The bane of most security assessment products is false positives. Sending security pros on a wild goose chase tied to false positives has a dramatic impact on productivity and morale. This is especially true when vetting detected malware from vulnerability scans. Keeping false positives to a minimum should be a top priority for vulnerability assessment products. This is where McAfee Vulnerability Manager really shines.
Without using an agent, since 2002 McAfee Vulnerability Manager has been accurately detecting for the presence of malware in its user environments. The most recent incarnation of McAfee Vulnerability Manager uses credentialed scans to look for the presence of Top Weekly Malware. By leveraging the knowledge of over 400 McAfee researchers who rely on millions of collection points to know precisely what represents the top malware, McAfee Vulnerability Manager customers are able to quickly focus their efforts on those assets that need immediate attention.
One area where agent-less malware detection is particularly useful is with Rootkits since they are very good at hiding or masking its files and may even be able to hide network activity from the local system or user. When examined remotely over the network, Rootkits are unable to hide signature network activity. With ever expanding networks where malicious Rootkit activity may be present, McAfee Vulnerability Manager’s agent-less malware detection provides the first line of defense against infected rogue or unknown assets that connect to the network. When integrated with a NAC solution, McAfee Vulnerability Manager accurately identifies infected systems prior to entry into the corporate network then isolating them for anti-virus installation and cleaning or disconnecting them entirely.
The value agent-less malware detection is particularly apparent when zero-day, high profile attacks such as Operation Aurora, which targeted Google and many other companies, and the persistent Conficker worm materialize. In each case, McAfee Vulnerability Manager customers were able to immediately scan for the existence of signature files within their environment and take the appropriate action. To help further combat these attacks, McAfee has released free, lightweight tools that can be used to detect the presence of Aurora and Conficker. Download the Aurora Vulnerability Detection Tool. Download the Conficker Detection Tool.
By combining accurate malware detection with a heightened understanding of top threats to a business, McAfee Vulnerability Manager assures that customers are able to reinforce their digital boundaries with a single, cohesive vulnerability assessment workflow.
This timely release reinforces SC Magazine’s recent group test acknowledgement of McAfee Vulnerability Manager with a coveted “Five-Star” and “Best Buy” rating in their February edition.