| Blog

McAfee’s Unified Cloud Edge (UCE) is a highly effective and scalable cyber security solution for users who need to browse the Internet.

But cyberattacks initiated using malware concealed in documents and images and delivered via the Web can be difficult and sometimes impossible to combat using detection-based defences. So, for organisations that need an extra layer of protection there’s a ground-breaking new technology you can add-on to UCE from McAfee SIA Partner, Deep Secure.

Carefully Crafted Attacks

Many of the threats concealed in what seem like every day documents and images accessed via the Web are carefully crafted to avoid detection. Some of the techniques include the use of fileless malware that is never written to disk and can easily evade signature-based detection. Another technique is to use poly-formatted files – that are harmless when opened by one application –  such as a JPG opened by Microsoft Paint – but capable of executing code by simply being renamed to a HTML file and opened using a browser. Other techniques include the use of image Steganography where a concealed threat is encoded into the pixels of an image. That threat could be inbound malware or outbound data leakage but either way it is invisible to the naked eye and only the attacker, in possession of the corresponding decoder, can reveal the threat.

Threat Removal

What these techniques all have in common is that they will typically evade a detection-based Web defence, which is why McAfee SIA Partner Deep Secure Invented Threat Removal. Threat Removal integrates with the McAfee Unified Cloud Edge to ensure users can access, download and upload files via the Web, webmail and social media, secure in the knowledge that they are always 100% threat-free.

Paradigm Shift

Deep Secure Threat Removal is a paradigm shift, one born out of defending military data assets. The approach starts from the premise that since it is impossible to be certain that any given piece of content does or doesn’t contain malware (the bad guys are just too good at hiding it), the only way to be certain is to trust nothing and use Threat Removal to transform everything and make it safe.

Threat Removal uses a process of transformation that works by extracting just the valid business information from each file (discarding the original along with any malware), verifying the extracted information is well-structured and building brand new files for the McAfee Unified Cloud Edge to deliver. It’s a paradigm shift because it’s an approach that based on removal rather than detection.

User Experience

Using transformation rather than detection, ensures users get 100% guaranteed threat-free files that are pixel perfect and fully revisable with no risk from even the most sophisticated attacks, no exposure to so-called “zero day” malware and no chance of something like image steganography being used as a vector for attack or data theft.

Because the transformation process takes fractions of a second, business users get access to the files they need instantly without the frustrating delays associated with waiting for multiple antivirus scans or sandbox checks to complete.

Game Changer

The zero trust approach to transforming data used by Deep Secure is recommended by the UK’s Nation Cyber Security Centre (NCSC) and it’s a game changer. Working with your existing McAfee Web defence, the Deep Secure Threat Removal platform intercepts documents and images from the browsing session in real-time and transforms them, in line with NCSC recommendations, into new safe content before passing them on. The originals are never delivered, giving your business users a 100% malware-free browsing experience.

The benefits of integrating McAfee Unified Cloud Edge and Deep Secure Threat Removal are:

  • Transforms a wide range of the most popular file formats including all Office files, Images and PDFs (the formats most commonly used by attackers)
  • (Optionally) replace a sandbox, reducing latency and delivering quicker access to Web content
  • Can be deployed and running in just a few minutes
  • Reduces administrative costs - no signature updates/security patches required
  • Reduces network load by using the scalability of the cloud
  • Improved performance and user experience

For more information, see the demo of how Deep Secure Threat Removal and McAfee's Unified Cloud Edge works, or contact us for more information. 

View all posts