Content
McAfee SECURE™ Technology
Simple, effective, affordable website security scanning and risk assessment.
McAfee technology helps you manage online risk. Whether you turn to McAfee for vulnerability scanning, PCI certification or trustmark validation, we deliver security solutions that are simple, effective and affordable.
When it comes to vulnerability outbreaks, the time between identification and infection is very short. Trying to keep your network up-to-date on your own is tedious, time consuming and expensive. With McAfee products, we take care of the tough stuff and give you the information you need, when you need it so you can concentrate on the work that helps your business grow.
You don't want to discover that your site is vulnerable after it is hacked. That's why McAfee solutions are so effective for you. We approach your site through the eyes of the bad guys. Our discovery and scan processes mimic the ways in which hackers search for vulnerabilities they can exploit. And because we scan daily, you get testing, verification and communication quickly.
As the largest dedicated security company in the world, McAfee has the resources to provide you with enterprise class technology at an affordable price. And our world recognized brand can help reassure your customers that you're making their site experience safer and more secure.
Port DiscoveryAccurately determining which ports on an IP address are open is a crucial first step to a comprehensive security audit. Our discovery technology is designed to map any network, no matter how complex or large. And unlike most scanning solutions based on Nmap, our advanced dynamic port scanning can handle all targets, from desktop PCs to the most aggressive firewalls, IDS and IPS systems.
Network DiscoveryOur advanced scanning technology is designed to reduce the difficulty of managing the security of large, complex public IP networks. It allows you to quickly and accurately discover, identify and monitor network devices, find rogue devices or identify unauthorized services across any specified IP sub-net range. Our smart scan can even root out stealth techniques used to overcome IDS, scan blocking, and packet delays.
Network Services Vulnerability ScanOnce the network is mapped, we thoroughly interrogate each service on every available port to determine exactly what software is running and how it is configured. We then match this to our vulnerability knowledge base which is updated every 15 minutes. This allows us to launch additional, service specific tests.
Web Applications Vulnerability ScanWeb application testing is a critical piece of the vulnerability scan because traditional security mechanisms such as firewalls and IDS provide little or no protection against attacks on your web applications. During this testing phase, all HTTP services and virtual domains are checked for the existence of potentially dangerous modules, configurations settings, CGIs and other scripts, and default installed files. The website is then "deep crawled" including flash embedded links and password protected pages, to find forms and other potentially dangerous interactive elements. These are then exercised in specific ways to disclose any application-level vulnerabilities such as code revelation, cross-site scripting and SQL injection. Both generic and software specific tests are performed in order to uncover misconfigurations and coding error vulnerabilities.
Content ScanMcAfee also scans your downloadable files, registration forms and outbound links for risk. Files are scanned for accidental infection by malware. Forms are tested using unique, one time use e-mail addresses to see if form data is properly protected. And outbound links are tested against a massive database to ensure your site does not inadvertently link to a malicious website. These scans are based on a database that is referenced nearly three billion times per day by McAfee customers.
Configurable scanningAlong with the daily or quarterly audits required for trustmark or PCI certification, additional on-demand audits can be launched from the portal at any time. These manual audits can be configured at the device (port) and domain (protocol) level. Manual scans can be directed at new vulnerabilities to help speed remediation efforts and patch verification. They can also be for "denial of service" and "full exploit" vulnerabilities. Scanning may be scheduled by individual device or device group. You can also define separate schedules for web application and port-level scans for each device.
AlertsAfter each daily scan, the portal alerts you whenever a vulnerability has been discovered. These alerts - which include patch information for rapid remediation - are configurable by user, device group, and severity level and are sent by e-mail. You also receive immediate, preemptive alerts when a device in your network has been targeted by a newly discovered vulnerability. This notification significantly reduces your exposure time to this new vulnerability.
Devices and device groups across large networksOur vulnerability management portal enables you to effectively manage vulnerability data for large networks by assigning any network device, device group, or IP address to one or more specific groups and then assign these groups to individual or grouped users. Using our device and vulnerability classification capabilities, individual devices or entire IP blocks can be easily sorted and grouped by vulnerability, device type, business function, geographic location, or other criteria, and then assigned to a user or user-profile group. You can then use the power of this flexible system to drive audit schedules, alerting, remediation activities and compliance reporting throughout your organization.
Multiple-user rolesWe provide a hierarchical multi-user environment with role-based access, alerting and reporting. These powerful user management capabilities enable delegation of vulnerability assessment and remediation tasks to multiple users with pre-assigned device-level audit access, while maintaining centralized control and reporting for the Security Manager. This functionality simplifies delegation and management of network security maintenance, facilitates enterprise-wide compliance reporting, and provides all levels of staff and management with appropriate and up-to-date security information.
