Security firm McAfee LLC is embedding new analytics capabilities powered by artificial intelligence and machine learning technologies into its security products to help protect companies against today’s more advanced cybersecurity threats.

McAfee said the new capabilities are necessary because security teams are dealing with larger and more complex amounts of data that hinder their ability to protect information technology assets.

With that in mind, the new security tools leverage automation, data duration and reasoning to assess company data and identify possible threats, McAfee said at its MPOWER Cybersecurity Summit Wednesday.

The newly updated McAfee Investigator tool employs both AI and machine learning to automate data collection. In turn this helps to increase the accuracy and confidence of security investigations by enabling analysts to assess threats faster than was previously possible.

Analysts can focus on the most significant threats faced by their organization, as McAfee Investigator uses analytics to collect data and piece it together, before creating a visualization of suspected attack intelligence. Because McAfee Investigator uses AI and machine learning, it can continually learn about the evolving tactics of cyberattackers. This means it can help security pros to ask the right questions of their data to reach more accurate conclusions, the company said.

McAfee has also updated its Endpoint Security tool, which now uses machine learning to review files before and after they’re executed to increase protection against zero-day threats. The company’s Cloud Workload Security product has also been updated with new machine learning capabilities to enable better visibility with hybrid cloud environments. Cloud Workload Security supports both Amazon Web Services and Microsoft Azure.

Other new products introduced by McAfee include a ransomware decryption tool designed to simplify decryption framework development. The firm also touted a new steganography defense initiative that’s designed to evaluate files for stegware, which relates to the concealment of files, messages, images and videos within another file.

The raft of new product announcements came as McAfee said it was collaborating with networking giant Cisco Systems Inc. to share threat intelligence. The collaboration builds on a partnership that began last June, when the two companies announced an an integrated product that can detect threats hidden inside email attachments.

Now, the companies said, they’ve created “the industry’s largest open security fabric,” which integrates McAfee’s Data Exchange Layer with Cisco’s Platform Exchange Grid. The two fabrics are designed to allow communication between multiple network endpoints from a multitude of different companies’ products. McAfee’s DXL and Cisco’s pxGrid have now been integrated to share threat event context, so customers can set automated policies across both security grids to respond to threats.

Image: McAfee