Brent Conran

Chief Security Officer, McAfee

Brent Conran is the CSO at McAfee, Inc., the world’s largest dedicated security technology company. Long a champion of cyber security, his in-depth knowledge of both technology and business helps him drive and manage organization-wide information security programs aligned with business strategies. Conran engages and educates stakeholders, finding ways to mitigate and reduce risk while balancing security and business needs which enhances the McAfee brand.  Responsible for safeguarding the company’s assets, intellectual property, and computer systems, he works closely with McAfee employees and executives, government agencies and local, state, and federal law enforcement to ensure optimum security.

Conran brings a unique combination of pragmatism and practicality based on years of experience in business, government and financial services. Before joining McAfee, Conran held dual responsibilities as both the Chief Information Officer and the Chief Information Security Officer for the US House of Representatives, where he managed the IT operations necessary to facilitate a robust computing environment for the Members of Congress. Earlier he served as Security Officer/Architect for Merrill Lynch Private Client Group and for J.P. Morgan. He has worked as a white hat hacker with CSC Hack Pack, and was instrumental in evolving the SEA Sparrow Missile WAN for NATO.

In 2010, Conran received the Uptime Institute Green Enterprise IT award for IT Innovation. He holds a bachelor’s degree from Towson University and has earned numerous certifications in the security industry, including Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), and Checkpoint Certified Security Expert (CCSE).

Dr. Phyllis Schneck
VP & CTO, Global Public Sector, McAfee

Dr. Phyllis A. Schneck is Vice President and CTO of McAfee’s Global Public Sector business. In this role, she is responsible for the technical vision for public sector applications of security and global threat intelligence, strategic thought leadership around technology and policy in cyber security, and leading McAfee initiatives in adaptive security and intelligence in networks for critical infrastructure protection and cross-sector cyber security.

For more than 14 years, Schneck has had a distinguished presence in the security and infrastructure protection community, most recently as a Commissioner and a working group Co-Chair on public-private partnership, and a working group Chair on Network Situational Awareness for the CSIS Commission to Advise the 44th President on Cyber Security. Schneck recently Co-Chaired the Critical Infrastructure Protection (CIP) Congress and is leading the follow-up effort for the first global strategic plan for CIP. Schneck is also the Chairman of the Board of Directors of the National Cyber Forensics and Training Alliance, a partnership between corporations, government and law enforcement for cyber analysis to combat international cyber crime. Schneck also serves on the NIST Information Security and Privacy Advisory Board. Schneck was recently named the Loyola University Maryland David D. Lattanze Center 2012 Executive of the Year.

Schneck served for eight years as chairman of the National Board of Directors of the FBI’s InfraGard program and founding president of InfraGard Atlanta, growing the InfraGard program from 2000 to over 30,000 members nationwide. In this role, she was primarily responsible for the strategic growth and vision of the private sector side of the InfraGard Program, and for growing the relationship between InfraGard and the Department of Homeland Security (DHS) through several Directorates. Schneck was chiefly responsible for the first Memorandum of Understanding between DHS and InfraGard and for engaging DHS officials with all local InfraGard Chapters nationwide. She was also responsible for creating the first overall InfraGard strategic plan in 2002, and represented InfraGard in the creation of National Policy, such as the National Infrastructure Protection Plan. Named one of Information Security Magazine’s Top 25 Women Leaders in Information Security, Schneck briefed the governments of Japan, Australia and Canada by invitation on information sharing and infrastructure protection, has worked with the UK infrastructure protection and cyber security authorities on US partnership, and was the moderator of the White House Town Hall Meeting in Atlanta for the National Strategy to Secure Cyberspace in June of 2002.

She holds three patents in high-performance and adaptive information security, and has six research publications in the areas of information security, real-time systems, telecom and software engineering.

Before joining McAfee, Schneck was vice president of Research Integration for Secure Computing, where she conceived and built the early intelligence practice into a full Beta program for data as a service and managed the IP portfolio for the entire email security and intelligence suite. Prior, Schneck was the vice president Enterprise Services for eCommSecurity. Prior to that, she served as vice president of Corporate Strategy for SecureWorks, Inc., and was founder and chief executive officer of Avalon Communications, a provider of real-time security technology that was acquired by SecureWorks, Inc. Schneck also held various information science technical positions with CygnaCom Solutions, the MITRE Corporation, Computer Sciences Corporation, IBM Systems Integration Division, NASA Goddard Space Flight Center and the University Of Maryland’s Department of Meteorology.

