McAfee announced MVISION Cloud Native Application Protection Platform (CNAPP), the industry’s truly integrated architecture to secure the cloud native application ecosystem. MVISION CNAPP delivers consistent data protection, threat prevention, governance, and compliance throughout the cloud-native application lifecycle, including container and OS-based workloads.
Accelerated by COVID-19, every enterprise is undergoing a digital transformation mandate. Most enterprises are leveraging the agility and innovation velocity of the public cloud, either solely or in conjunction with their private data centers. These enterprises need a simplified architecture; one that enables them to leapfrog the cost and complexity of the patchwork quilt of point products, and benefit from the cloud-native ecosystem, without major investments in tools or developer talent.
“Enterprises are adopting cloud architectures in their digital transformation journey to drive innovation. However, threats have evolved to exploit cloud-native misconfigurations, resulting in loss of data and reputational damage. Developers need to be empowered with the tools that can address the security needs of this new environment, to unleash their creative potential, and deploy applications that can augment the power of the cloud,” said Venkat Krishnapur, vice-president of engineering and managing director, McAfee India. “What enterprises need is a simplified framework to help them wade through the complex patchwork of point products. McAfee MVISION CNAPP extends MVISION Cloud’s data protection to provide comprehensive threat prevention, risk management and compliance through an automated and frictionless model to secure the cloud native application ecosystem.”
MVISION CNAPP is the industry’s first platform to bring application and data context to converge Cloud Security Posture Management (CSPM) for public cloud infrastructure, and Cloud Workload Protection (CWPP) to protect hosts and workloads including VMs, containers, and serverless functions. MVISION CNAPP provides five key capabilities:
- Deep Discovery: The ability to discover all cloud resources and prioritize them based on risk. MVISION CNAPP uniquely provides deep discovery of all workloads, data and infrastructure across endpoint, networks and cloud.
- Shift Left: The ability to protect against configuration drift and provide vulnerability assessment across virtual machines, containers and serverless environments. This helps unleash developer productivity through frictionless automation.
- Zero Trust: The ability to build policy based on zero trust, behavioral observation to eliminate false positives and achieve scale with known good behavior enforcement.
- MITRE ATT&CK Framework: The ability to empower the Security Operations Center (SOC) by mapping cloud native threats to the MITRE ATT&CK framework for expedient remediation.
- Governance and Compliance: The ability to automate security controls for continuous compliance and governance of data and permissions.
“EA’s business depends on public cloud IaaS and it’s my role to manage the security of that environment,” said Bob Fish, enterprise security architect, Electronic Arts. “Every application deployed across our public cloud infrastructure requires onboarding, vulnerability management, run time protection, threat prevention and SOC integration, while ensuring continuous availability. We are excited about MVISION CNAPP because we prefer a single unified security platform to implementing separate point products for each security capability required. The unified approach of MVISION CNAPP allows us to use fewer people to manage security risk across all our IaaS resources.”