at Financial Technnology Year
Please contact them if you have any questions.
McAfee MVISION Cloud from McAfee
A cloud security platform that provides comprehensive visibility, data protection, and threat detection for cloud apps and services, helping ensure compliance with regulations.
Product analysis by function
Cybersecurity Infrastructure for Compliance and Risk Management
Comprehensive security solutions including firewalls, encryption tools, multi-factor authentication systems, and intrusion detection systems to protect sensitive client financial data.
More Cybersecurity Infrastructure
More Compliance and Risk Management ...
Network Security
(11 Yes /11 Known /14 Possible features)
|
Firewall Protection Implements barriers between trusted and untrusted networks to control traffic. |
McAfee MVISION Cloud includes firewall capabilities as part of its cloud gateway and security stack to control traffic between trusted/untrusted networks for cloud applications. | |
|
Intrusion Detection System (IDS) Monitors network traffic for suspicious activity and potential threats. |
MVISION Cloud offers real-time threat detection and analytics, which covers Intrusion Detection for cloud data and services. | |
|
Intrusion Prevention System (IPS) Actively prevents network threats identified by monitoring systems. |
Intrusion Prevention System features are present through automated threat response and policy enforcement in the cloud environment. | |
|
Network Segmentation Divides networks into segments to restrict access and reduce attack surfaces. |
Network segmentation is enabled through granular access policies and segmentation of cloud services/users. | |
|
Traffic Encryption Encrypts data communicated within and between networks. |
The platform enforces data and traffic encryption policies for communications within cloud environments. | |
|
Secure VPN Access Allows remote users secure and encrypted access to internal systems. |
Secure VPN Access to the cloud environment can be enforced or integrated with existing enterprise VPN solutions. | |
|
Wireless Security Controls Protects wireless communications via protocols and strong authentication. |
No information available | |
|
Network Monitoring Frequency How frequently the network is actively monitored for threats. |
No information available | |
|
Automated Threat Blocking Ability to automatically block threats detected on the network. |
Automated threat blocking is a core offering, with policy-based blocking/remediation of threats in real time. | |
|
Logging and Audit Trails Maintains detailed logs of network activity for forensic analysis. |
It maintains detailed audit logs for all cloud activity in accordance with compliance requirements. | |
|
DNS Filtering Prevents access to malicious domains and controls web access. |
DNS filtering is available to prevent cloud app access to malicious domains. | |
|
DDoS Protection Protects networks and services against Distributed Denial of Service attacks. |
Includes DDoS protections for supported SaaS/IaaS integrations. | |
|
Zero Trust Network Architecture Reduces reliance on perimeter security by enforcing strict access controls everywhere. |
Supports Zero Trust Network Architecture for cloud access with continuous authentication and policy enforcement. | |
|
Network Access Control (NAC) Restricts device and user access based on compliance with policies. |
. | No information available |
Data Encryption
(5 Yes /5 Known /13 Possible features)
|
At-rest Encryption Ensures all stored data is encrypted on disk. |
. | No information available |
|
In-transit Encryption Encrypts data as it travels across networks. |
MVISION Cloud enforces in-transit encryption for cloud application traffic. | |
|
End-to-End Encryption Secures data from the origin to the intended recipient. |
End-to-End encryption is enforced for sensitive data in supported cloud services. | |
|
Key Management System Manages and rotates cryptographic keys securely. |
. | No information available |
|
Encryption Algorithm Strength Bit length or standard of encryption (e.g., AES-256). |
. | No information available |
|
Tokenization Support Replaces sensitive data with non-sensitive placeholders. |
Provides tokenization for sensitive data as part of DLP and encryption controls. | |
|
Encrypted Backups Ensures all backup data is also encrypted. |
. | No information available |
|
Database Encryption Encrypts entire databases or selected fields. |
Cloud resident databases can be encrypted as managed by MVISION policies. | |
|
Encryption Policy Management Defines and enforces data encryption standards. |
MVISION includes encryption policy management for cloud resources/data. | |
|
Pseudonymization Options Enables privacy-preserving techniques alongside encryption. |
. | No information available |
|
Hardware Security Module (HSM) Integration Leverages physical devices for additional encryption security. |
. | No information available |
