Today, at McAfee's May 15th Investor Day meeting in New York City, McAfee announced they will acquire Solidcore. Through this acquisition, McAfee will expand its reach into new markets, secure new platforms and strengthen its hold as the leader in the $6 billion endpoint security market.

By continuing to innovate, McAfee is staying one step ahead of customer needs and competitive offerings. With McAfee and Solidcore joined, we will bring together best-in-class technologies and extend the current McAfee security portfolio beyond signature-based anti-malware. McAfee will combine dynamic whitelisting and application trust technology with leading McAfee antivirus, antispyware, host intrusion prevention, policy auditing and firewall technologies, to help customers more readily mitigate the risks associated with vulnerable or malicious applications downloaded by employees.

For more information, please visit the McAfee acquisition web page.

Let's face facts it is a competitive market out there and as times get rough there are those who aim to make noise in the market with oversell. Whitelisting as a general technology is an alternative and positive approach to providing protection to endpoints and devices. But as the common saying among Security Professionals go - the only really secure system is one that is turned off. This claim would be true only if the unparalled protection was compared to no attempt at endpoint protection at all or doing nothing.

Another false claim is that whitelisting alone provides some sort of system lock-down. This would be like saying having a closed campus for high school is the same experience as a correctional facility.  It may have seemed like it for me when I was in high school but as any resourceful teenage can prove it's not hard to be creative and find ways to come and go on campus without detection.

Full endpoint security or lock-down is more than just whitelisting. SC Magazine recently reviewed endpoint security solutions in a group test. The test looked at the following features

• System Security: antivirus/spyware, firewall capabilities and encryption
  

• Port Management: blocking the ability to add devices or read\write data to and from USB/CD/DVD/wireless devices 
• Host Intrusion Protection: blocking registry changes, privilege escalation, copy/paste features and kernel event management
  

Solidcore provides both application and configuration whitelisting but our technology also has the ability to actually lock-down systems providing Runtime Control. Host intrusion protection and read/write protection of critical data on the systems does not come with standard whitelisting solutions. Port management is considered a key feature to endpoint security to minimize the unauthorized data access, installation or tampering of pre-set communications on the system. Again application whitelisting alone will stop any new code but won't provide data protection.

Even though we did not participate in the endpoint protection test we have gone through independent testing with NSS Labs verifying our claims on being able to provide 100% system integrity.