With help from Intel, McAfee links security to the chip
DeepSafe offers a glimpse at future Intel-McAfee security products
IDG News Service - Nearly seven months after Intel shelled out $7.68 billion for antivirus vendor McAfee, the two companies are offering a glimpse of their future.
At the Intel Developer Forum in San Francisco Tuesday, McAfee will provide an early look of its new effort to build security protections outside of the OS, using Intel's chip-level hooks that allow McAfee's Endpoint Protection Software to get a better look at malicious software such as rootkits.
Called DeepSafe, the software is something new for the antivirus industry, said Candace Worley, senior vice president and general manager of McAfee Endpoint Security. "This level of technology has never existed before," she said. "It's brand new; it's been jointly developed between the two companies."
DeepSafe is McAfee's answer to advanced hacking technologies, such as rootkits, that seem to be getting better and better at slipping malicious software onto PCs unnoticed.
"Most antivirus products today reside at the same level in the system as the operating system," Worley said. "What we're finding is a lot of the antivirus is simply not seeing a rootkit that's installed at that level of the system."
Rootkits use all kinds of sneaky tricks to cover their tracks, rewriting file names, and even modifying data in system monitoring tools so that everything seems normal.
In fact, it's somewhat of an open secret in the security industry that determined cyberattackers can skirt antivirus detection almost at will. Some victims go years without detecting so-called advanced persistent threat (APT) infections, even with their antivirus software up-to-date.
That's left vendors such as McAfee scrambling to make things harder for the bad guys.
Worley describes DeepSafe as a "technology foundation," for future products. The first of these products will be an add-on to McAfee Endpoint Protection that will focus on rootkit detection for the enterprise. That's who's most interested in this kind of technology right now, Worley said. The product, yet unnamed, will be launched at McAfee's Focus conference in Las Vegas next month, "and as time progresses we will migrate this to the consumer space," she said.
McAfee was vague about how DeepSafe will work, but the company started working on the technology prior to the Intel acquisition, Worley said.
The product will work in VMware installations, but Microsoft and Citrix customers will have to wait a bit longer. "We're still working out how this system will work with those technologies over time," Worley said.
Although McAfee will be the first major antivirus vendor out of the gate with this type of technology, it isn't the only company going in this direction, said Lawrence Pingree, a Gartner research director. "What's going to happen is they're going to release this and then others are going to follow suit," he said.
DeepSafe is interesting, but it still isn't the kind of breakthrough technology that will justify McAfee's multibillion-dollar price tag. "We're still waiting for real hard technology to come out of this merger that will really be a big innovation," he said.
- Hands on: Apple's Mac Pro is the fastest Mac ever
- Open source challenges a proprietary Internet of Things
- Intel kills SSD overclocking, unleashes its fastest-ever consumer drive
- Mobile platforms with 8GB memory may be on the way
- New smartphone OS flags will fly at Mobile World Congress
- Why Apple needs a $700 MacBook Air
- Steven J. Vaughan-Nichols: Told you so! Microsoft backs off on Metro
- Intel to scrap McAfee name, give away mobile security tools
- Mac sales estimates for Q4 are all over the map
- OEMs, Intel making big mistake with two-headed, dual-OS devices
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts