at Financial Technnology Year
Please contact them if you have any questions.
McAfee MVISION Endpoint from McAfee
Offers a unified approach to endpoint protection that combines machine learning, endpoint detection and response, and security orchestration in a single platform. Designed for flexibility and rapid deployment.
Product analysis by function
Cybersecurity Solutions for Operations and Finance
Specialized security tools protecting sensitive deal information, portfolio company data, and limited partner communications.
More Cybersecurity Solutions
More Operations and Finance ...
Access Control and Identity Management
(7 Yes /7 Known /10 Possible features)
|
Multi-factor Authentication (MFA) Requires users to verify identity using multiple credentials for critical systems. |
McAfee MVISION Endpoint supports multi-factor authentication for administrative access and console, as described in their security documentation. | |
|
Single Sign-On (SSO) Support Allows seamless, secure access to multiple systems using one set of credentials. |
Product documentation highlights SSO support, including SAML integration, allowing for seamless access control across systems. | |
|
Role-Based Access Control (RBAC) Assigns system permissions based on job role to enforce least-privilege access. |
Role-Based Access Control is explicitly featured for both user console and policy management (see product administration guide). | |
|
User Provisioning and De-provisioning Speed Time required to add or revoke user access upon onboarding or departure. |
No information available | |
|
Privileged User Monitoring Tracks activities of high-access users for early detection of misuse. |
Privileged user monitoring is included as part of audit logs and advanced EDR capabilities. | |
|
Audit Trail Retention Period Length of time that records of user access and changes are kept. |
No information available | |
|
Integration With Directory Services Can synchronize with corporate directories (e.g., Active Directory, LDAP). |
Integration with Active Directory for policy enforcement is described in setup documentation. | |
|
Self-Service Password Reset Allows users to securely reset passwords without admin involvement. |
Self-service password reset is available through integration with corporate ID providers. | |
|
Account Lockout Threshold Number of failed login attempts allowed before an account is locked. |
No information available | |
|
Mandatory Password Expiry Enforces periodic password changes to reduce the risk of compromise. |
Mandatory password expiry is supported via integration with directory services controlling user authentication. |
Data Encryption and Confidentiality
(6 Yes /6 Known /10 Possible features)
|
In-Transit Encryption Utilizes strong cryptographic protocols (e.g., TLS 1.2+) for data moving across networks. |
All network communications are encrypted using TLS 1.2 or better. | |
|
At-Rest Encryption Ensures stored data in databases and file systems is encrypted. |
Stored data, including threat intelligence and logs, is encrypted at rest according to McAfee's compliance documentation. | |
|
End-to-End Encryption for Communications All communication channels (email, messaging, file transfer) support end-to-end encryption. |
No information available | |
|
Encryption Key Management Automated and audited management of cryptographic keys. |
Encryption key management follows automated best practices, supporting key lifecycle management and auditing. | |
|
Granularity of Data Encryption Defines whether encryption is file-level, database-level, or field-level. |
No information available | |
|
Hardware Security Module (HSM) Integration Supports securing keys within HSMs for added protection. |
Product supports HSM integration for key handling (see McAfee EPO encryption documentation). | |
|
Secure File Sharing Enables secure, encrypted document sharing with third parties or LPs. |
No information available | |
|
Data Loss Prevention (DLP) Monitors and blocks unauthorized data transfers inside and outside the organization. |
MVISION includes Data Loss Prevention features to monitor and block unauthorized data movement. | |
|
Real-time Data Encryption Speed The speed at which the system can encrypt or decrypt data in real-time. |
No information available | |
|
Compliance with Industry Encryption Standards Effectively meets standards such as FIPS 140-2/3 or ISO/IEC 27001. |
McAfee MVISION operates to FIPS 140-2 validated standards when appropriately configured and is ISO 27001 certified. |
Threat Detection and Incident Response
(7 Yes /7 Known /10 Possible features)
|
Real-time Threat Detection Ability to identify threats as they occur using AI/ML and signature-based detection. |
