When millions of Americans shifted to work-from-home arrangements due to the coronavirus, it exacerbated one of the most troublesome aspects of cybersecurity — endpoint protection. With employees now using a multitude of devices such as smartphones, laptops, tablets and desktops to access the corporate network, IT security pros are left to deal with multiple new attack surfaces.
The fact is that organizations were already struggling to manage and secure the increasing numbers of endpoint devices being used in the workplace. Although almost a quarter of the entire global IT security spend is being allocated for endpoint security solutions, research shows that 70 percent of breaches still originate at the endpoint.
To address this growing threat, more organizations are implementing endpoint defense and response (EDR) solutions that combine real-time monitoring, behavioral analysis and automated response capabilities todetect and stop emerging threats such as fileless malware, PowerShell attacks and destructive ransomware.
Verteks will explore how EDR solutions such as WatchGuard Panda Adaptive Defense boost your security posture in a webinar scheduled for 11 a.m., Thursday, July 23. Click here for more information and to register.
Exploiting Complexity
Rising complexity associated with increased numbers of devices have contributed to endpoint security threats. According to one recent study, the typical business uses an average of 750 network-connected devices such as smartphones, laptops, tablets, desktop computers, printers and point-of-sale terminals. Another study finds that companies use an average of 10 security agents for each device in order to thwart more than 5,000 common vulnerabilities and exposures (CVEs).
All of these devices create a significant management burden. They all must be discovered by the network, maintained with firmware updates, security patches and configuration changes, and eventually retired at end-of-life. IT professionals are hard-pressed to keep a handle on everything — nearly a third say they don’t even know how many endpoints are in use in their organizations.
Attackers are increasingly exploiting endpoint complexity to gain access to corporate networks using a technique sometimes known as “pivoting.” Once an endpoint is compromised, the attack pivots to other critical data sources on the same network. In this way, attackers can maintain persistent access while circumventing network controls such as firewall rules and network access restrictions. To most conventional antivirus solutions, this lateral movement looks completely legitimate.
Beyond Virus Signatures
EDR solutions such as Panda Adaptive Defense use machine learning and continuous monitoring to identify stealthy threats that lack the usual clues and artifacts of an infection. Unlike traditional signature-based tools that rely on known virus definitions, ML-based tools “learn” what malicious files looks like based on a variety of traits. This enables them to find zero-footprint malware with far greater speed and accuracy.
With most organizations becoming increasingly reliant upon their remote workforce, endpoint security has never been more important. Traditional protection measures aren’t sufficient because they don’t provide adequate visibility into the processes and applications running on endpoint devices. Please make plans to join us on July 23 for our webinar to learn more about Panda Adaptive Defense and the overall benefits of EDR solutions.
