McAfee’s latest MVISION Cloud Native Application Protection Platform (CNAPP) release combines data protection, threat prevention, governance, and compliance for cloud-native application lifecycles, including container and OS-based workloads.
The impact of COVID-19 has execrated enterprise digital transformation with a major shift towards public cloud usage, either solely or in conjunction with their private data centers. These enterprises need a simplified architecture; one that enables them to leapfrog the cost and complexity of the patchwork quilt of point products, and benefit from the cloud-native ecosystem, without major investments in tools or developer talent.
“Organisations want to unleash the creativity of their developers to rapidly develop and deploy compelling and compliant cloud-native applications that harness the power of the cloud,” said Rajiv Gupta, senior vice president, Cloud Security, McAfee. “But in order to do that they need an equally cloud-native platform to address the new security needs of this new environment. McAfee MVISION CNAPP extends MVISION Cloud’s data protection – both Data Loss Prevention and malware detection – threat prevention, governance and compliance to comprehensively address the needs of this new cloud-native application world thereby improving security capabilities and reducing the Total Cost of Ownership of cloud security.”
The MVISION CNAPP platform unites application and data context to converge Cloud Security Posture Management (CSPM) for public cloud infrastructure, and Cloud Workload Protection (CWPP) to protect hosts and workloads including VMs, containers, and serverless functions. MVISION CNAPP provides five key capabilities:
- Deep Discovery: The ability to discover all cloud resources and prioritize them based on risk. MVISION CNAPP uniquely provides deep discovery of all workloads, data and infrastructure across endpoint, networks and cloud.
- Shift Left: The ability to protect against configuration drift and provide vulnerability assessment across virtual machines, containers and serverless environments. This helps unleash developer productivity through frictionless automation.
- Zero Trust: The ability to build policy based on zero trust, behavioral observation to eliminate false positives and achieve scale with known good behavior enforcement.
- MITRE ATT&CK Framework: The ability to empower the Security Operations Center (SOC) by mapping cloud native threats to the MITRE ATT&CK framework for expedient remediation.
- Governance and Compliance The ability to automate security controls for continuous compliance and governance to ensure business continuity.
“EA’s business depends on public cloud IaaS and it’s my role to manage the security of that environment,” said Bob Fish, enterprise security architect, Electronic Arts. “Every application deployed across our public cloud infrastructure requires onboarding, vulnerability management, run time protection, threat prevention and SOC integration, while ensuring continuous availability. We are excited about MVISION CNAPP because we prefer a single unified security platform to implementing separate point products for each security capability required. The unified approach of MVISION CNAPP allows us to use fewer people to manage security risk across all our IaaS resources.”
MVISION CNAPP beta is available at McAfee MPOWER Digital 2020, with general availability planned for March 2021.
Read the latest edition of PCR’s monthly magazine below: