Security news always ramps up in the run-up to the RSA Conference, which is scheduled for next month. Today, McAfee and Netskope dropped new products and, in McAfee’s case, two new security operations centers (SOCs).
McAfee said it opened two new SOCs, one in Plano, Texas, and one in Cork, Ireland. The security company calls these facilities Fusion Centers. They provide internal security for McAfee itself, and also showcase best practices for the company’s customers and partners. Customers can visit the Fusion Centers and see the security technologies in action.
McAfee Fusion Center SOCs
When McAfee split from Intel in 2016, it didn’t have a production-level SOC, said Grant Bourzikas, chief information security officer and vice president of labs operations at McAfee.
“So we spent 2017 completely revamping the way we do SOC at McAfee,” Bourzikas said. “This is what we are now calling the Fusion Centers, and it is the convergence of physical security, cybersecurity, and broad intelligence services.”
The centers also use McAfee’s new products and updates, some of which the company announced today. This includes a new security operations architecture and behavior analytics software that uses machine learning to identify threats. It also showcases new integrations between McAfee threat detection and response products and others from third-party vendors.
“This allows us to leverage all of our products and services in our own organization,” Bourzikas said. “We consume them and really drink our own champagne to be able to drive it to our customers.”
Netskope Secures Web Traffic
In other security news, Netskope expanded its cloud security platform to include web access.
The cloud access security broker’s (CASB) platform initially secured software-as-a-service (SaaS) and infrastructure-as-a-service (IaaS) data.
Last month Netskope CEO Sanjay Beri told SDxCentral that the platform’s next phase would tackle “governance of the entire web.”
“In 2018 you’ll see people extending the platform and using it for more than cloud,” he said.
The new features essentially take the cloud-native platform’s CASB technology and applies it to web traffic. This includes capabilities like threat detection and data protection; visibility across web use; real-time web analytics; and web classification and content filtering. The company claims the platform has categorized 99.9 percent of active web coverage, which ranks URL safety.
“CASB was the first product on the cloud security platform, and web is the second product,” said Amol Kabe, VP of product management at Netskope. “And with Netskope, it’s all from one cloud. It allows customers to pick and choose capabilities, or take advantage of the entire platform for security across SaaS, IaaS, social media, and web.”
What’s In Your Arsenal?
The Netskope platform provides a “full-fledged cybersecurity arsenal,” said Doug Cahill, senior analyst at Enterprise Security Group. “The functionality you need for a full-fledged CASB absolutely applies to web filter. … Also, this is not a 1.0 product, this is a product that leverages the underlying technology that Netskope already has. When you come at it from cloud apps to the web, you could argue the functional bar is higher in securing cloud apps than it is in securing web properties.”
It also helps address the problem of security tool fatigue brought on by the sheer number of products enterprises use to secure their networks and infrastructure.
“We know cybersecurity professionals suffer from point tool fatigue and the acute shortage of cybersecurity professionals is well known and well documented,” Cahill said. “One way organizations can gain efficiencies is by converging previously disparate tools into a true platform. A lot of cybersecurity companies are positioning their products as platforms and a lot are overstating that. Netskope’s is truly a platform.”