McAfee plugs in security at chip level

Deep Defender, which sits below the operating system to check for rootkits and APT attacks, is the first chip-level product from Intel-owned McAfee

Intel security company McAfee has announced its first products designed to work directly at chip level.

McAfee Deep Defender is designed to load before the operating system and detect malware. Threats including rootkits and persistent, stealthy attempts to access systems known as 'advanced persistent threats' are addressed by the product, according to McAfee co-president Todd Gebhart.

"Deep Defender sits below the operating system, looking at malware attacks on system components," Gebhart told ZDNet UK at the McAfee Focus event in Las Vegas on Tuesday. "This includes interactions between software, hardware and storage."

Deep Defender operates as a virtual machine, and works on McAfee's DeepSafe technology platform, which was announced in September. The product is designed to work on i3, i5 and i7 Intel processors and their chipsets, and promises to detect "virtually all current malware", according to Gebhart. Deep Defender is not chipset agnostic, said Gebhart.

Candace Worley, McAfee general manager of endpoint security, told ZDNet UK that Deep Defender would not stop the first phase of social-engineering attacks, such as phishing emails, being successful.

The bad guys won't be able to turn around tomorrow and work this out.

– Todd Gebhart, McAfee

"This technology is not going to preclude people making bad decisions about clicking on links," said Worley. "But it puts us in a better position by giving us a vantage point [in the system]."

In addition to Deep Defender, McAfee announced extensions to its ePolicy Orchestrator (ePO) security management tool. ePO Deep Command is designed for systems running i5 and i7 vPro processors. The product allows administrators to remotely switch on PCs to execute security tasks.

McAfee believes it has stolen a march on its adversaries with its DeepSafe products, according to the company's co-presidents. "The bad guys won't be able to turn around tomorrow and work this out," said Gebhart. "There is no question, though, that McAfee doesn't believe bad guys will start working on this straight away."

Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.