Migrate to the New McAfee Endpoint Security (ENS)
The traditional IT model of waiting for early adopters to work through any bugs before you install new software makes sense in many cases. In cybersecurity, however, each day’s delay extends the window of opportunity for zero-day malware to wreak havoc on your endpoints.
During the recent Wannacry ransomware attack, customers running the latest McAfee Endpoint Security with Advanced Threat Protection never had a hiccup. Their endpoints immediately classified the file as greyware, subject to deeper analysis and containment. Like border collies so smart they don’t need a command, McAfee Dynamic Application Containment herded unknown files away from crucial areas, allowing them to run but not take actions that malware typically attempts— like encrypting files or overwriting directories.
All of this happened in seconds, without human intervention, and without waiting for a signature. While some organizations scrambled to contain a massive outbreak, McAfee Endpoint Security customers continued working as usual. Even if the attack made it onto an endpoint, it was severely limited in any damage it could cause to that endpoint or user. And with McAfee Threat Intelligence Exchange, the first endpoint to get hit communicated with every other system in the environment.
Stay Current, Stay Protected
Cases like this prove you can’t afford to wait. While signature-based security still plays an important role in endpoint security, it now functions best when used as part of a multi-layer defense, filtering out less sophisticated, “commodity” malware. Signature-based defenses depend on the endpoint security vendor identifying a new attack and creating a DAT file so endpoints can block it. Even when vendors discover a new threat immediately, it still takes hours or days to create and distribute that signature. And during that gap, thousands—even millions—of endpoints can get hit.
The more advanced modern malware threats, however, are designed to disguise their nature and exploit the windows of vulnerability that signature-only defenses leave open. That’s why the industry is moving to next-generation, signature-less approaches.
Move to the Latest McAfee Endpoint Security
With the latest McAfee Endpoint Security, you don’t have to wait for a signature. If an executable has never been seen before, your endpoints automatically classify it as “greyware” and treat it with appropriate suspicion. Your endpoints first conduct pre-execution scanning of its code base—essentially a static look at the code (before it runs). Then, they perform dynamic analysis of the behavior during execution. All of these capabilities, and others, are part of protection at each endpoint that limits the damage and spread of greyware to other endpoints. And they’re designed and integrated to close that window of vulnerability—to stop malware even before security systems know exactly what it is.
No matter who your endpoint security vendor is, check to see if you’re running their latest software version—and if not, update it. Hint: If you’re running VirusScan Enterprise (VSE), McAfee Host IPS Firewall, or McAfee SiteAdvisor web filtering, you’re not using the latest McAfee Endpoint Security.
McAfee Endpoint Security is an integrated solution that replaces several individual legacy endpoint products, including McAfee VirusScan Enterprise, McAfee Host IPS Firewall, and McAfee SiteAdvisor web filtering. If you’re an existing customer with one of our Endpoint Security suites, McAfee Endpoint Security is a free security upgrade.
More antivirus and malware news?
- Adobe Patches 11 Flaws Across Four Products
- "Signal" Uses Domain Fronting to Bypass Censorship
- Targeted Attacks: Stealing Information Through Google Drive
- Privacy group calls for new hearings on Google StreetView snooping
- Why cloud security is still a top concern for IT
- Bug, not DDoS, took down US court systems – just like Gmail
- Application attacks against clouds up 45%
- EFF asks Supreme Court to rule on secret surveillance memo
- Keeping Your Teen Safe Online – Even When They Don’t Want Your Help!
- A Look at the BIND Vulnerability: CVE-2016-2776