|
Automatic Key Rotation Regular automatic change of encryption keys. |
. | No information available |
|
Regulatory-Compliant Encryption Aligns with PCI DSS, GDPR, and similar standards. |
. | No information available |
Authentication & Access Controls
(9 Yes /9 Known /13 Possible features)
|
Multi-Factor Authentication (MFA) Requires more than one method of authentication to verify a user's identity. |
Multi-Factor Authentication for cloud access is supported through integrations (e.g., SAML, OpenID). | |
|
Single Sign-On (SSO) Allows users to access multiple applications using one set of login credentials. |
Single Sign-On to cloud apps via enterprise identity providers. | |
|
Role-Based Access Control (RBAC) Assigns system access based on user roles and responsibilities. |
Role-Based Access Control enforced for different users/apps within the cloud platform. | |
|
Time-based Access Restrictions Limits system access to specific time windows. |
. | No information available |
|
Granular Permissions Enables fine-tuned access controls down to module or record level. |
Granular access permissions for cloud users and resources are supported. | |
|
Adaptive Authentication Adjusts authentication requirements based on risk factors. |
Supports Adaptive Authentication with context-based controls for cloud access. | |
|
Session Timeout Automates the termination of sessions after inactivity. |
. | No information available |
|
Password Policy Enforcement Enforces complexity, rotation, and reuse rules for passwords. |
Password policies can be enforced in line with enterprise standards via integrations. | |
|
Account Lockout Mechanism Temporarily locks user accounts after a set number of failed login attempts. |
Account lockouts after failed authentication attempts can be managed via directory integration. | |
|
Device Authentication Restricts access based on registered devices. |
No information available | |
|
User Provisioning/Deprovisioning Automation Automates account creation and removal to prevent orphaned access. |
Automation of user provisioning and deprovisioning via SCIM and directory integration. | |
|
Privileged Access Management Provides special controls for administrator or sensitive access. |
. | No information available |
|
Audit Logging of Access Attempts Maintains an immutable record of all access attempts. |
Access attempts are logged for audit and compliance. |
Endpoint Security
(0 Yes /0 Known /12 Possible features)
|
Antivirus & Antimalware Detects and removes malicious software from endpoints. |
No information available | |
|
Endpoint Detection and Response (EDR) Monitors endpoints for suspicious activity to respond rapidly to incidents. |
No information available | |
|
Device Encryption Encrypts hard drives and storage on endpoints. |
No information available | |
|
Remote Device Wipe Allows administrators to erase sensitive data from lost/stolen devices. |
No information available | |
|
Mobile Device Management (MDM) Centralizes control and monitoring of mobile endpoints. |
No information available | |
|
Application Whitelisting/Blacklisting Restricts which applications can run on endpoints. |
No information available | |
|
Patch Management Automation Automates installation of software security patches. |
No information available | |
|
USB/Peripheral Control Restricts use of removable storage and peripheral devices. |
. | No information available |
|
Browser Security Controls Secures web browsing on endpoints. |
No information available | |
|
Endpoint Health Checks Ensures only compliant endpoints can access network resources. |
No information available | |
|
Real-time Threat Monitoring Provides continuous monitoring for endpoint threats. |
No information available | |
|
Phishing Protection Detects and blocks phishing attempts delivered to endpoints. |
No information available |
Application Security
(7 Yes /7 Known /12 Possible features)
|
Secure Software Development Lifecycle (SDLC) Integrates security checkpoints at each phase of application development. |
MVISION Cloud helps enforce secure development and deployment practices in cloud apps. | |
|
Static Application Security Testing (SAST) Analyzes source code for vulnerabilities during development. |
No information available | |
|
Dynamic Application Security Testing (DAST) Tests running applications for vulnerabilities. |
No information available | |
|
Web Application Firewall (WAF) Protects web applications from common threats (e.g., OWASP Top 10). |
Web Application Firewall features are included for cloud-facing apps. | |
|
Code Review Automation Automated scanning and review of codebases for security issues. |
Code review automation for cloud custom code via integrations and security workflow support. | |
|
Vulnerability Patch Frequency How often identified vulnerabilities are patched. |
. | No information available |
|
API Security Tools Protects APIs from unauthorized access and attacks. |
