Maximizing Endpoint Security

There are many more endpoints than fortified servers in the data center, and they are staffed by non-technical users who present softer targets for today’s attacker. Attacks are continuously sprayed at every endpoint and if any one of them is successful then lateral movement is next. The traditional defense at the endpoint has been signature-based anti-virus which has proven inadequate in the current threat landscape. Aside from efficacy, there is also the problem of visibility, of detecting the kill chain, and of course the pervasive shortage of skilled staff required to administer such solutions. This leads to teams being reactive and resorting to re-imaging the endpoint as the first and only remediation. Endpoint Detection and Response (EDR) technology was initially conceived to address the post-breach visibility requirement but has evolved to provide top quality prevention as well.