Announced by chief executive Chris Young at the company's MPower Cybersecurity Summit, the initial modules of the MVision suite are MVision ePO, MVision Endpoint, MVision Mobile, MVision EDR, and MVision Cloud.
MVision delivers McAfee's promise of true security as a service, Young claimed. "We're doing it all within the cloud."
According to vice-president and general manager of corporate security products Raja Patel, McAfee ePolicy Orchestrator (ePO) is the most common reason why organisations buy the company's products.
The software is always kept up-to-date, and users of the existing on-premises version can migrate their existing settings with four clicks.
Changes delivered in MVision Endpoint include support for native Windows 10 security features, and the application of machine learning technology. Like MVision ePO, MVision Endpoint is automatically kept up-to-date.
MVision Mobile is available for Android and iOS, and is managed through ePO. McAfee's user-based licensing means that a single licence covers one person's use of Endpoint and Mobile.
MVision EDR (endpoint detection and response) is a new product that uses AI and cloud-based analytics to help identify and investigate threats, reducing the load on security operations centres and increasing the productivity of junior analysts. Release is planned for the first quarter of 2019 following beta testing in November 2018.
MVision Cloud is a cloud access security broker, based on technology McAfee inherited in its acquisition of Skyhigh Networks in early 2018. Features include data loss prevention for SaaS, the detection of suspicious behaviour, encryption, and checking for appropriate security settings (eg, to avoid AWS S3 storage being set to world-readable.
McAfee provides connectors for popular SaaS products including Office 365, Slack, ServiceNow, Dropbox, Box, and Salesforce.com, said senior vice-president Rajiv Gupta. The CASB Connect feature allows connection to SaaS products that are not supported out of the box, addressing "the long tail of SaaS applications", according to Young, who regards MVision Cloud as "the tip of the spear" for cloud security.
CASB is "an exciting place to be," said Gupta, as the segment has a predicted compound annual growth rate of 50% for the next several years.
MVision Cloud also supports IaaS and PaaS including AWS, Azure and Google Cloud, he said.
The product helps unify DLP policies on-premises and in the cloud, Young said, and is part of McAfee's long-term vision for "DLP everywhere".
MVision Cloud helps maintain security when workloads undergo a "lift and shift" from on-premises to the cloud, Gupta said.
No other product has all the capabilities of MVision Cloud, he claimed.
MVision supports snap-in modules from other vendors, Young observed, and he added there would be more products to come in the family. MVision is "a platform to deliver security as a service", he said.
Vice-president of engineering Lynda Grindstuff told iTWire that one area under development is defence against cryptojacking (the surreptitious use of victim devices for cryptocurrency mining). Because this category of malware can be very stealthy — eg, by using machine learning to determine when its activity is least likely to be detected — "it's very hard to identify these kinds of things".
Some malware even goes as far as analysing the likelihood of detection before deciding whether to infect the victim computer with ransomware (ie, smash and grab tactics) or a cryptojacker (for a longer term payoff).
The writer attended McAfee's Mpower Cyberecurity Summit as a guest of the company.