Schneck received her Ph.D. in Computer Science from Georgia Tech, and pioneered the field of information security and security-based high-performance computing at Georgia Tech. She maintains a seat on the Advisory Board of the Johns Hopkins University Department of Computer Science, served on the Steering Committee for the Sam Nunn Information Security Forum as well as a term on the Georgia Tech Advisory Board, and cofounded the Georgia Tech Information Security Center and the Georgia Electronic Commerce Association’s Working Group on Information Security.

McAfee’s Chief Security Officer, Brent Conran, and Chief Technology Officer – Public Sector, Dr. Phyllis Schneck, will present the report’s findings on emerging cyber threats. The report is based on a comprehensive scan and analysis of the threat environment by McAfee Labs, our dedicated global research organization.

While these speakers will kick off the session, we invite discussion and participation from policymakers, government executives, thought leaders and the press.

Please RSVP to Lianna Catino (info below) for planning purposes.

EVENT DETAILS

What:  McAfee Breakfast Briefing and Discussion on Quarterly Threat Report

When:  Monday, June 3, 8:30-10:30 a.m.

Where: National Press Club

529 14^th St NW, 13^th floor

Washington, DC  20045

RSVP: Lianna Catino, Raffetto Herman Communications

lcatino@rhstrategic.com

(202) 379-0547

Today’s youth has been brought up with the advent of the internet. As a generation of ‘digital natives’ they often know more about the ins and outs of online than their parents do.  While it’s important for children to embrace new technologies and the benefits they can bring, there are dangers in cyberspace that both children and parents need to be aware of. In many cases, parents feel intimidated about how technologically advanced their kids are and refrain from enforcing rules that are imperative for protection as kids surf and socialise online. But at what cost?

As a father of two, child internet safety is front of mind for me and I recently stumbled across some new research on the subject as I was travelling. Parenting website Netmums questioned 825 children aged between seven and 16 on their internet usage and 1,127 parents on their perceptions of kids’ online habits.

The study found that more than a quarter of children pretend to be older to access certain websites, with an additional half of respondents stating they have accidentally accessed inappropriate content online. What’s worse is that almost 30% of the parents questioned admitted to allowing their children to access the Internet without restrictions or supervision.

We commissioned our own research last year, conducted by OnePoll, which revealed similar findings. We questioned 2,000 UK parents of children aged 5 to 15 on their kids use of the internet and found:

• 82% of five year olds already own or use an internet enabled device
• 60% of parents frequently let their child surf the web without adult supervision
• One in six parents have been shocked to discover their child viewing unsuitable content
• Only 45% of parents have had a serious conversation with their child about the dangers of online; a third believe the media is responsible for educating children
• 50% of parents haven’t taken any sort of preventative measures to ensure their child can’t access inappropriate content

There’s a clear disconnect between what children are doing online and what parents believe they are getting up to. More work needs to be done to redress the balance, and McAfee is committed to the cause. In November 2012 we launched an Online Safety for Kids programme in the UK, following success for the scheme in the US. The aim of the programme is to raise awareness of the potential risks and share knowledge about how to stay safe online. Our staff volunteer to teach online safety courses at schools in the communities where they live and work, alongside an online portal that provides schools, parents and kids with handy tips and tricks on how to safely navigate cyber space.

In addition to the programme, we had our annual community day on the 16^th May, which saw McAfee employees going into schools to talk to youngsters about the dangers of the online world. This is an initiative that is very much close to my heart and, unlike the rest of my work, is something that I bring home to share with my own kids.

In order for children to take advantage of the benefits of the internet, parents have a key role to play in educating children on the dangers that lurk online. Security software is available that can restrict what kids see and do on the web, taking a lot of pressure off parents to stay current with every new risk. McAfee Family Protection is an example and is built to empower parents to say ‘yes’ to their children’s online activity, knowing they will be safe as they learn and explore.

But it’s also important that parents get involved with their kids’ online lives, and make sure they know how to act and react to what they see on the web. This should include frequent one-to-one conversations on how to practice safe online behaviour, whether they are researching their latest school project or chatting to friends. In playing an active role, parents can have peace of mind that their children are safe, protected and informed about the risks.

