- Commercial Solution
The escalating sophistication of cyberthreats requires a new generation of protection for endpoints. Advancing threats and the increasing risk of unknown vulnerabilities are causing organizations to piece together overlapping, disconnected security solutions that provide limited visibility and increased complexity.
McAfee solves this problem with McAfee Endpoint Threat Defense and Response. Both solutions leverage static and behavioral analysis and synthesized intelligence to protect, detect, correct, and adapt to combat emerging threats. Connected components automatically share valuable security information over the McAfee Data Exchange Layer (DXL) with the endpoint. They can also communicate threat intelligence and reputation changes to other DXL-connected services beyond the endpoint. OpenDXL provides options for connecting to these McAfee products and leveraging this intelligence further, as well as instructing products to take action using an OpenDXL orchestration script or service request.
DXL-enabled Components in this suite:
- McAfee Endpoint Threat Prevention Module for Endpoint Security: Provides a single endpoint platform for multiple services
- McAfee Active Response: Endpoint Detection and Response (EDR) collects endpoint insights and takes action
- McAfee Threat Intelligence Exchange: Manages reputation data and can share updates and respond to requests made over DXL
- McAfee Data Exchange Layer Client: Plugs in seamlessly to the McAfee Endpoint Threat Prevention Module to connect to DXL services
- McAfee ePolicy Orchestrator: Provides unified policy management and reporting and manages the DXL fabric
Connected components automatically share valuable security information through McAfee Data Exchange Layer (DXL).
An OpenDXL TIE Python client is available for accessing McAfee Threat Intelligence Exchange information via DXL.
An OpenDXL MAR Python client is available for accessing McAfee Active Response information via DXL.