Content

The Hidden Gap of Unknown Threats

McAfee® Avert® Labs, the amount of malware reported in 2008 already exceeds the amount reported in 2006 and 2007 combined. The unprecedented growth in malware has made it difficult not only for consumers and enterprises, but also for security vendors trying to keep up using the traditional "signature" based defense mechanism. The biggest problem with the continued use of signatures is the protection gap. It often takes up to 24- to 72-hours from the time a threat is identified, analyzed, and its signature is developed to the time it is finally delivered to the endpoint. While consumers and enterprises are playing the waiting game; their endpoints are exposed and vulnerable.

What is required is a correlation of signatures and behavioral techniques with real-time threat intelligence gathered from the user community at large.

Introducing McAfee Artemis Technology — Collapsing the gap with on-demand, real-time malware protection for known and unknown threats

McAfee Artemis Technology is the first "always-on," real-time protection that secures enterprises and consumers from threats as they strike. Current McAfee customers can now leverage the community's threat intelligence to prevent damage and data theft even before a signature update is available—making the endpoints smarter and safer at no additional cost. Key benefits of McAfee Artemis Technology include:

  • Reduction in protection gap from hours or even days to milliseconds
  • Higher detection rate by leveraging collective threat intelligence within Advanced Learning Repository
  • Best of Anti-Malware blacklist and whitelist models
  • Seamless enablement through McAfee ePO

Through advanced technologies from McAfee Avert Labs, McAfee Artemis Technology offers real-time security using a combination of signature and behavior analysis with community threat intelligence. McAfee Artemis Technology can quickly notify the user if the file should be blocked or quarantined through the following steps:

  1. A user receives a file that the scan agent deems suspicious (for example, an encrypted or packed file) and for which there is no signature in the local .DAT database.
  2. Using McAfee Artemis Technology, the agent sends a fingerprint of the file for instant lookup to the comprehensive database at McAfee Avert Labs.
  3. In less than a second, if the fingerprint is identified as known malware, an appropriate response is sent to the user to block or quarantine the file.

Best of all, McAfee Artemis Technology is included in McAfee endpoint products — McAfee VirusScan® Enterprise, McAfee Total Protection Service and McAfee VirusScan Plus — at no additional charge. Current McAfee customers can reduce the potential gap that exists today and get greater protection from known and unknown threats with McAfee Artemis Technology.