This past April (4/19 to 4/21) I had the great pleasure and experience of joining the Red Team at 9^th NCCDC competition.   It was actually my 2^nd year on the Red Team and 4^th year to attend in total (I judged in 2010 and 2011).  McAfee is actually a perpetual sponsor of this event.  That being said, I have my own selfish agenda when I attend.

Joining in as part of the Red Team is, by far, on of the most educational experiences I could possibly put myself in.   Not only are you tossed into a room w/ folks like Mubix, Vyrus, Raphael Mudge, and others – but also you are on a limited schedule and from the time that the competition starts it’s heated and non-stop.

The general strategy this year was to lay down all our toys and persistence (backdoors, beacons, RATs and other tools) on Day 1.   We made very little noise, hoping that the competing teams would gain a false sense of confidence and not notice our presence on their systems.   This way on Day 2 when the chaos commences, and the teams choose to just ‘restore from backup’ or ‘revert snapshots’ and the like, they end up restoring all our persistent tools and we retain access and ownership.

DarkComet Client Console

And . . . .. . It worked!

Different individuals on the Red Team had their unique tools and methods to gain and retain access and unset the teams’ activities.   As the McAfee guy, I choose to rely on some old, tried and true (and very accessible RATs).  Most of my activities centered on the use of DarkComet and, to a far lesser degree, DNA.

RAT Remote Process View

My philosophy was driven by two primacy goals.   First, I know these things work realllllllllly well.  And with these RATs on the box, I can control and own everything.  Second, and possibly more interesting, is that if these tools work, I know that the teams are not putting any effort into installing/deploying even the most basic endpoint/host-based AV solutions.   This is especially intriguing because, as a sponsor, McAfee provided the competition with our software.   I purposely did NOT do any crypting/packing/obfuscation on the RATs I generated.   I know that McAfee (and just about all other) vendors DID detect these things.  Yet, I still managed to install and persist on most of the hosts that I deployed to (deployed via Cobalt Strike btw).

When the competition was over, I chatted with a few competitors, and mentioned this fact.  I immediately saw the gears start turning.  I could tell they had a real “Ahhhh we should have done that” moment.  Not to mention, that McAfee (and others) detect meterpreter/MSF listeners and Trojans as malware/PUPs.  Those could have been curtailed as well.

Each year, the teams have to setup, maintain, and safeguard an environment for a faux company/entity.  This year the teams were tasked with tasked with the environment of a Correctional Institute.   This includes databases for tracking the whereabouts of prisoners, an e-commerce site for a prisoner commissary, and more.  From the Red Team perspective, this gives us some of our big bets for getting points deducted from the teams.   For example if you kill/mangle/destroy the database for tracking prisoner and personnel, that’s one of the high point items.   After all, they don’t want an IT issue to allow prisoners to go unaccounted for or escape, etc.   Other hot items include public web site defacement and acquisition of PII (personally identifiable information).  For added fun, many of us defaced the web sites by posting the company’s PII for all to see.

Defaced with PII

All and all it was a fantastic experience.   I look forward to future activities with this competition.

UTSA shot a documentary this year.  I’ll post details on that once it’s released.    However, if you’d like to get some really detailed info, Hak5 released a documentary filmed at the 2012 event.   It features great interviews and ‘behind the scenes’ Red Team action.   I’m not interviewed, but you can see the top of my head in a couple shots!!

Hak5 Doc – Jim’s Head

2012 Hak5 Documentary

Additional Blogs on NCCDC 2013

• David Cowen - http://mcaf.ee/wid10
• Raphael Mudge - http://mcaf.ee/ageor
• Alex Levinson - http://mcaf.ee/limh1

NCCDC 2013 Red Team Brief - http://mcaf.ee/uodvk

Bonus:   We recently did our 2^nd AudioParasitics episode with the great Raphael Mudge.   This time we have a full and glorious video demo of Cobalt Strike in action.  We actually walk though scenarios and give you details on how some of these Red Team activities actually occur.

AudioParasitics Episode 141 (video) - http://mcaf.ee/gep69

While one can make general observations from this report around cybercriminals taking threats beneath the OS level, digitally-signed malware trends, and a rise in malicious URLs, I would like to share the four trends that were uncovered this quarter that make it clear that CMP is critical in the fight to safeguard the entire network from malware.

