News from Black Hat: Humans Collaborate and Team with Machines to Work Smarter

By on

This blog was written by Barbara Kay.

Work smarter, not harder. I’ve always liked that mantra (I told my mom I wasn’t procrastinating: I was planning!), and this approach is especially needed in security operations. Today at Black Hat, McAfee announced a wealth of ways we are helping analysts and administrators get more value out of their investments, both in technology and in operating approaches.

“Human-machine teaming” is the core concept. It represents a responsible place in the continuum between fully automated and fully manual processes. In truth, there are no totally automated or totally manual processes. The most fully automated example is a countermeasure permitted to make decisions without a human in the loop. We allow this action after people have defined the scope and impact of the system’s decisions, and we have confidence that machines can implement these steps reliably and consistently. I think of this as empowered automation.

The best “fully manual” examples might be threat hunters and security architects, who use tools to facilitate free-form processes and enrich decisions informed by experience. These experts use machines surgically and thoughtfully, driving the right applications of automation while respecting the unique contribution and value of the individuals.

In the threat hunter report released today, “Disrupting Disruptors” we found that the most advanced organizations use a balance of manual and automated processes, and are twice as likely to automate investigation processes as less mature organizations. This is human-machine teaming in action.

McAfee product innovations are helping organizations move up the maturity curve with more machine learning, automated analytics, and better information access and visualizations for the humans who need to make decisions. Through OpenDXL.com and new industry partnerships, we’ve also improved the options for humans to work together, ensuring the most creative and effective uses of machines in the cybersecurity fight.

Highlights:

  • Enhanced Machine Learning Malware Detection: The newly released McAfee Advanced Threat Defense (ATD) 0 introduces an innovative deep learning technique to enhance malware analysis, resulting in an expanded ability to identify malicious markers that may be hidden, or not fully executed.
  • Expanded, Closed-Loop Detection-to-Protection for Email: McAfee ATD Email Connector now enables email security gateways to forward suspicious attachments to McAfee ATD for analysis, preventing malware from spreading on internal networks.
  • Integrated Cloud Threat Detection: New integration between McAfee Cloud Threat Detection (CTD) and McAfee Threat Intelligence Exchange (TIE) enables McAfee Endpoint Security (ENS) to easily forward suspicious samples to a cloud sandbox for in-depth analysis.
  • Accurate Insight into Exposure and Risk, including Office 365: McAfee Enterprise Security Manager 10.1, our updated SIEM solution, now improves risk assessment by factoring in active, relevant countermeasures and priority guidance, providing a more accurate understanding of exposure and potential impact. The new Asset Threat Risk Content Pack 2.0 feature delivers security configuration, compliance posture and patch assessment in a single view. Easy incorporation of Microsoft Office 365 actions and events enables monitoring and analysis of user activity within cloud services.
  • Rapid SOC Use Case Deployment: The new McAfee Connect content portal simplifies access to freely available, simple to deploy use cases and solution integrations for use with McAfee Enterprise Security Manager. Through the portal, McAfee customers can find tools to activate monitoring, detection and incident management tasks, including user behavior analysis and detection of malware exploits and reconnaissance.
  • Simplified, faster, estate-wide Data Loss Prevention: McAfee Data Loss Prevention (DLP) Endpoint, DLP Prevent, DLP Discover and DLP Monitor are now fully unified. Unified policy management builds upon a common classification engine, dictionaries, regex engine and syntax. Streamlined incident and case management speeds investigation and remediation of risk or suspicious user behavior and common file, email, web traffic and database analysis across endpoint and network DLP ensures consistent enforcement of corporate data usage policies.
  • New, independent open source community, OpenDXL.comA forum, app marketplace, and new utilities and developer resources encourage enterprises, developers, and integrators to take advantage of the speed and simplicity of OpenDXL integrations and the Data Exchange Layer (DXL) communication fabric.
  • 14 New Security Innovation Alliance partnersMcAfee is proud to welcome more of today’s and tomorrow’s industry leaders to our partnership program, including representatives of the network, monitoring, analytics, and orchestration markets.

 

AGAT Software

Cisco Systems

Extreme Networks

Gigamon

HPE

Identiv

Juniper Networks

Kemp Technologies

Lumeta

Resolve Systems

Siemplify

SkyFormation

 

Read the press release, visit us in Booth 300 at Black Hat, and learn more about human-machine teaming here.

 

Leave a Comment

Similar articles

With summertime just around the corner, families are eagerly looking to book their next getaway. Since vacation is so top-of-mind during the summer months, users are bound to come across websites offering cheap deals on flights, accommodations, and other experiences and activities. With so many websites claiming to offer these "can't-miss deals," how do you ...
Read Blog
If you're an avid gamer or know someone who is, you might be familiar with the retro gaming site Emuparadise. This website boasts a large community, a vast collection of gaming music, game-related videos, game guides, magazines, comics, video game translations, and more. Unfortunately, news just broke that Emuparadise recently suffered a data breach in ...
Read Blog
For as long as you’ve had a phone, you’ve probably experienced in one form or another a robocall. These days it seems like they are only becoming more prevalent too. In fact, it was recently reported that robocall scams surged to 85 million globally, up 325% from 2017. While these scams vary by country, the ...
Read Blog