landscape. McAfee possesses advanced threat research as a company, but from the customer’s experience, finding time to tap into it is often tricky.
“We have democratized the process by making Insights available as a technology solution, which allows them to be very proactive. The key was to orchestrate a workflow for the security operations center that is efficient and not only caters to the most sophisticated security operations center professional but also the entry-level ones.”
McAfee’s firm understanding of data is one of the fundamental qualities that has made the company successful in the marketplace.
“A lot of what we feed into our XDR solution is data analytics,” Anand said. “Since we understand data and threats, we can help you prioritize one incident or alert over another. While typical cybersecurity investigations start once you’re hit, we can tell you how a threat might impact your environment way before it ever reaches you. We haven’t seen anybody else protect the customer against future attacks using XDR like we do.”
The company’s Unified Cloud Edge (UCE), on the other hand, protects data from device to cloud using a framework for implementing a Secure Access Service Edge (SASE) architecture. A tremendous amount of unsanctioned cloud usage occurs within businesses, and since adversaries follow end users, cloud threats are continuing to increase. UCE helps users set up uniform security policies across all cloud surfaces.
UCE also empowers customers to employ remote browser isolation, which runs the browser using the cloud.
“If you are accessing a particular part of the internet that we think is risky, we immediately, as part of our UCE solution, take that particular access you’re asking for and render it all in the cloud. Nothing gets transferred to your laptop or device except the images rendered.”
The Cloud Native Application Protection Platform
Anand also gave us a look at McAfee’s Cloud Native Application Protection Platform (CNAPP), an automated, frictionless architecture for securing application ecosystems.
“We just announced the general availability of this solution,” he said. “What it does is identifies the entire public cloud footprint and then looks for configuration issues. The goal is to make it simple for security personnel to discover what’s going on in the public cloud, quickly assess risk, and then prioritize it.”
The tools also make it easier to shift left — or discover configuration issues early in the DevOps cycle before an app goes live.
“Our security teams love it,” Anand said. “And the reason they love it is that they are no longer trying to police the application life cycle. The onus is a lot more on the developer, who now understands what they need to change to comply with best practices.”