1. Malware growth: It’s a zoo out there

At McAfee, we have a zoo.  Okay, so it’s a “malware zoo” but it’s wild never-the-less.  Last quarter, McAfee researchers calculated that they discover one new malware sample every second.  We already have more than 113 million samples in our malware zoo, and should approach 120 million next quarter. Growth in new malware by quarter is also on a relatively steady, and steeper, path. From a network security standpoint, these facts mean that our solutions need to continue to evolve to protect more and protect faster.

2. Rootkits:  Stealthy sneaks

Rootkits continue to be a huge risk to security because they are so stealthy and often very hard to detect and remediate.  Rootkit detection is difficult because a rootkit is designed to evade detection, may be able to subvert the software that is intended to find it, and can reside on a system for prolonged periods – even after adequate security has been installed.  According to the report, after rising during most of the past year, the number of new rootkit samples took a steep downturn this quarter. I’m still suspicious.  While the trending is down, I don’t believe we are out of the woods yet when it comes to rootkits.

3.  AutoRun malware: Walks in through the front door

McAfee Labs has seen a very significant uptick in AutoRun malware this quarter – almost regaining its record high point reached in second quarter of 2010.  AutoRun malware often hides on USB drives and can allow an attacker to take control of a system.  I’m not surprised this is on the rise since more and more employees are using their home and work devices interchangeably – often unknowingly walking malware right through the organization’s front door and plugging it in.  This is just one reason that organizations must ramp up security in order to combat the risks inherent to BYOD.

4. Suspicious URLs: The malicious webs they weave

I was intrigued to learn from the report that suspicious URLs are replacing botnets as the primary distribution method for malware.  An analysis of web threats found that the number of new suspicious URLs increased by 70 percent in the fourth quarter – with 95 percent of these URLs hosting malware, exploits or code designed specifically to compromise computers. This upward trending confirms that a multi-layered defense with strong web protection and anti-malware must be implemented across a business network.

From the trends uncovered in the McAfee Threats Report: Fourth Quarter 2012, you can see that malware is at the center of much of the activity.  Using the data from McAfee’s Global Threat Intelligence (GTI) network and the skills from McAfee Labs’ team of over 500 researchers, we can stay current and ahead of the developing threats.  With this intelligence, we continue to hone and develop our defenses and grow our CMP strategy – one that weaves anti-malware protection to and through all of our network defenses.

Here is a very interesting infographic that traces emergence of Internet over the last 30 years.

This young Lady has sure changed the world, but some analysts say that the changes that are expected to come are far, far more than that has occurred over the last 30 years.

As for me, I foresee a world that has become more dependent on the net for conducting daily activities. I foresee greater use of handheld devices for ease and speed. More people will resort to their Kindles to read books. Children will learn their lessons from their virtual teachers; take piano tuitions from the net, practice chess with online opponents. Doctors will check patient’s record on their hand held devices and prescribe medicines that patients can order through their phones or laptops. The net will be indispensable for learning, socialising, banking, managing homes and office as well as ensuring the security of organizations and even nations!

With such a hike in online activities, can cyber crooks and hackers sit back? This is what McAfee Labs had to report on the threat scene for 2013 – “McAfee Labs expects that threats to mobile devices will become even more of a focus of cybercriminals, the influence of the hacktivist group “Anonymous” will decline, and large-scale attacks that attempt to destroy infrastructure will increase. Cybercriminals and hacktivists will strengthen and evolve the techniques and tools they use to assault our privacy, bank accounts, mobile devices, businesses, organizations and homes”

There, we have it – in plain and simple language. For us individuals, it means that we can confidently expect more malware targeting our smartphones. As the smartphone has become the gadget of choice and has gained the status of “Necessity” from its present status of a “Comfort”, it will do well to remember that the hackers too will choose it as their preferred hunting grounds.

So, what’s the solution? Do we avoid the smart phone or the Internet? And go back to the old -fashioned ways of physically tackling every task? Do we stop buying Internet – enabled devices for our kids, fearing for their safety? Or do we impose a carpet ban on the net itself?

That would be quite regressive, don’t you think and against the grain of progress and development?

