Endpoint Advanced ProtectionBy Mike Rothman
Innovation comes and goes in security. Back in 2007 network security had been stagnant for more than a few years. It was the same old same old. Firewall does this. IPS does that. Web proxy does a third thing. None of them did their jobs particularly well, all struggling to keep up with attacks encapsulated in common protocols. Then the next generation firewall emerged, and it turned out that regardless of what it was called, it was more than a firewall. It was the evolution of the network security gateway.
The same thing happened a few years ago in endpoint security. Mostly because they didn’t have any other options. Organizations were paying boatloads of money to maintain endpoint protection, because PCI-DSS required it. It certainly wasn’t because the software worked well. Inertia took root, and organizations continued to blindly renew their endpoint protection, mostly because they didn’t have any other options.
Enterprises seem to have finally concluded that existing Endpoint Protection Platforms (EPP) don’t really protect endpoints sufficiently. We feel that epiphany is better late than never. But we suspect the catalyst for this realization was that the new generation of tools simply does a better job.
The Endpoint Advanced Protection (EAP) concept entails integration of many capabilities previously only offered separately, including endpoint hygiene to reduce attack surface, prevention of advanced attacks including memory attacks and malware-less approaches, and much more granular collection and analysis of endpoint telemetry (‘EDR’ technology).
This paper discusses EAP and the evolution of the technologies are poised to help protect endpoints from consistently innovating adversaries.
We’d like to thank Check Point Software Technologies for licensing the content. We are able to offer objective research built in a Totally Transparent manner because our clients see the benefit of educating the industry.
You can download the paper (PDF).