BLOG

3 min read

Modern Endpoint Security & EDR

Mar 6, 2020 12:58:37 AM

Prevention, Detection and Response - Do You Have Gaps In Your Security Architecture? 

The importance of endpoint security continues to be prevalent in today's threat landscape as 70% of all breaches are found to have originated from the endpoint. More than 42% of endpoints experience encryption failures, 75% of organisations state their IT security team are not able to respond to security incidents aptly and quickly. Therefore Endpoint security plays a very significant role in securing your systems and data. It can prevent data loss, stop the execution of malware opened by negligent employees and protect against malicious traffic. 

Prevention is not enough

Whilst security software provides ample defence to your architecture, it can be a challenging feat to prevent all breaches and attacks on your network. Today's sophisticated and targeted attacks are often designed to bypass traditional anti-malware solutions. This is where Endpoint Detection and Response, or EDR, becomes crucial. EDR is a cybersecurity technology aimed at detecting and removing malware or other suspicious activities on your network and endpoints. These solutions supplement the traditional approach and provide significantly more visibility across all your endpoints. 

According to the Mordor Intelligence industry report, the EDR market is expected to reach USD 4,234.64 million by 2025. There is an increasing number of enterprise endpoint attacks such as the 2019 Hong Kong Amnesty International office incident and the ransomware attack on 'Doctors' Management Service' which compromised its patient data. These crises, along with digitisation and the move to IoT reaching 25.1 billion connections by 2025, are increasing the demand for incident response services. The healthcare industry has been one of the biggest targets of cyberattacks as patient information can be worth a significant amount of money for attackers. Asia Pacific witnessed the highest growth in its EDR market. 

DriveLock Endpoint Detection & Response (EDR)

EDR is a must for modern enterprises to effectively protect their network architecture from rising cyber threats. 

Monitor Endpoints in Real-Time

DriveLock's EDR solution comprehensively and continuously conduct real-time monitoring of endpoints. This means you can view all potential threats on your endpoints both online and offline. This monitoring means that over 600 different events are detected, correlated and evaluated. The data can provide you with an invaluable insight into both the strengths and vulnerabilities of your network in order for you to predict, defend and strategise more effectively.

Detect Threats

Flexible and extendable EDR rules provide visibility across all endpoints, including applications, processes and devices in use. This advantage supplements the traditional technology which relies on signature-based solutions in identifying threats. EDR allows your IT security team to better comprehend potential threats and defend your network accordingly. 

Respond to Incidents

DriveLock EDR provides automated alerts and flexible response options on the endpoint after a security incident, both online and offline. This includes, as well, defensive reactions including the shutdown of certain processes.  

Response capabilities

  • Run a PowerShell-Script
  • Batch-Script
  • Command Line Execution
  • Show Security Awareness Campaigns
  • Take a picture with the webcam 

From prevention to comprehensive defence and response to security incidents. For a holistic cybersecurity architecture, try DriveLock now free for 30 days

 

Alma Pranoto
Written by Alma Pranoto

Featured