- Category: April 2014 - Mobile Marketing
McAfee has released two new tools – McAfee Web Gateway (MWG) and McAfee Heartbleed Detector app for Android - to help consumers stay safe from the Heartbleed Bug, the vulnerability in OpenSSL that has been discovered earlier this month.
The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content, allowing attackers to eavesdrop on communications, besides stealing and impersonating data directly from the services and users.
Let’s keep in mind that the most notable software using OpenSSL are the open source web servers like Apache and nginx, which have a combined market share of more than 66% according to Netcraft's April 2014 Web Server Survey. Furthermore OpenSSL is very popular in client software and somewhat popular in networked appliances which have most inertia in getting updates.
Heartbleed bug protection available
But now, McAfee Web Gateway (MWG) is available for corporate customers to detect and block users from accessing a site with the Heartbleed bug. MWG has the unique advantage of the so-called "subscribed lists" and "external lists" features that allow it to talk to external services, meaning that while being used concurrently with the "Heartbleed Vulnerability Checker" hosted on a web server, it will be able to provide information about vulnerable destination servers to MWG.
McAfee Heartbleed Detector app for Android helps consumers determine if a mobile device is vulnerable, as well as assess their apps’ risk level. This is done by checking which version of OpenSSL the Android device is using as well as checking the OpenSSL version of every app installed on the device.
In addition, McAfee is strengthening its network portfolio with deeper integration and expanded use of both global and local threat intelligence. Of course, firewalls are the first line of defence for many organizations, but traditional firewalls do not integrate with endpoint security solutions and do not have access to either global threat intelligence or local threat intelligence. Without this integration, organizations are unable to protect against many of today’s complex attacks. Recent high profile data breaches have underscored this challenge, with many organizations discovering breaches days or weeks after the initial compromise had occurred – and we know that it took as well much too long to discover Heartbleed.
To address this challenge, McAfee is delivering a framework that brings network and endpoint together through centralized management and that integrates with both global and local threat intelligence to deliver visibility across all threat vectors.
Integrated Network Security is a must
As part of its Security Connected framework, McAfee offers network security as part of an integrated portfolio in which security products and services work together to safeguard businesses from advanced attacks. At the core of McAfee Security Connected are the principles of integrated solutions, built-in intelligence, and advanced management offered with an extensible architecture for partners. These solutions integrate with endpoint security to share real-time information, threat intelligence, and workflows to strengthen an organization’s defenses.
“Gone are the days when you could deploy a new standalone security appliance to protect your entire network,” said Pat Calhoun, general manager of network security at McAfee. “The advanced attacks that we’re seeing today happen far too quickly and can easily overwhelm security products that are operating solo.”
Therefore, McAfee offers a wide range of integrated network protection technologies including McAfee Threat Intelligence Exchange, McAfee Advanced Threat Defense, McAfee Network Intrusion Prevention, and McAfee Next Generation Firewall to provide maximum availability, security, integrity, flexibility, and manageability with minimum overhead and risk.
Threat intelligence is critical
The ability to quickly spot and pre-empt advanced threats is now a business differentiator as companies seek to protect their intellectual property and assure customers that their data is safe and secure. Building on McAfee’s leadership experience across network, endpoint and data security, McAfee Threat Intelligence Exchange allows organizations to orchestrate security controls to identify patterns, immunize assets against newly-identified malware, and prevent data exfiltration in real-time – optimizing security for each organization.
Calhoun added, “Just as a team is more powerful than an individual, a beneficial multiplier effect occurs when network security solutions are connected to each other, to endpoints and other intelligence sources – the collective security analysis from these solutions is greater than that of a single solution.”