AI/ML-based real-time threat detection is a highlight feature (see 'adaptive threat intelligence'). | |
|
Automated Incident Response Workflows System can automatically respond to certain threat types to contain damage. |
Automated incident response workflows are configurable via playbooks in the platform. | |
|
Security Event Log Retention How long security events/logs are retained for forensic analysis. |
No information available | |
|
Integration with SIEM (Security Information and Event Management) Ability to feed data to SIEM platforms for correlated analysis. |
SIEM integration available via syslog and native connectors (Splunk, IBM QRadar, and more). | |
|
Alert Notification Time Maximum time between threat detection and alerting security staff. |
No information available | |
|
24/7 Monitoring Security monitoring is available at all times, not just business hours. |
24/7 threat monitoring via McAfee's Security Operations Center (SOC) and automated cloud systems. | |
|
Customizable Threat Signatures Can create and tune custom detection signatures for sector-specific threats. |
Allows for customizable threat detection signatures; documented in configuration guides. | |
|
Phishing Detection and Prevention Alerts users and blocks suspicious communications targeting credentials. |
Anti-phishing included at both endpoint and network-level filtering as described in their threat prevention features. | |
|
Incident Response Playbooks Pre-defined, customizable workflows for different incident types. |
Incident response playbooks can be customized for automated reaction to detected threats. | |
|
Mean Time to Detect (MTTD) Average time between threat occurring and being discovered. |
No information available |
Secure Communications
(0 Yes /0 Known /10 Possible features)
|
Encrypted Messaging Internal and external chat/messages are encrypted at rest and in transit. |
No information available | |
|
Secure Video Conferencing Video meetings use encryption and access controls to protect confidentiality. |
No information available | |
|
Encrypted Email Integration Email solutions support encrypted delivery and attachments. |
No information available | |
|
Customizable Access Policies for Communications Ability to restrict communication tools usage by user or group. |
No information available | |
|
Automated Message Retention Policy Controls how long communication records are kept and when they are deleted. |
No information available | |
|
Message Recall or Revocation Capability to retract messages sent in error. |
No information available | |
|
Digital Signatures on Communications Ensures authenticity and non-repudiation for critical messages. |
No information available | |
|
Watermarking Confidential Messages Messages can be automatically watermarked for traceability. |
No information available | |
|
External Participant Verification Verifies the identity of external recipients in communications. |
No information available | |
|
Communication Channel Redundancy System supports alternative communication methods in case of outages. |
No information available |
Monitoring, Logging, and Reporting
(8 Yes /8 Known /10 Possible features)
|
Comprehensive Audit Logs Records all relevant system and user activities for auditing purposes. |
Comprehensive audit logs are retained for user and system activities, used in compliance and incident management. | |
|
Customizable Reporting Dashboards Flexible dashboard tools for real-time monitoring and historical analysis. |
Reporting dashboards are customizable, allowing various security, compliance, and endpoint status reports. | |
|
Automated Compliance Reports Generates reports for regulatory and LP compliance needs. |
Automated compliance reports can be generated and exported to fulfill regulatory requirements. | |
|
Log Integrity Monitoring Detects if audit logs have been tampered with. |
The product detects any tampering of logs using cryptographic integrity checks. | |
|
API Access to Logs Logs and reports accessible via standard APIs. |
APIs are available for accessing logs, integrating with external tools and SOCs. | |
|
Alert Customization Users can define thresholds and triggers for alerting. |
Alert thresholds and triggers can be customized by the end user in the policy settings. | |
|
Log Retention Period Set length of time all logs are retained for compliance. |
No information available | |
|
Anomaly Detection in User Activity Automatically highlights unusual user behavior for investigation. |
User activity is analyzed for anomalies as part of the EDR functionality; suspicious activities are flagged for review. | |
|
Scheduled vs Real-time Reporting System can provide both scheduled and real-time reports. |
