McAfee Advanced Threat Defense

Advanced detection for stealthy, zero-day malware

Get Started Today!

What is McAfee Advanced Threat Defense?

McAfee Advanced Threat Defense (Advanced Threat Defense) is an on-premise and virtual appliance that facilitates detection and prevention of malware.Advanced Threat Defense provides protection from known, near-zero day, and zero-day malware without compromising on the quality of service to your network users.

Supercharge your security

Reduce investigation time from days to minutes

Features to support investigation include extensive unpacking, interactive mode, sample submission to multiple virtual environments, and unparalleled indicators of compromise (IoC) data that produces summary reports for action prioritization and analyst grade data on malware.

Ensure security components operate as one

Tight product integration protects from advanced threats, enables efficient alert management, and maintains throughput and policy enforcement. Support for OpenIOC and STIX over TAXII further enhances integration.

Detect advanced email threats from the edge to the server

Safeguarding email, the most highly exploited attack vector, continues to be a major challenge. McAfee Advanced Threat Defense works with any email gateway, including Cisco Email Security Appliance, and McAfee Security for Email Servers to detect email threats.

Powerful advanced threat detection

McAfee Advanced Threat Defense enhances protection from network edge to endpoint and enables investigation.

Flexible, centralized deployment

Virtual and physical appliances allow you to choose the deployment option best for your organization, including public cloud deployment in Azure. Centralized analysis covers multiple protocols and supported products including email gateways.

Uncover hidden threats

Targeted attacks are designed to defeat security systems by confusing or evading defenses. McAfee Advanced Threat Defense combines in-depth static code analysis, dynamic analysis (malware sandboxing) ,and machine learning to increase zero-day threat detection, including threats that use evasion techniques and ransomware.

Threat intelligence sharing

Tight integration with other security solutions and support for open standards enables immediate sharing of threat intelligence across the entire infrastructure—including multi-vendor ecosystems—to enhance zero-day threat protection, reduce time from encounter to containment, and speed post-attack investigation.

Enable investigation

Offline analysis options and advanced features enable security operations centers to validate threats, access critical indicators of compromise (IoCs), and map results to the MITRE ATT&CK™ framework for investigation and threat hunting.

Powered by

Interested in this Product?