Mvision Cloud Native Application Protection Platform (CNAPP) is said to deliver consistent data protection, threat prevention, governance, and compliance throughout the cloud-native application lifecycle, including container and OS-based workloads.
It is a response to the need "to leapfrog the cost and complexity of the patchwork quilt of point products, and benefit from the cloud-native ecosystem, without major investments in tools or developer talent."
CNAPP is, according to McAfee, the first security platform to apply application and data context to the convergence of cloud security posture management for public cloud infrastructure, and cloud workload protection to protect hosts and workloads including VMs, containers, and serverless functions.
Key capabilities include the ability to discover and prioritise all cloud resources, protection against configuration drift, and automated vulnerability assessment across virtual machines, containers and serverless environments.
Furthermore, it incorporates the Mitre Att&ck framework, builds policy based on zero trust (using behavioural observation to eliminate false positives), and automates security controls for continuous compliance and governance of data and permissions.
"Organisations want to unleash the creativity of their developers to rapidly develop and deploy compelling and compliant cloud-native applications that harness the power of the cloud," said McAfee senior vice president of cloud security Rajiv Gupta.
"But in order to do that they need an equally cloud-native platform to address the new security needs of this new environment. McAfee Mvision CNAPP extends Mvision Cloud's data protection – both data loss prevention and malware detection – threat prevention, governance and compliance to comprehensively address the needs of this new cloud-native application world thereby improving security capabilities and reducing the total cost of ownership of cloud security."
CNAPP is now in beta, with general availability planned for March 2021.
McAfee Mvision Unified Cloud Edge (UCE) has been updated to deliver a "unique approach" to ransomware and phishing protection, incorporating remote browser isolation (RBI) technology in conjunction with real-time protection.
The new version also provides unified data loss prevention (DLP) and incident management across devices, networks, web and the cloud.
The trend to remote working has accelerated cloud transformation, revealing two particular security challenges. Attackers are increasingly using phished credentials to exploit cloud applications, and more data that ever is beyond the reach of traditional network data protection.
So UCE applies McAfee's RBI technology to protect against web-based threats (including ransomware and credential phishing attacks), and applies unified data classification and incident management to help protect data to wherever it resides – including 'shadow IT' cloud services.
It also uses a new unified data classification engine with consistent pre-defined classifications to dramatically improve workflow efficiency.
"As SASE architecture adoption becomes more widespread due to its unique security benefits, enterprises will have more of a choice in the technology they select," said McAfee vice president of product management Anand Ramanathan.
"Organisations that choose disparate and siloed solutions from different vendors end up with increased operational overhead, added costs and complexity. With these innovations, Mvision UCE solidifies McAfee's commitment to tackling the ever-evolving threat landscape, providing simplified management, hyper scalability, cost saving and holistic security across a unified experience."
Mvision UCE's unified DLP incident management capabilities will be available in November. Remote Browser Isolation will go into opt-in beta "in the coming months."
McAfee's Mvision XDR platform is billed as a cloud-based advanced threat management solution that improves security operations centre (SOC) effectiveness.
"Mvision XDR removes the complexity of fragmented tools and provides new levels of proactivity, prioritisation and orchestration to improve the SOC effectiveness," according to the company.
Mvision XDR capabilities include acting on external threats before attacks occur, providing visibility and control of threats across the entire enterprise to speed triage, and automated threat prioritisation of threats based on risk and impact – all using an open and cloud-delivered security platform for simplified integration with threat intelligence and other SOC tools.
"SOCs continue to face a dynamic threat landscape especially in this work-from-everywhere environment. The fragmented nature of their traditional tools, which require a lot of manual and cumbersome processes, make it near impossible for their already stretched teams to be as effective as they need to be," said McAfee enterprise business group executive vice president and chief product officer Ash Kulkarni.
"Mvision XDR is the industry's first XDR platform that allows organisations to proactively get ahead of adversaries and manage threats across their entire enterprise with unified visibility, control, and automation to protects what matters most."
Some aspects of Mvision XDR have already been built into Mvision EDR. Additional Mvision XDR functionality will be available to early access customers in Q1 2021, with general availability to follow.