Info-tech

McAfee MVISION Cloud becomes first CASB to map cloud threats to MITRE ATT&CK

Prashasti Awasthi Mumbai | Updated on July 27, 2020 Published on July 27, 2020

According to McAfee, this new integration gives SecOps teams a direct source of cloud vulnerabilities and threats mapped to the tactics and techniques of ATT&CK   -  AP

McAfee, a device-to-cloud cyber security company, today announced the introduction of MITRE ATT&CK into McAfee MVISION Cloud.

MVISION Cloud is the company’s Cloud Access Security Broker (CASB), which aims to hunt, detect, and stop cyberattacks on cloud services.

According to McAfee, this new integration gives SecOps teams a direct source of cloud vulnerabilities and threats mapped to the tactics and techniques of ATT&CK. McAfee is the first CASB provider to tag and visualise cloud security events within an ATT&CK.

Commenting on the integration, Rajiv Gupta, senior vice-president and general manager of Cloud Security, McAfee, said in the official announcement: “Many SecOps teams leverage repeatable processes and frameworks such as ATT&CK to mitigate risk and respond to threats to their endpoints and networks, but so far cloud threats and vulnerabilities have presented an unfamiliar paradigm.”

Gupta added: “By translating cloud threats and vulnerabilities into the common language of ATT&CK, MVISION Cloud allows security teams to extend their processes and run books to the cloud, understand and pre-emptively respond to cloud vulnerabilities, and improve enterprise security.”

‘20 attack attempts a month’

According to data from McAfee’s research, most enterprises face an average of 20 attack attempts per month on their cloud services.

The ATT&CK integration brings cloud attacks into focus and provides the opportunity to identify gaps in protection and make policy and configuration changes directly from McAfee MVISION Cloud, the cybersecurity company mentioned.

McAfee stated that with the introduction of ATT&CK into McAfee MVISION Cloud, there is no longer the need to manually sort and map incidents to a framework like ATT&CK or to learn and operationalise a separate framework for cloud threats and vulnerabilities.

This also has the ability to combine incidents, anomalies, threats, and vulnerabilities into one holistic, familiar view.

Follow us on Telegram, Facebook, Twitter, Instagram, YouTube and Linkedin. You can also download our Android App or IOS App.

Published on July 27, 2020
  1. Comments will be moderated by The Hindu Business Line editorial team.
  2. Comments that are abusive, personal, incendiary or irrelevant cannot be published.
  3. Please write complete sentences. Do not type comments in all capital letters, or in all lower case letters, or using abbreviated text. (example: u cannot substitute for you, d is not 'the', n is not 'and').
  4. We may remove hyperlinks within comments.
  5. Please use a genuine email ID and provide your name, to avoid rejection.