McAfee launches cloud-based threat protection

McAfee has announced MVision Cloud Native Application Protection Platform (CNAPP), an integrated architecture to secure the cloud native application ecosystem. Mvision CNAPP delivers data protection, threat prevention, governance, and compliance throughout the cloud-native application lifecycle, including container and OS-based workloads.  

Accelerated by COVID-19, every enterprise is undergoing a digital transformation mandate. Most enterprises are leveraging the agility and innovation velocity of the public cloud, either solely or in conjunction with their private data centres. These enterprises need a simplified architecture; one that enables them to leapfrog the cost and complexity of the patchwork quilt of point products, and benefit from the cloud-native ecosystem, without major investments in tools or developer talent. 

“Organizations want to unleash the creativity of their developers to rapidly develop and deploy compelling and compliant cloud-native applications that harness the power of the cloud,” says Carlo Bolzonello, country manager for McAfee in South Africa. “But to do that they need an equally cloud-native platform to address the new security needs of this new environment. McAfee MVision CNAPP extends MVision Cloud’s data protection – both Data Loss Prevention and malware detection – threat prevention, governance and compliance to comprehensively address the needs of this new cloud-native application world thereby improving security capabilities and reducing the Total Cost of Ownership of cloud security.” 

MVision CNAPP is the industry’s first platform to bring application and data context to converge Cloud Security Posture Management (CSPM) for public cloud infrastructure, and Cloud Workload Protection (CWPP) to protect hosts and workloads including VMs, containers, and serverless functions.  

McAfee provided the following information on the platform’s capabilities: 

• Deep Discovery: The ability to discover all cloud resources and prioritize them based on risk. MVision CNAPP uniquely provides deep discovery of all workloads, data and infrastructure across endpoint, networks, and cloud. 
• Shift Left: The ability to protect against configuration drift and provide vulnerability assessment across virtual machines, containers and serverless environments. This helps unleash developer productivity through frictionless automation.  
• Zero Trust: The ability to build policy based on zero trust, behavioural observation to eliminate false positives and achieve scale with known good behaviour enforcement. 
• Mitre ATT&CK Framework: The ability to empower the Security Operations Centre (SOC) by mapping cloud native threats to the Mitre ATT&CK framework for expedient remediation. 
• Governance and Compliance: The ability to automate security controls for continuous compliance and governance of data and permissions.  

“EA’s business depends on public cloud IaaS and it’s my role to manage the security of that environment,” says Bob Fish, enterprise security architect, Electronic Arts.  “Every application deployed across our public cloud infrastructure requires onboarding, vulnerability management, run time protection, threat prevention and SOC integration, while ensuring continuous availability.  We are excited about MVision CNAPP because we prefer a single unified security platform to implementing separate point products for each security capability required.” 

MVision CNAPP is planned to launch in March 2021. Watch the keynotes from McAfee MPower here.