Announced at the McAfee FOCUS 11 conference earlier this week, McAfee Deep Defender is a new security software capable of detecting nearly all kernel-mode malware. This level of security is possible with McAfee DeepSAFE technology because its protection layer is located beyond the operating system (OS).
McAfee worked closely with Intel with the purpose of delivering hardware-assisted
security designed to stop and remediate advanced stealth behaviors used by
rootkits and APTs.
McAfee Deep Defender utilizes McAfee DeepSAFE technology that sits between the
processor and the OS to help protect vital system software residing in physical
memory, providing a new view of the drivers and other software as they operate. In
addition McAfee Deep Defender provides:
- Real-time memory and CPU monitoring - using McAfee DeepSAFE technology, this
low-level visibility allows McAfee Deep Defender to recognize evasive techniques
employed by stealthy malware and gives administrators a real-time view of memory
processes, enabling configurable block or deny actions.
- Zero-day detection - McAfee Deep Defender does not need to have prior knowledge
of the rootkit to detect its existence.
- Protection against known and unknown threats - McAfee Deep Defender will report,
block, quarantine, and remove known and unknown stealth techniques attempting to
load in memory. For suspected or unknown threats, McAfee Deep Defender sends a
fingerprint of the code to the McAfee Global Threat Intelligence network and then
carries out the configured action, such as block, remediate, or quarantine.
- Central management with McAfee ePolicy Orchestrator platform - utilizing the
same ePolicy Orchestrator console already used across existing McAfee endpoint
security solutions, users can now receive dashboards and reports that provide
greater visibility into hidden threats.
"The bad guys are getting smarter about hiding malware, but they can't hide it
when interacting with the hardware, memory or operating system. We can now detect
these interactions, and provide an unprecedented level of protection to our
customers by blocking an entirely new range of stealthy threats," said Todd
Gebhart, co-president of McAfee.
The minimum system requirements for McAfee Deep Defender incldue:
- Supports Intel Core i3, i5, and i7 processors
- Supports Windows 7 (32-bit and 64-bit)
- 2 GB RAM (32-bit) or 4 GB RAM (64-bit)
- Managed by McAfee ePolicy Orchestrator (ePO) 4.5 or higher
- Intel Virtualization Technology (VT) enabled in BIOS