Santa Clara, CA, United States
Santa Clara, CA, United States

McAfee, Inc. , is an American global computer security software company headquartered in Santa Clara, California, and the world's largest dedicated security technology company. The company has been a wholly owned subsidiary of Intel since February 2011, and now forms part of its Intel Security division. Intel confirmed in 2014 that it planned to drop the McAfee brand. Wikipedia.


Time filter

Source Type

Patent
McAfee | Date: 2016-02-29

Technologies for securing an electronic device include trapping an attempt to access a secured system resource of the electronic device, determining a module associated with the attempt, determining a subsection of the module associated with the attempt, the subsection including a memory location associated with the attempt, accessing a security rule to determine whether to allow the attempted access based on the determination of the module and the determination of the subsection, and handling the attempt based on the security rule. The module includes a plurality of distinct subsections.


Patent
McAfee | Date: 2016-08-31

A particular activity performed by a particular user of a computing device is identified, for instance, by an agent installed on the computing device. It is determined that the particular activity qualifies as a particular use violation in a plurality of pre-defined use violations. A behavioral risk score for the particular score for the user is determined based at least in part on the determination that the particular activity of the particular user qualifies as a particular use violation. Determining that the particular activity qualifies as a particular use violation can include determining that the particular activity violates a particular rule or event trigger corresponding to a particular pre-defined use violation.


A method is provided in one example embodiment that includes receiving metadata from a host over a metadata channel. The metadata may be correlated with a network flow and a network policy may be applied to the connection. In other embodiments, a network flow may be received from a host without metadata associated with the flow, and a discovery redirect may be sent to the host. Metadata may then be received and correlated with the flow to identify a network policy action to apply to the flow.


Patent
McAfee | Date: 2016-09-16

Techniques are disclosed for provisioning Internet of Things (IoT) devices in accordance with a state machine model. More particularly, collections of IoT devices may be organized into enclaves, groups or shoals that operate as autonomous or semi-autonomous groups of devices functioning as a collective having a common objective or mission. IoT devices participating in a shoal may be provisioned with shoal-specific context information as part of their device-specific provisioning activity. By way of example, a shoal context object can include a current state variable and a target next state variable. The shoals target next state variable establishes a goal (e.g., for provisioning activity) without dictating how the individual shoal members (IoT device) are to achieve that goal. This mechanism may be used to drive a shoals separate devices through their individual provisioning state machines until the shoal itself is made operational.


A technique for detecting malware in an executable allows unpacking of a packed executable before determining whether the executable is malware. In systems with hardware assisted virtualization, hardware virtualization features may be used to iteratively unpack a packed executable in a controlled manner without needing knowledge of a packing technique. Once the executable is completely unpacked, malware detection techniques, such as signature scanning, may be employed to determine whether the executable contains malware. Hardware assisted virtualization may be used to facilitate the scanning of the run-time executable in memory.


A system, method, and computer program product are provided for controlling loading of an operating system, including mounting an image of an operating system in a pre-boot environment of a programmable device, identifying an untrusted component of the operating system registered to be automatically loaded or loaded during a boot-up stage of the operating system that is predetermined to be early, and substituting a trusted component for the untrusted component.


A system allows just-in-time checking of information about an email in which a hyperlink is embedded. Upon receipt of the email containing the hyperlink, the resource locator of the hyperlink is modified to allow checking the reputation of the email upon traversal of the hyperlink. At traversal of the hyperlink, the current reputation of the resource locator and the current reputation of the email are both determined, and one or more actions are performed responsive to the determination.


A method is provided in one example embodiment that includes receiving event information associated with reports from sensors distributed throughout a network environment and correlating the event information to identify a threat. A customized security policy based on the threat may be sent to the sensors.


Patent
McAfee | Date: 2016-04-25

System calls to a kernel of a mobile computing device are monitored. A particular system call is intercepted relating to input/output (I/O) functionality of the mobile computing device. A data loss prevention (DLP) policy is identified that is applicable to the particular system call. An action is performed on the particular system call based at least in part on the DLP policy.


A system, method, and computer program product are provided for dynamically configuring a virtual environment for identifying unwanted data. In use, a virtual environment located on a first device is dynamically configured based on at least one property of a second device. Further, unwanted data is identified, utilizing the virtual environment.

Loading McAfee collaborators
Loading McAfee collaborators