McAfee this week launched the McAfee MVision Cloud Native Application Protection Platform (CNAPP), a new security service designed to secure cloud-native applications. McAfee says MVision CNAPP delivers consistent data protection, threat prevention, governance, and compliance throughout the cloud-native application development lifecycle for container and OS-based workloads.
To accelerate their digital transformation journey, enterprises are leveraging the agility and innovation velocity offered by cloud-native applications hosted across private, public and hybrid clouds. Enterprises also want to unleash their developer talent to build and deploy secure applications. To do so, these enterprises need a comprehensive security platform with a simplified architecture; one that enables them to reduce the cost and complexity of point security products.
“Enterprise cybersecurity programs need to evolve to secure a growing footprint of cloud-native applications and infrastructure, a sentiment shared by 88 percent of respondents who participated in research recently completed by ESG,” says Doug Cahill, vice president and group director of ESG’s cybersecurity practice. “To do so, 73% of organizations cited a preference for a consolidated set of the controls based on an integrated platform for breadth of coverage and depth of functionality.”
It is the industry’s first platform to brings application and data context to converge Cloud Security Posture Management (CSPM) for public cloud infrastructure, and Cloud Workload Protection Platform (CWPP) to protect applications distributed across virtual machines, compute instances and containers.
MVision CNAPP provides five key capabilities:
- Deep Discovery: It provides frictionless deep discovery of all workloads, data, and infrastructure, prioritize security risk, based on misconfigurations, software vulnerabilities and sensitive data.
- Shift Left: It protects against configuration drift and provides automated assessment across virtual machines, containers, and developer pipelines.
- Workload Protection: It introduces a new light weight agent to support ephemeral workloads. Includes application allow listing, workload hardening, integrity monitoring, and detection of anomalous behaviour to access true application risk.
- In-tenant Data Loss Prevention (DLP) Scanning: It enables local scan of data without the need for enterprises to move data outside their tenant, facilitating cost optimisation, increased security, and data privacy.
- MITRE ATT&CK Framework for Cloud: It supports the Security Operations Center (SOC) by mapping cloud native threats to the MITRE ATT&CK Framework for Cloud.
“Enterprises want to leverage the innovation and velocity offered by the public cloud, in conjunction with their private data centers, while enabling a consistent security posture,” says Shishir Singh, chief product officer, McAfee.
“Legendary Entertainment is a cloud-first organization leveraging the public cloud,” says Dan Meacham, vice president, Global Security, Legendary Entertainment. “We harness the power of the public cloud and cloud-native applications as we collaborate across the world, while minimizing the security risk. We prefer a single unified security platform to implementing separate point products for each security capability required. MVision CNAPP provides security teams deep insight into service configurations for our multi-cloud usage, industry benchmarks to better assess our data and application security risk, as well as provide an integrated workload protection tool to improve security across our entire application lifecycle.”
For more information, visit https://www.mcafee.com/enterprise/en-us/solutions/mvision.html.