Analysis and RemediationInteractive tools and wizards enable you to easily manage vulnerability information. For example, vulnerabilities can be sorted by device group, severity or effort-to-patch. Configurable device grouping allows expedited remediation planning, delegation and patch management. Complete and detailed easy-to-follow patch instructions are provided within the vulnerability management portal. Links to more information, such as CVE, CERT, BugTraq and vendor resources are also provided. When additional advice is needed, McAfee is ready with prompt, knowledgeable and courteous support staff.
Expert SupportWhatever your technical question, or level of expertise, our experienced staff is there to support you. With the unprecedented experience of scanning thousands of network devices every day, we can quickly provide accurate and authoritative assistance.
Unlimited SupportAll McAfee SECURE customers receive unlimited online and e-mail customer support. In addition, customers of our McAfee SECURE for Websites Service and McAfee SECURE Vulnerability SaaS receive unlimited telephone customer support during office hours (7am - 7 pm PST).
Your DataMcAfee is annually certified to the PCI Level One security standard. Our entire portal infrastructure and all customer data is maintained within redundant, highly secure Tier One data centers with SAS-70 security certification, 24/7 on-site guards and biometric access control. The portal resides behind high-availability firewalls and intrusion monitoring systems. In addition, each server runs a localized firewall and IDS/IPS on top of a uniquely customized, hardened Linux distribution OS. Secure access to each user account can be easily configured with options for IP address restriction, private key authentication, and two factor single-use password authentication.
Conversion Rate ImprovementWe've conducted hundreds of A/B tests involving millions of visits and on average, shoppers are 12%* more likely to become buyers when shown the trustmark. That means more sales and lower customer acquisition costs.
* As measured by A/B testing comparing sales when the McAfee SECURE trustmark was and was not displayed, from July 2008 - January 2009. Your results may vary.
* As measured by A/B testing comparing sales when the McAfee SECURE trustmark was and was not displayed, from July 2008 - January 2009. Your results may vary.
Trusting the trustmarkSites that use the McAfee SECURE service must maintain their security status to be eligible to display the trustmark. The status of the trustmark can be quickly verified by clicking on the mark. McAfee SECURE trustmarks always link through to a verification page hosted on a McAfee domain.
Vulnerability Knowledge BaseWe update the knowledge base continuously with tests for newly discovered vulnerabilities from sources worldwide. McAfee has more than 125 million customer nodes across the world that provide us a continuous stream of security information that enables us to provide between-scan proactive alerts and ensure our customers are always alerted of the latest vulnerabilities affecting their network.
More Accurate. Less Load.Our approach to vulnerability auditing enables us to perform more accurate audits with less load on your servers. It also enables us to run any single test or test phase on a target to detect changes, test specific ports or vulnerabilities, or run web application only tests on multiple web sites residing on a single server. And our activity is non-disruptive to your network operations.
Our Network of Scan AppliancesOur network of distributed proprietary scanning servers, located in multiple data centers in North America, Europe and Asia, allows us to reliably perform daily security audits for thousands of clients located worldwide. Each scan appliance is controlled by our central knowledge base and vulnerability management system, allowing the most suitable appliance to be automatically assigned to each device under test.
The McAfee SECURE™ standard is an aggregate of industry best practices, designed to provide a level of security that an online merchant can reasonably achieve to help provide consumers with better protection when interacting with websites and shopping online.
| Vulnerabilities Identified | Required for Certification | |||
|---|---|---|---|---|
| Security Risk | McAfee SECURE | PCI | McAfee SECURE | PCI |
| Scan Frequency | Daily | Quarterly | Daily | Quarterly |
| SQL Injection |  |
|
|
|
| Blind SQL Injection | |
|
|
|
| SQL Database Error Disclosure | |
|
|
|
| Local File and Remote File Includes | |
|
|
|
| Directory Traversals | |
|
|
|
| Improper Error Handling | |
|
Optional | |
| Application Source Code Disclosure | |
|
|
|
| Authentication Bypass | |
|
|
|
| Insufficient Session Expiration | |
|
Optional | |
| Command Injection | |
|
|
|
| SSL Injection | |
|
|
|
| Malicious CGI Scripts | |
|
|
|
| Buffer Overflows | |
|
|
|
| Client Side Vulnerabilities | |
|
Optional | |
| Directory Indexing | |
|
Optional | |
| Server Misconfigurations | |
|
Optional | |
| SSL Encryption | |
|
Optional | |
| Scan Frequency | Ongoing | Not Applicable | Ongoing | Not Applicable |
| Malicious Downloads | Ongoing | Ongoing | ||
| Malicious Affiliations (Links) | Ongoing | Ongoing | ||
| Phishing Scams | Ongoing | Ongoing | ||
| Browser Exploits | Ongoing | Ongoing | ||
| Misuse of personal information | Ongoing | Ongoing | ||
| Annoyances (excessive Pop-ups) | Ongoing | Ongoing | ||