Both scheduled and real-time reporting is supported in the admin console. | |
|
Audit Log Search/Filtering Speed Rate at which logs can be queried for specific events. |
No information available |
Compliance and Regulatory Support
(7 Yes /7 Known /10 Possible features)
|
Compliance Certifications Dashboard Displays current compliance certifications (e.g., SOC 2, ISO 27001). |
Compliance dashboard showing certifications and status is part of the reporting suite. | |
|
GDPR Support Product supports General Data Protection Regulation for EU LPs and companies. |
Product supports GDPR-compliant features such as data minimization, access logging, and data deletion. | |
|
California Consumer Privacy Act (CCPA) Support Compliant with CCPA for handling California data subjects. |
CCPA requirements such as transparency, data deletion, and opt-out features are built into policy controls. | |
|
Automated Data Subject Requests Can handle right-to-access, right-to-be-forgotten, and correction requests. |
Automated handling of data subject access/right to deletion requests through workflow and audit features. | |
|
Audit-trail for Compliance Actions Proof of compliance actions is logged and accessible. |
All compliance-related actions are recorded in detailed, exportable audit trails. | |
|
Data Residency Controls Can restrict data storage and processing to certain jurisdictions. |
Product allows for control over data residency for cloud deployments to meet jurisdictional regulatory needs. | |
|
Policy Change Alerting Alerts administrators when compliance policies change or are updated. |
No information available | |
|
Compliance Report Generation Speed Time required to produce a full compliance report for auditors. |
No information available | |
|
Customizable Data Retention Policies Allows organizations to define bespoke regulatory retention periods. |
Data retention policies can be tailored to meet specific client or regulator requirements. | |
|
Vendor Risk Assessment Integration Integrates third-party assessments into compliance reporting. |
No information available |
System Integration and Interoperability
(9 Yes /9 Known /10 Possible features)
|
Open API Availability Product offers open APIs for extensibility and automation. |
Open API is available for extensibility (well-documented on developer portal). | |
|
Integration with Document Management Systems Works seamlessly with DMS like Box, Dropbox, SharePoint. |
Documented integrations for SharePoint and OneDrive; possible for Box/Dropbox via API. | |
|
CRM Integration Works with Salesforce and other CRM systems for LP and portfolio tracking. |
Salesforce and other CRM integration supported through API and pre-built connectors. | |
|
Automated Data Sync Frequency How frequently data is automatically synchronized across platforms. |
No information available | |
|
Support for SAML/OAuth Connectors Allows secure identity federation across multiple SaaS tools. |
SAML and OAuth 2.0 connectors are available for federated identity management. | |
|
Marketplace of Pre-Built Integrations Catalog of out-of-the-box plugins and connectors. |
Marketplace of pre-built integrations is offered and catalogued online. | |
|
Custom Integration Toolkit Offers SDKs/libraries for custom workflow integration. |
SDKs and libraries are provided for custom integrations, referenced on the developer portal. | |
|
Real-time Integration Monitoring Notifies when integrations fail or are at risk. |
Real-time monitoring of integration health status with admin alerts is included. | |
|
Versioning and Backward Compatibility Ensures integration APIs remain available across product upgrades. |
API versioning and backward compatibility are documented in technical support resources. | |
|
Granular Integration Permissions Permissions for integrations can be defined by user or group. |
Granular integration permissions can be configured by user role or group. |
Backup, Recovery, and Business Continuity
(5 Yes /5 Known /10 Possible features)
|
Automated Backups Scheduled, automatic backups of all critical data. |
Automated encrypted backups of critical data and configuration are included. | |
|
Backup Frequency How often backups are taken. |
No information available | |
|
Recovery Point Objective (RPO) Maximum acceptable age of files in backup, indicating potential data loss time window. |
No information available | |
|
Recovery Time Objective (RTO) Maximum acceptable time to restore systems after a failure. |
No information available | |
|
Encrypted Backups All backup data is encrypted during storage and transit. |
Backups are encrypted in storage and during transfer according to compliance documentation. | |
|
Geo-Redundant Backup Storage Backups are replicated in multiple data centers or regions. |
