Intel Security has unveiled its new corporate strategy—one that takes a more integrated and open approach to defense that will help companies resolve more threats faster, with fewer resources.
Intel aims, it said, to target the endpoint and the cloud as the most effective areas for advanced visibility and practical operational control. With this as a guideline, it will apply threat detection and analytics, all offered with centralized management and a connected architecture that pulls data from across Intel and third-party products in the network.
So, threat intelligence and automated workflows to address flagged issues will continue to be a centerpiece for the company, it said, but going forward, it will also focus on unifying protection, detection and correction across a multivendor network environment. All of that information will be flowed into an adaptive feedback loop, so that the system can learn from itself. The result is the creation of what Intel calls the threat defense lifecycle, whereby organizations over time become more effective at blocking threats, identifying compromises and implementing remediation as well as countermeasure improvements more quickly.
“The rising volume and complexity of attacks presents a vicious cycle of challenges for organizations and makes speed and efficiency critical,” said Chris Young, senior vice president and general manager of Intel Security Group. “With a rapidly expanding attack surface, and a shortage of relevant talent and expertise, defenders need to win on visibility into events, simplified management, and capabilities that empower teams to close the loop on attacks in progress—faster, more effectively, and with fewer resources.”
In support of the strategy shift, Intel Security announced a handful of foundational solutions.
For instance, McAfee Endpoint Security 10.X is focused on fast scanning and deployment, while McAfee Active Response supplies on-demand and continuous visibility into an array of endpoint activities, with automated tools to respond to and monitor threat events.
The solutions can be used and managed together using Intel Security’s centralized management platform, the Security Connected platform. The platform was designed to orchestrate management, analytics and intelligence operations—within the new strategy, it will evolve to an open platform built on standards and published interfaces for multi-vendor security information sharing.
To that end, Intel has announced support for the Structured Threat Integration Expression (STIX) and Trusted Automated eXchange of Indicator Information (TAXII) standards. The standards compliance will help with third-party integrations.