The solution is very simple actually. It comprises of a few simple steps that will ensure you stay safe when online:

1)      Secure your devices with the latest comprehensive security software – including all gaming devices and phones with Internet facility. The software for your mobile phones should offer anti-theft, anti-malware/antivirus, app protection and web protection.

2)      Use strong passwords for all access ports and change these frequently. Don’t stay logged in longer than necessary.

3)      Check and verify links and apps before downloading them

4)      Keep geotagging/Bluetooth/Webcam/apps permission turned off and turn them on only when needed.

Remember, it’s the little precautionary steps that can go a long way in keeping you and your near ones safe online while allowing you the freedom to enjoy the benefits of the net.

Here are some recommended readings for further information on how to safeguard your devices and stay safe online:

How Do I Keep My Kids Safe On iPhone?

What’s on Your Phone? A Lot More than You Realize

Happy surfing people!

There has been a great explosion of chatter in the last day around Anonymous’ “Operation Last Resort” (a.k.a. #OpLastResort).

The entities behind the various “official” communications around this operation have a sense of humor that we must point out (especially because if you don’t catch it, you will end up wiping your disk).

Background

In typical fashion with these events, some data suggests that the whole thing (or at least the leak) is a hoax. Regardless of what data resides in the leaked files, it is apparent that someone is having fun, via the embedded scripts in the USSC site. (See the Update section, below, for details on the Konami scripts.)

Anonymous has infiltrated specific US government systems in response to the “killing” of Aaron Swartz, who committed suicide on January 11. According to various posts and other communication channels, the operation is also tied to Barrett Brown and the law-enforcement actions against him. Ussc.gov (and others) have reportedly been compromised, and various caches of sensitive data have been exfiltrated. The first round is a .rar file (composed of multiple raw downloads). Details on how the compromise or breach took place are not clear or reliable. It is likely (though unconfirmed) that part of the initial intrusion was via SQL injection. Based on phrases in the official videos, RATS or other temporary “leakware” may have existed on compromised systems, and have been subsequently removed by the attackers. Reports suggest that the contents of this leak pertains to various U.S. Supreme Court Justices.

The file set includes an official promo video for the operation, as well as a statement:

"Still there is nothing quite as educational as a well-conducted demonstration...

Through this websites and various others that will remain unnamed, we have been 
conducting our own infiltration. We did not restrict ourselves like the FBI to one 
high-profile compromise. We are far more ambitious, and far more capable. Over the last 
two weeks we have wound down this operation, removed all traces of leakware from the 
compromised systems, and taken down the injection apparatus used to detect and exploit 
vulnerable machines.

We have enough fissile material for multiple warheads. Today we are launching the 
first of these. Operation Last Resort has begun... Warhead-US-DOJ-LEA-2013.AEE256 
is primed and armed. It has been quietly distributed to numerous mirrors 
over the last few days and is available for download from this website now. 
We encourage all Anonymous to syndicate this file as widely as possible.

The contents are various and we won't ruin the speculation by revealing them. Suffice 
it to say, everyone has secrets, and some things are not meant to be public. At a 
regular interval commencing today, we will choose one media outlet and supply them 
with heavily redacted partial contents of the file. Any media outlets wishing to be 
eligible for this program must include within their reporting a means of secure 
communications.

We have not taken this action lightly, nor without consideration of the possible 
consequences. Should we be forced to reveal the trigger-key to this warhead, we 
understand that there will be collateral damage. We appreciate that many who work 
within the justice system believe in those principles that it has lost, corrupted, 
or abandoned, that they do not bear the full responsibility for the damages caused 
by their occupation.

It is our hope that this warhead need never be detonated."

This release is the referred-to “warhead”–specifically “Warhead-US-DOJ-LEA-2013.AEE256.” The “trigger key” referred to in the video is the decryption key for the content. Anonymous also indicated that they will, at some interval, release heavily redacted previews of the decrypted content. As of this writing, these have not emerged. We have, however, seen some fake decryption keys making the rounds.

Now, back to the “humor” that I alluded to earlier in this post. Some of the releases around this operation contain the following handy instructions:

If you did not catch it, at the end that’s an “rm” with force and recursion starting at the root.

What else does this operation entail? It is said that a Twitter-Storm campaign will commence on January 25.

"BEGIN THE MESSAGE OF ATTACK on January 25th at 11:59 PM EST"

Full details on this part of the operation are detailed in some of the groups PADs. This will be an interesting operation to pay attention to during the next few days.