Cloud-based product provides geo-redundant backup to ensure resilience across data centers. | |
|
Disaster Recovery Playbooks Pre-defined procedures for different disaster scenarios. |
Disaster recovery playbooks are included and configurable for business continuity planning. | |
|
Backup Restore Testing Frequency How often backup restores are tested for integrity. |
No information available | |
|
Granular Restore Capability Can restore individual files, folders, or full systems. |
Supports granular restores at the file and device level (see admin capabilities for endpoint recovery). | |
|
Automated Failover Support Enables seamless transition to backup systems automatically. |
No information available |
Workflow and User Experience Security
(8 Yes /8 Known /10 Possible features)
|
Context-aware Access Controls Adapts access policies based on user location, device, or time. |
Context-aware access controls are available (e.g., device posture and location-based access restrictions). | |
|
User Activity Feedback System provides immediate visual/audible feedback for security events (e.g., successful login, warning for suspicious activity). |
Immediate UI feedback is provided to users for security events, logins, and alerts. | |
|
Security Warnings/Explainability Clear and actionable security warnings for users. |
Clear security warnings are displayed to end users in the application upon risk or incident detection. | |
|
Adaptive User Training Prompts In-app security learning for users when risky behaviors are detected. |
In-app training and guidance is provided for risky behavior or security prompts. | |
|
Minimal Security Task Completion Time Low latency for users performing security actions (e.g., reviewing access requests). |
No information available | |
|
Accessibility Support in Secure Workflows Features and workflows accessible to all users, including those with impairments. |
Product documentation highlights accessibility support for all major workflows. | |
|
Integrated Secure Approval Processes Enables approvals for sensitive actions within secured workflows. |
Secure approval processes are enforced for sensitive configuration changes and policy approvals. | |
|
Session Timeout Configuration Customizable length before automatic user logout due to inactivity. |
No information available | |
|
Mobile Security Features Appropriate controls and protections for mobile users. |
Mobile device security features include anti-malware, app control, and remote lock/wipe. | |
|
Frictionless Delegated Access Temporarily delegate access securely and efficiently. |
Delegated access can be configured and temporarily granted with restrictions, as per documentation. |
Vendor Management and Ecosystem Security
(5 Yes /5 Known /10 Possible features)
|
Third-party Risk Assessment Automation Automates evaluation and scoring of third-party risk. |
No information available | |
|
Vendor Access Control Restricts and monitors vendor/outsourced IT access to systems and data. |
Vendor access control is available—vendor endpoint management and activity can be restricted and audited. | |
|
Continuous Vendor Security Monitoring Monitors ongoing risk from vendors (e.g., dark web exposure, breaches). |
Continuous monitoring of vendor systems with alerts for breaches or suspicious activity is possible. | |
|
Vendor Security Questionnaire Management Centralizes collection and review of security documentation from vendors. |
Security questionnaires and documentation are managed within the broader McAfee security ecosystem. | |
|
Vendor Breach Notification Speed Time between vendor-reported security incidents and notifications to your firm. |
No information available | |
|
Vendor Data Segmentation Ensures vendor access is limited to specific, well-defined areas and data sets. |
Access segmentation is configurable at the device, group, or policy level for vendors. | |
|
Automated Vendor Offboarding Instant removal of vendor access once a contract ends. |
Automated vendor offboarding is supported upon removal from Active Directory or revocation in admin console. | |
|
Vendor Cost Monitoring Tracks and manages the cost of vendor cybersecurity services. |
No information available | |
|
Vendor Contract Compliance Flags Alerts for upcoming expirations, lacking attestations, or non-compliance. |
No information available | |
|
Portfolio Company Security Guidance Tools Provides tools or frameworks for portfolio companies to follow security best practices. |
No information available |
This data was generated by an AI system. Please check
with the supplier. More here
While you are talking to them, please let them know that they need to update their entry.