Santa Clara, CA, United States
Santa Clara, CA, United States

McAfee, Inc. , is an American global computer security software company headquartered in Santa Clara, California, and the world's largest dedicated security technology company. The company has been a wholly owned subsidiary of Intel since February 2011, and now forms part of its Intel Security division. Intel confirmed in 2014 that it planned to drop the McAfee brand. Wikipedia.


Time filter

Source Type

Patent
McAfee | Date: 2017-01-27

A method is described to maintain (including generate) an inventory of a system of a plurality of containers accessible by a computer system. At least one container is considered to determine whether the container is executable in at least one of a plurality of execution environments characterizing the computer system. Each execution environment is in the group comprising a native binary execution environment configured to execute native machine language instructions and a non-native execution environment configured to execute at least one program to process non-native machine language instructions to yield native machine language instructions. The inventory is maintained based on a result of the considering step. The inventory may be used to exercise control over what executables are allowed to execute on the computer system.


Patent
McAfee | Date: 2017-02-06

In an example, there is described a server apparatus, comprising: a network connection; and one or more logic elements, including at least a processor and a memory, comprising a mobile device management (MDM) engine to: instruct an MDM agent to register a mobile security posture event; receive from the MDM agent an instance of the mobile security posture event; construct a policy decision responsive at least in part to the mobile security posture event; and enforce the policy decision.


Patent
McAfee | Date: 2017-05-24

A non-transitory computer readable medium comprising computer executable instructions stored thereon that when executed cause one or more processing units to initialize a firewall cluster comprising a plurality of nodes, each node operable to selectively permit or block traffic flowing between the firewall cluster and an external network, receive a report from a first node of the firewall cluster that the first node is ineligible to be a primary node, receive a report from a second node of the firewall cluster that the second node is eligible to be a primary node, responsive to a predetermined period of time expiring after startup of the second node without the second node receiving notice that another node has been designated as the primary node, designate the second node as the primary node, and notify the remaining nodes of the firewall cluster that the second node is the primary node for the firewall cluster.


Patent
McAfee | Date: 2017-06-21

In an example, a network is described with a plurality of data sources. Each data source may provide a feature, such as a data type that the data source collects or generates. A data aggregator may be connected to the network, and configured to collect, classify, and merge features as appropriate. The data aggregator includes a discriminator for classifying features, a merger, unmerger, converter, and evaluator. Features are provided to one or more expert systems configured to control one or more systems based on the features. Feedback to the data aggregator is used to evaluate the success of a merge. When a merge is found to be unhelpful, features may be unmerged.


Technologies for secure content packaging include a source computing device that transmits a secure package to a destination computing device. The destination computing device establishes a content policy trusted execution environment and a key policy trusted execution environment. The content policy trusted execution environment may be established in a secure enclave using processor support. The key policy trusted execution environment may be established using a security engine. The key policy trusted execution environment evaluates a key access policy and decrypts a content key using a master wrapping key. The content policy trusted execution environment evaluates a content access policy and decrypts the content using the decrypted content key. Similarly, the source computing device authors the secure package using a content policy trusted execution environment and a key policy trusted execution environment. The master wrapping key may be provisioned to the computing devices during manufacture. Other embodiments are described and claimed.


Patent
McAfee | Date: 2017-02-08

A geo-location provider station signs geo-location data and a previous signature provided by a mobile device, returning a new signature to the mobile device. The mobile device uses the new signature when requesting a signature from another geo-location provider station. The mobile device stores the geo-location data and the signatures provided by geo-location provider stations. The stored geo-location data may be verified upon request by using the stored signature data.


Technologies for detecting unauthorized memory accesses include a computing device having transactional memory support. The computing device executes a transactional memory execution envelope within a security thread. Within the transactional envelope, the security thread reads one or more memory locations. The computing device detects a transactional abort originating from the transactional envelope, and determines whether a security event has occurred. A security event may include an unauthorized write to the monitored memory locations from outside the transactional envelope, including from non-transactional code. The computing device reports any security events that are detected. The computing device may execute several security threads that each monitor a different, non-overlapping memory location. The computing device may spawn a new security thread to monitor a memory location while a previous security thread is handling a transactional abort. Other embodiments are described and claimed.


Patent
McAfee | Date: 2016-03-11

A method, system, and computer program product for protecting a computer system provides bootstrap operating system detection and recovery and provides the capability to detect malware, such as rootkits, before the operating system has been loaded and provides the capability to patch malfunctions that block the ability of the computer system to access the Internet. A method for protecting a computer system includes reading stored status information indicating whether network connectivity was available the last time an operating system of the computer system was operational, when the stored status information indicates that network connectivity was not available, obtaining a software patch, and executing and applying the software patch.


In an example, a client-server platform identity architecture is disclosed. The platform identity architecture may be used to enable a venue operator to provide online services and to collect telemetry data and metrics while giving end users greater control over privacy. When entering a compatible venue, the users device generates a signed temporary pseudonymous identity (TPI) in secure hardware or software. Any telemetry uploaded to the venue server includes the signature so that the server can verify that the data are valid. The TPI may have a built-in expiry. The venue server may thus receive useful tracking data during the term of the TPI, while the user is assured that the data are not kept permanently or correlated to personally-identifying information.


Patent
McAfee | Date: 2017-08-02

In an example, there is disclosed a security architecture for enhanced, non-invasive whitelisting of executable objects. When an executable object tries to perform an action, a security engine seamlessly intercepts the action and determines whether the action is whitelisted, blacklisted, or graylisted, assigning the action a corresponding security score. Whitelisted actions may be allowed, blacklisted actions may be disallowed, and graylisted actions may require additional verification from a user. Because the score is assigned to the combination of the executable object and the action, false positives may be avoided, such as those that may occur when an executable object is prefetched but has not yet tried to perform any useful work.

Loading McAfee collaborators
Loading McAfee collaborators