McAfee, Inc. Launches Vulnerability Detection and Response Group

Offers Unique Emergency Response Services to Help Customers Deal with Threats Such As Operation Aurora
MARKHAM, ON – March 3, 2010 – McAfee, Inc. (NYSE:MFE) announced the formation of the McAfee Vulnerability Detection and Response Group, which draws from all critical areas of McAfee malware response teams – including McAfee Labs, Office of the CTO and Foundstone Professional Services.
This group is chartered to:

  • Respond to critical outbreaks by providing incident response and forensics specialties, as well detailed “root cause” analysis
  • Leverage the in-depth analysis performed everyday by the security experts within McAfee to further serve customers and partners
  • Provide detailed vulnerability analysis of malware samples
  • Drive vulnerability discoveries throughout McAfee and its partners to ensure quick patch creation by the vendors affected

The primary functions of the group entail two service offerings: McAfee Internet Response and McAfee Vulnerability Search. These emergency response services provide customers with immediate help to questions such as:

  • Am I infected with an advanced persistent threat?
  • Are the intruders still present in my environment?
  • Have they accessed or stolen sensitive intellectual property?

The group was formed as a way to help customers better protect themselves from threats such as Operation Aurora. As part of its ongoing research into the details of Operation Aurora, McAfee has discovered that intellectual property repositories were a common target. McAfee researchers are performing ongoing analysis of software configuration management products, which have been found to contain numerous default security weaknesses including:

  • Unencrypted traffic between client and server
  • Unencrypted usernames and passwords
  • Weak session management including cookie spoofing vulnerabilities
  • Unauthenticated user, group, and server enumeration
  • World readable data files

“The hacking community has evolved. Gone are the days of hackers breaking into networks for fun or notoriety,” said Stuart McClure general manager of the McAfee Risk and Compliance Business Unit.
“Organizations today are experiencing targeted attacks with the goal of sensitive information stealing, and eventually financial gain. McAfee is now giving customers access to immediate help to better protect themselves.”
Many organizations don’t have a plan in place to diagnose an incident and take actions to protect themselves should a security breach occur. While McAfee has proactive security solutions which block most attacks, it’s unrealistic to think that companies have installed all the security controls to prevent every possible incident. Having an incident response program in place allows organizations to respond quickly and minimize damage and downtime when attacks and exploits occur.
For more information on the McAfee incident response services, visit

Leave a Reply