API security tools for governing API traffic and blocking API-based threats are present. | |
|
Application Penetration Testing Regular testing of application defenses by ethical hackers. |
Supports regular penetration testing as part of recommended best practices and audit logs can retain 3rd party results. | |
|
Security Configuration Management Ensures secure default configurations for all applications. |
Security configuration management for cloud services, enforcing secure defaults and compliance. | |
|
Third-Party Library Scanning Checks for vulnerabilities in third-party dependencies. |
Third-party library scanning is supported for cloud apps via integrations. | |
|
Secure Coding Standards Enforcement Mandates use of published secure coding guidelines. |
. | No information available |
|
Sandboxing Capabilities Runs applications in isolated environments to limit possible attacks. |
. | No information available |
User Monitoring and Incident Detection
(6 Yes /6 Known /11 Possible features)
|
User Activity Logging Records all user actions on sensitive systems. |
. | No information available |
|
Security Information and Event Management (SIEM) Centralizes analysis of security events and alerts. |
SIEM integration and native analysis of event data for centralized security event management. | |
|
Anomaly Detection Algorithms Uses machine learning or heuristics to spot unusual behavior. |
Anomaly detection employing machine learning models for cloud threat monitoring. | |
|
Real-time Alerting Notifies security teams instantly of potential security incidents. |
Real-time alerting to security teams is a documented capability. | |
|
Automated Incident Response Initiates response playbooks or actions upon detection. |
Automated incident response supported via workflow automation for threat handling. | |
|
Data Loss Prevention (DLP) Monitors for, and prevents, the unauthorized movement of sensitive data. |
MVISION Cloud includes Data Loss Prevention for sensitive data in cloud use. | |
|
Session Recording Captures user sessions for review and auditing. |
. | No information available |
|
Alert Resolution Time Average time to resolve security alerts. |
. | No information available |
|
User Behavior Analytics (UBA) Analyzes statistical user behavior to find security issues. |
. | No information available |
|
Privilege Escalation Detection Detects when a user tries to gain unauthorized access. |
. | No information available |
|
Reporting Dashboard Provides graphical reports and summaries of user and incident data. |
Reporting dashboards for incidents, compliance, and cloud risk posture present. |
Compliance and Regulatory Controls
(9 Yes /9 Known /12 Possible features)
|
GDPR Compliance Meets the General Data Protection Regulation requirements. |
McAfee documents GDPR compliance capabilities in MVISION Cloud. | |
|
PCI DSS Compliance Meets the Payment Card Industry Data Security Standards. |
PCI DSS compliance attestation is referenced for cloud services. | |
|
SOC 2 Reporting Supports System and Organization Controls (SOC) 2 compliance. |
SOC 2 compliance support via reporting and controls. | |
|
Automated Compliance Monitoring Continuously checks systems for compliance with defined standards. |
Automated compliance monitoring is part of governance features. | |
|
Policy Management Tools Enables creation, approval, and enforcement of compliance policies. |
Compliance policy management and approval tools included. | |
|
Automated Regulatory Updates Monitors and integrates regulatory change notifications. |
. | No information available |
|
Audit-ready Reporting Generates reports immediately usable in compliance audits. |
Audit-ready reporting and export for compliance needs. | |
|
Compliance Checklist Management Tracks and manages compliance requirements and status. |
Compliance checklist management capabilities provided. | |
|
Data Subject Request Management Assists with requests under privacy laws (e.g., access, delete, rectify). |
Data subject request management for privacy compliance included. | |
|
Automated Incident Reporting Files regulatory notifications of security incidents per jurisdiction. |
Automated incident reporting for regulatory requirements built-in. | |
|
Breach Notification Timeliness Average time from breach discovery to notification. |
. | No information available |
|
Consent Management Tools Captures, manages, and documents client consent under CCPA/GDPR/etc. |
. | No information available |
Physical Security
(0 Yes /0 Known /11 Possible features)
|
Access Control Systems Restricts physical access to authorized personnel only. |
. | No information available |
|
Security Surveillance Cameras Monitors facilities with video recording for incident review. |
. | No information available |
|
Visitor Log Management Tracks all external personnel entering secure areas. |
. | No information available |
|
Biometric Access Controls Uses fingerprints or facial recognition to authorize personnel. |
