” The Job Descriptions”
1- McAfee ATD.
- Detection of file downloads — Detects when a user tries to download a file from an external resource.
- Analysis of the file for malware — verifies if the file contains any known malware.
- Block future downloads of the same file — Prevents future downloads of the file or its variants if the file is found to be malicious.
- Identify and remediate affected hosts — identifies the host that executed the malware, and also detects the hosts to which it has spread. Then, Advanced Threat Defense shares the report with your other security products. This allows you to quarantine the affected hosts until they are clean.
- Local blacklist — Checks for a known malware using a local blacklist.
- Emulation capabilities — Integrates with McAfee® Gateway Anti-Malware Engine for emulation capabilities.
- Signature-based detection — includes the McAfee® Anti-Malware Engine for signature-based detection.
- Sandboxing capability (Dynamic analysis) — Analyzes the file by executing it in a virtual sandbox environment to determine whether the file is malicious.
2- McAfee ENS.
- Scan engine and content files: McAfee’s protection software includes its scan engine and content files.
- Machine learning and behavioral monitoring: McAfee Endpoint Security uses machine learning to analyze the behavior of computer processes.
- Advanced remediation: recognizes ransomware attacks and can roll back the encryption of your files performed by ransomware.
3- Application Control.
- Whitelist: find and manage application-related files.
- Effective protection: coverage to executable files, libraries, drivers, Java applications, ActiveX controls, and scripts for greater control over application components.
- Advanced memory protection: prevents whitelisted applications from being exploited by memory buffer overflow attacks.