What will the next warheads be? When will we start to see decrypted content from any of the warheads circulating? How will various governments react?

Stay tuned.

Update, January 27

The USSC.gov site is still compromised. A special surprise (via embedded JavaScript) awaits those who  recall some of the old Nintendo/Konami codes. Through a series of keystrokes, a script will let you fly various objects around the page, view fireworks, and more.

Upon execution, the script provides some on-screen controls, and you can even control the various objects (including Nyan Cat) via the arrow keys.

Here’s an image of the global distribution of active botnet control servers:

Topping the list of countries hosting active control servers is the United States.

Here’s the list of top 10 countries hosting active command servers:

1. United States – 631
2. British Virgin Islands- 237
3. Netherlands – 154
4. Russia – 125
5. Germany – 95
6. Korea – 81
7. Switzerland – 77
8. Australia – 63
9. China – 48
10. Canada – 38

I think people are starting to pay more attention because the media is paying more attention – and focusing on the subject a bit differently than it had in the past.  Today, it seems that instead of focusing on the dramatic after-effects of poor Internet security, the media seems to be staying on top of the trends and reporting the news in a way that educates and prepares the public.  I’m especially pleased because providing proactive education is really the lifeblood of McAfee. 

Then, I got the call to share some of McAfee’s predictions with ABC 7 News, KGO-TV, San Francisco.  It was great.  The reporter, Dave Louie, did a very good job extracting the key points from the Threat Predictions Report, asking very relevant questions, and developing the story around some predicted mobile threats.  You see, according to our researchers, some of the most destructive threats to consumers will hit them where they practically live and breathe:  on mobile phones and tablets. 

The story included excellent background on the rise of Internet threats and then focused on the latest mobile malware and how some very common user behavior can result in the propagation of big problems.  The new target is the mobile device with near-field communication (NFC) that can now be used as a payment device with a simple swipe.  Mobile malware enables the bad guys to then tap into the bank account being accessed by the device – making it easy to steal money and information via tap-and-pay NFC.

And, this same type of malicious code will soon be used to spread the infection whenever it reaches proximity to another mobile device – being called “bump and infect.” The infection just moves from mobile device to mobile device – especially easy to accomplish in very populated places like malls and concerts.  It’s a vicious and malicious cycle.

The ABC 7 news report focused mainly on mobile worms and tap-and-pay, but touched on the McAfee Labs’ prediction around mobile phone ransomware “kits” that allow criminals without programming skills to extort payments from unprotected users. 

Short interviews and news stories like this one provide very easy-to-digest bits of information to help raise awareness about what users can do to stay protected.  To get more details about mobile threats and what else is on the horizon – like large scale network attacks and hacking as a service – take a look at the 2013 Threat Predictions Report.

Cyber criminals are no dummies.  If it is easier to attack from the inside, why not innocuously get inside first, then launch your attack.  Intrusion prevention systems (IPS) are tuned to look for outright attacks in the network flows coming into the infrastructure.  They do not usually look for attacks originating from the inside.  Delivering a malware file, especially to an IPS that is looking for attacks and not file delivering, is not typically seen as malicious.

Delivering an unknown payload into an infrastructure is actually easier than delivering a known payload.  Why?  Most security products focus on finding things they know to be bad – looking for known patterns of malware is exactly what pattern matching is all about.  Recompiling a malicious payload after some minor adjustments often obscures the pattern, meaning the payload is unknown and passes through the defenses.

It pays to be patient.  Security products typically do not have a long attention span.  Though stateful, firewalls hardly spend more than a second making a determination about a flow before moving on to the next flow.  IPS solutions, traditionally, may spend a little more time on flows they examine, but we are still talking about seconds.  So malware that installs, but patiently waits for minutes, hours or even days will typically evade any stateful behavior monitoring by network security.

Taking these things into consideration, not only are targeted attacks becoming the choice for cyber criminals, but delivering a malicious file that can launch its nefarious activities from the inside the defenses is on the rise.  Malware fits this trend, and in fact, the overall threat trends (see the 2013 Threat Predictions, by McAfee Labs) show that malware is on the rise.  Fortunately, paying attention to the trends, McAfee Network Security Platform is poised to defend against malware in ways no other IPS can.  Stay tuned to find out more.