Monday, September 12, 2011

McAfee's DeepSAFE Takes Aim at Rootkits

McAfee previewed its DeepSAFE hardware-assisted security technology for proactively detecting and preventing stealthy advanced persistent threats (APTs) and malware. The technology, which was co-developed with Intel, sits below the OS, providing the ability to fundamentally change the security game, according to the companies.


According to McAfee Labs, more than 1,200 new rootkits per day are detected - equating to 50 per hour every single day. The DeepSAFE technology, which was demonstrated at the Intel Developer Forum in San Francisco, was able to detect and stop a zero-day Agony rootkit from infecting a system in real time. This technology is expected to launch in products later in 2011.


Key attributes of McAfee DeepSAFE:



  • Builds the foundation for next-generation hardware-assisted security operating beyond the operating system

  • Provides a trusted view of system events below the operating system

  • Exposes many attacks that are undetectable today

  • New vantage point to block sophisticated stealth techniques and APTs

  • Provides real time CPU event monitoring with minimal performance impact

  • Combines the power of hardware and flexibility of software to deliver a new foundation for security.


"Intel and McAfee are working on joint technologies to better protect every segment across the compute continuum from PCs to devices," said Renée James, senior vice president and general manager of the Software and Services Group at Intel and the Chairman of McAfee. "By combining the features of existing Intel hardware and innovations in security software, Intel and McAfee are driving innovation in the security industry by providing a new way to protect computing devices. We are truly excited to introduce this technology upon which we will deliver new solutions." http://www.mcafee.com