Solving Security
Endpoint/End User Protection
Essential
Anti-Malware
Why it’s needed:
Stops traditional and advanced viruses, trojans and worms.
Device Control
Why it’s needed:
Reduces the Attack vector by limiting or eliminating unknown or unwanted peripherals from being connected to Laptops, Workstations and Servers.
Application Control
Why it’s needed:
Limit the usage of un-needed or un-approved applications that may have security vulnerabilities or potentially be spyware supported freeware.
Machine Learning
Why it’s needed:
The threat landscape not only continues to evolve, but threats themselves can evolve and morph to evade detection. Machine learning understands how threats operate, what fits into normal operating parameters with the machines, when something that’s unknown does something out of the ordinary, and reviews to see if it has the signs of malicious code.
Advanced
Two Factor Authentication
Why it’s needed:
Secures against weak passwords, password theft and brute force password attacks.
File-less Malware Protection
Why it’s needed:
Stops Atom Bombing, Code Caving, Malicious PowerShell Scripts.
Data Leak Prevention
Why it’s needed:
Prevent small to large amounts of data from being intentionally or accidentally removed from the network or to be able to alert appropriate staff when data is being moved to insure procedures are being followed.
Compliance
Threat Hunting
Why it’s needed:
A threat has been downloaded and propagated across the network. Once you identify that you have it on a machine, how do you insure that it doesn’t exist anywhere else on the network? Threat hunting looks for the unexploded code to clean it before it can launch, possibly has a new yet to be detected variant.
Endpoint Detection and Response EDR
Why it’s needed:
Additional detection capabilities are needed to identify the most advanced threats that Anti-Malware cannot see or partially detects and quarantines.
SIEM for Endpoint
Why it’s needed:
Forensically identify what threats did, all the pieces of a threat as well as any external communication or data ex-filtration.