Provides increased context for fileless threat detections and improved protection against fileless attack methods.

Includes Scan Cache improvements that utilize "Trust Scan" data to reduce duplicate scanning, significantly lowering CPU impact during full system scans.

Monitors and regulates all communication between the computer and the network or internet, blocking suspicious incoming or outgoing traffic.

McAfee Endpoint Security 10.7.0.1390.13: The Complete Protection Guide

ATP uses behavioral analysis and file reputation (via Trellix GTI) to decide how to handle unknown files. A standout feature in the 10.7 release is the Story Graph , which provides a visual representation of how a threat entered and attempted to move through the system.

Version 10.7.0 introduced several critical enhancements aimed at performance and visibility:

This is the primary defense engine that automatically scans files upon access and runs scheduled On-Demand Scans . It includes Antimalware Scan Interface (AMSI) integration to detect malicious non-browser-based scripts.