With help from Intel, McAfee links security to the chip
DeepSafe offers a glimpse at future Intel-McAfee security products
IDG News Service - Nearly seven months after Intel shelled out $7.68 billion for antivirus vendor McAfee, the two companies are offering a glimpse of their future.
At the Intel Developer Forum in San Francisco Tuesday, McAfee will provide an early look of its new effort to build security protections outside of the OS, using Intel's chip-level hooks that allow McAfee's Endpoint Protection Software to get a better look at malicious software such as rootkits.
Called DeepSafe, the software is something new for the antivirus industry, said Candace Worley, senior vice president and general manager of McAfee Endpoint Security. "This level of technology has never existed before," she said. "It's brand new; it's been jointly developed between the two companies."
DeepSafe is McAfee's answer to advanced hacking technologies, such as rootkits, that seem to be getting better and better at slipping malicious software onto PCs unnoticed.
"Most antivirus products today reside at the same level in the system as the operating system," Worley said. "What we're finding is a lot of the antivirus is simply not seeing a rootkit that's installed at that level of the system."
Rootkits use all kinds of sneaky tricks to cover their tracks, rewriting file names, and even modifying data in system monitoring tools so that everything seems normal.
In fact, it's somewhat of an open secret in the security industry that determined cyberattackers can skirt antivirus detection almost at will. Some victims go years without detecting so-called advanced persistent threat (APT) infections, even with their antivirus software up-to-date.
That's left vendors such as McAfee scrambling to make things harder for the bad guys.
Worley describes DeepSafe as a "technology foundation," for future products. The first of these products will be an add-on to McAfee Endpoint Protection that will focus on rootkit detection for the enterprise. That's who's most interested in this kind of technology right now, Worley said. The product, yet unnamed, will be launched at McAfee's Focus conference in Las Vegas next month, "and as time progresses we will migrate this to the consumer space," she said.
McAfee was vague about how DeepSafe will work, but the company started working on the technology prior to the Intel acquisition, Worley said.
The product will work in VMware installations, but Microsoft and Citrix customers will have to wait a bit longer. "We're still working out how this system will work with those technologies over time," Worley said.
Although McAfee will be the first major antivirus vendor out of the gate with this type of technology, it isn't the only company going in this direction, said Lawrence Pingree, a Gartner research director. "What's going to happen is they're going to release this and then others are going to follow suit," he said.
DeepSafe is interesting, but it still isn't the kind of breakthrough technology that will justify McAfee's multibillion-dollar price tag. "We're still waiting for real hard technology to come out of this merger that will really be a big innovation," he said.
Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert's e-mail address is robert_mcmillan@idg.com
Intel update
- Intel's Thunderbolt with fiber optics years away
- QuickPoll: Can Microsoft and Intel's marriage be saved?
- Intel shows off tablet with upcoming Atom chip
- With help from Intel, McAfee links security to the chip
- Intel to show tablets, ultrabooks running Windows 8
- Intel, ARM set for next stage of laptop battle
- Intel, Microsoft's alliance faces test at IDF
- Intel 'fully committed' to MeeGo, exec says
- The Need for More than Speed: CPU Tips for PC Buyers
- Diane Bryant


- Excel 2010 Cheat Sheet
- Register for this Computerworld Insider Cheat Sheet and gain access to hundreds of premium content articles, guides, product reviews and more.
- Driving Secure Enterprise File Sharing and Syncing in the Enterprise
- GroupLogic's new activEcho is the industry's only secure Enterprise File Sharing and Synching solution that balances the need for simplicity for the end...
- The Enterprise File Sharing Option
- Enterprises and IT departments need to address several critical security issues when considering file sharing and syncing products. Many of today's solutions do...
- Security Strategies to Virtualizing Internet-Facing Applications
- The IT organization at Intel has set a goal to transition their enterprise to a private cloud for their Office and Enterprise applications....
- Cloud Security Planning Guide
- Cloud security considerations span protecting hardware and platform technologies in the data center to enabling regulatory compliance and defending cloud access through different...
- Cloud Security Vendor Round Table
- This vendor round table guide will help you to evaluate different cloud technology vendors and service providers based on a series of questions... All Security White Papers
- Live Webcast
Data Privacy and Protection in Production Environments: New Research from Ponemon Institute - Date: Wednesday, June 13, 2012, 1:00 PM EDT / 10:00 AM PDT
In a recent study conducted by Ponemon Institute, fifty-five percent of respondents... - Data Privacy and Protection in Production Environments: New Research from Ponemon Institute
- Date: Wednesday, June 13, 2012, 1:00 PM EDT / 10:00 AM PDT
In a recent study conducted by Ponemon Institute, fifty-five percent of respondents... - Security Certifications 101 - BlackBerry and all those acronyms what do they mean and why they matter?
- FIPS, Common Criteria, CAPS, AISEP, NFC, NIST, Fraunhofer SIT, CESG, DSD - these are just some of the government and industry certifications which...
- BlackBerry PlayBook OS 2.0 Security Overview
- The presentation provides an overview of BlackBerry PlayBook OS 2.0 security capabilities and features, including: BlackBerry® Balance™ technology, BlackBerry® Bridge, data-at-rest protection, and...
- BlackBerry NFC Security Overview
- The presentation on NFC security will provide an overview of the security protections built into the BlackBerry platform to protect users, application developers...
- Playing Defense: Staying on Top of Your Disaster Recovery Game
- When it comes to disaster recovery, rapidly growing data volumes, distributed computing models, and new technologies all combine to present an ever-changing playing... All Security Webcasts
