Threat Defense Lifecycle Automation: ¿qué significa?

When we presented our strategy at FOCUS ’15, there was a simple concept at its core: creating integrated security systems to automate the threat defense lifecycle, so you can address more threats, faster, and with fewer resources . With the recent announcement of our strategic partnership with TPG, we wanted to further define our strategy and show how we are uniquely leading the market by making IT security as dynamic and responsive as the most dangerous threats.[1] .

To summarize: the results of these security systems will be measurable —a simple but incredibly important conclusion. We define success not only through satisfaction, but also through the impact on key CISO-level metrics. When compared to disconnected architectures, we expect these systems to be able to:

• Reduce the total protection time from more than four hours to one minute.
• Increase incident response capacity up to 30 times
• Improve response time from over 24 hours to less than 7 minutes

We understand that if we can’t improve your metrics, we have nothing to offer but a new widget – and you already have enough of those!

Fundamentally, we are creating these integrated and automated security systems because we believe that:

1. Protect, detect, and remediate are better processes when they work together. The virtuous cycle of integrated security generates the best possible protection technology, seeks out and contains advanced threats and quickly remediates them… while adapting protection technologies to better block future threats. Organizations with integrated security platforms are 30% better protected.[2] , and we want you to be part of that statistic.
2. Only automation can overcome staffing issues. You are clearly facing a mismatch between your staffing allocation (talent and volume) and the growing number and sophistication of threats.[3] . That gap is exacerbated by disconnected tools, which force analysts to integrate them manually, which takes more time and effort. Automated security systems are critical to helping solve this problem: eliminating routine tasks, enabling the onboarding of new hires, and freeing up your best talent to solve your toughest problems. We expect automation to reduce manual effort by up to 70%.
3. No vendor can do it alone. The security industry is one of the most fragmented, and no single vendor offers the entire threat defense lifecycle. You need a practical way to integrate new features into a comprehensive platform approach. Only true partnerships between industry leaders can create true security systems that protect, detect, and remediate.

Four Security Systems

With that conviction fueling our strategy, we are building a platform-based architecture with four security systems: Endpoint, Cloud, Hybrid Data Centers, and Threat Management. Each system combines multiple technologies into a single, integrated security approach, allowing us to break new ground: combining the best technology on the market with broad integration across common platforms. We hope this will drive the top-notch results you deserve, along with low operational complexity, to manage an operating cost structure that’s accessible to you.

Connection of these Security Systems

Each of these systems helps you address more threats, faster, and with fewer resources. However, because they’re built on platforms, they’ll work together to solve even bigger security problems. Choose just a few examples:

• Closed-loop threat defense: All four systems work together to share threat intelligence and automate protection, improving security and lowering costs. Using the example of a potential attack starting at the endpoint, our security systems automate detection and response from start to finish (although a threat entering through the cloud or data center would follow the same flow):
• Mobile Off-the-Grid Security: Due to the rise of SaaS applications, mobile workers may complete much of their work using only email, SaaS applications, and local computing. The combination of converged endpoint and cloud-delivered data security systems is designed to create a “mobile clean zone” to protect these workers’ mobile devices, but also to keep organizations’ data secure while they are away from the corporate network by allowing them to more securely connect to that network when needed. This includes technology from McAfee, but also from our partners such as VMware® AirWatch® and MobileIron.
• Security for Infrastructure as a Service: Securing workloads and access to IaaS platforms like Amazon Web Services or Microsoft Azure relies on the interconnectivity of public cloud, data, users, and the security operations center to successfully defend:

A Single Point of View

A common pitfall in the security industry is that vendors start describing their strategies with catchphrases, and it doesn’t take long for them all to sound the same. To help you avoid buzzwords, here are some of the areas where we believe our approach is truly unique in the market:

• Integration: We’re combining point tools and functionality, using common platforms, into integrated security systems. You can see this in all four security systems: Each combines the capabilities of three or more point products into a single system. We offer this integration and management layer with ePO™ and threat intelligence layer through DXL.
• Automation: With integration as our foundation, we subsequently build on closed-loop automation. This automation provides more accurate detection, faster remediation, and closed-loop protection. These benefits are directly enhanced by the range of products and technologies we integrate (our own or with other security providers).
• Orchestration: With your organization liberated through automation, we’ll move on to orchestration. While automation is at the tool level, orchestration is at the systems level, not only generating actions but also coordinating teams and accelerating investigations. The benefits, both through security effectiveness and team efficiency, are the most dramatic here, so the ultimate goal is for integration and automation to build together.

Really?

This may generally surprise some of you, but it’s a reality today. You may wonder if we can really do this, and I appreciate the skepticism. I’m not asking you to trust us blindly—instead, I invite you to join us at FOCUS16 in Las Vegas this fall. There, we’ll share with you the delivery of technology based on this strategy. I’m sure you’ll be pleasantly surprised!

Sincerely

Brian