. | No information available |
|
Alarm Systems Detects and alerts to unauthorized entry or incidents. |
. | No information available |
|
Physical Asset Tagging Tags and inventories critical devices for monitoring. |
. | No information available |
|
Equipment Disposal Procedures Ensures secure destruction or wiping of retired equipment. |
. | No information available |
|
Onsite Security Staffing Employs dedicated personnel for facility security. |
. | No information available |
|
Environment Monitoring Detects fire, water, or temperature threats to IT environments. |
. | No information available |
|
Secure Area Designation Defines and enforces areas with restricted access. |
. | No information available |
|
Physical Penetration Testing Regularly tests the effectiveness of physical security defenses. |
. | No information available |
Business Continuity and Disaster Recovery
(0 Yes /0 Known /11 Possible features)
|
Automated Backups Schedules and maintains regular data backups. |
. | No information available |
|
Backup Frequency How often data backups are performed. |
. | No information available |
|
Backup Retention Policy Policies for how long backups are retained. |
. | No information available |
|
Disaster Recovery Plan Documentation Maintains comprehensive documentation for recovery procedures. |
. | No information available |
|
Failover Systems Automatic switching to redundant resources during outages. |
. | No information available |
|
Recovery Time Objective (RTO) Maximum allowable downtime for critical systems. |
. | No information available |
|
Recovery Point Objective (RPO) Maximum allowable data loss measured in time. |
. | No information available |
|
Ransomware Recovery Tools Capabilities to recover data in the event of ransomware attacks. |
. | No information available |
|
Tabletop Testing Frequency How often disaster recovery plans are tested via scenarios. |
. | No information available |
|
Data Center Redundancy Ensures backup systems are located geographically apart. |
. | No information available |
|
Alternate Communication Channels Provides backup communications (e.g., phone, messaging). |
. | No information available |
Vendor and Third-Party Risk Management
(0 Yes /0 Known /10 Possible features)
|
Third-Party Security Assessments Evaluates vendors’ security postures before partnership. |
. | No information available |
|
Vendor Onboarding Controls Standard procedures to ensure secure onboarding. |
. | No information available |
|
Continuous Vendor Monitoring Regularly reviews vendors for changing risk. |
. | No information available |
|
Data Sharing Agreements Specifies how client data is shared, used, and protected. |
. | No information available |
|
Contractual Security Clauses Mandates specific security obligations in contracts. |
. | No information available |
|
Vendor Breach Notification Time Time required for vendors to disclose breaches. |
. | No information available |
|
Shared Responsibility Matrix Defines security responsibilities among parties. |
. | No information available |
|
Fourth-Party Risk Visibility Tracks risk due to your vendors’ suppliers. |
. | No information available |
|
Due Diligence Documentation Retention How long vendor risk assessment records are kept. |
. | No information available |
|
Integration Security Testing Validates the security of vendor software/API integrations. |
. | No information available |
Security Awareness and Training
(0 Yes /0 Known /11 Possible features)
|
Mandatory Security Training All staff must complete initial and periodic security training. |
. | No information available |
|
Phishing Simulation Exercises Regular simulated attacks to train staff in recognizing threats. |
. | No information available |
|
Social Engineering Awareness Includes modules on social engineering tactics and response. |
. | No information available |
|
Customizable Training Content Adapts content to organization roles and needs. |
. | No information available |
|
Incident Response Training Teaches staff their responsibilities in event of breach. |
. | No information available |
|
Security Policy Acknowledgement Staff must confirm understanding/compliance with policies. |
. | No information available |
|
Training Completion Tracking Monitors which users have completed required courses. |
. | No information available |
|
Knowledge Assessment Quizzes Tests user retention and comprehension after training. |
. | No information available |
|
Training Frequency How often training must be renewed. |
. | No information available |
|
Multilingual Training Support Offers content in multiple languages. |
. | No information available |
|
Executive & Board Training Programs Tailored programs for senior leadership. |
. | No information available |
This data was generated by an AI system. Please check
with the supplier. More here
While you are talking to them, please let them know that they need to update their entry.