Gartner predicts that, by 2018, 25 percent of corporate data traffic will bypass perimeter security and flow directly from mobile devices to the cloud. As workforces continue to adopt mobile platforms, a growing amount of network traffic goes uninspected, increasing an attacker’s ability to communicate directly with a potential victim’s endpoint, thereby increasing the likelihood of a successful attack.
When it comes to Microsoft® Windows® systems, threat actors rely primarily on two attack vectors: malicious executables (malware) and vulnerability exploits in system or application software. A natively integrated next-generation security platform, equipped with advanced endpoint protection, arms organizations with a multi-method prevention approach that combines the most effective malware and exploit prevention capabilities to protect Windows systems from known and unknown threats.
Most organizations deploy multiple security products to their endpoints, including one or more traditional antivirus solutions. Given the increasing frequency and sophistication of the threat landscape, this approach is not able to prevent security breaches on the endpoint. Rather, advanced endpoint protection replaces traditional antivirus with a multi-method approach to true prevention that pre-emptively blocks malware and exploits, including zero-day threats. Advanced endpoint protection delivers breach prevention, contrary to breach detection and incident response after critical assets have already been compromised.
Native integration with a next-generation security platform also allows for the sharing of threat intelligence information, as well as for the automatic reprogramming and conversion of threat intelligence into prevention, nearly eliminating the opportunity for an attacker to use unknown or advanced malware to infect an endpoint on the system.
The network plays several roles in the lifecycle of an attack on the endpoint, including acting as a vehicle for the delivery of exploits and malware and as a conduit for exfiltration of data and credentials. A network security client can be used to maintain visibility and extend network security policies to all traffic. By stopping an attack in network traffic, organizations can reduce the attack surface by preventing malicious content, including exploits and malware, from ever reaching the endpoint.
To learn more, read the Securing Your Microsoft Environment whitepaper.
More Endpoint Protection Articles: