by Bharat Mistry
We’re only in the second month of the year and already the threats are coming thick and fast. Just in the past week we’ve heard of a major breach at two popular gaming forums and a ransomware attack which crippled the police CCTV camera network in the US capital. This tells us that the endpoint, frequently the first target in such attacks, must be better protected as we head through 2017. But it can be hard to cut through the marketing hype in such a crowded marketplace.
That’s why Trend Micro is delighted to have been placed highest and furthest in the Leaders quadrant in Gartner’s 2017 Magic Quadrant for Endpoint Protection Platforms (EPP).
A new era
There’s no doubt that cyber threats are growing in volume and sophistication. Trend Micro blocked in the region of 80 billion for our customers last year alone. The endpoint is often the first port of call for attackers looking to breach systems. But it can be tough defending against the wide variety of tools and techniques employed by the black hats: malicious files and scripts, macros, exploits – the list goes on. Some can be stopped with traditional signature-based detection, but some are designed to be smarter and harder to detect.
The bad guys are getting better all the time at designing threats to circumvent security filters. In our 2017 predictions report, The Next Tier, we state that targeted attackers will develop new and unexpected techniques to do so this year – possible involving sandbox detection, and VM escapes.
It’s not just the traditional desktop and/or mobile computing environment that we must protect, either. Organisations must look to their servers, whether located in the datacentre or the cloud. This can be challenging, especially as many IT security teams will be relying on a mixture of tools to do so, all managed from different locations. It not only places a greater burden on your staff but leads to gaps which threats can slip through, and performance issues which can slow systems down.
That’s why you need a comprehensive endpoint security platform that blends multiple threat protection techniques, and works across all parts of the IT infrastructure, from desktop to cloud server.
It doesn’t get better or more comprehensive than Trend Micro’s offering in this space. Gartner referenced our “ability to execute and completeness of vision”. That’s also been borne out in the past by high scores in competitive benchmark tests. Our endpoint platform is based on a cross-generational approach to security we call XGen. It combines multiple layers of protection designed to offer as comprehensive an array of security filters as possible.
Signature-based detection to stop most known threats.
Exploit prevention including host-based firewalls; exploit protection; intrusion prevention; lateral movement detection.
Application control/whitelisting to block the installation and execution of any executables that aren’t approved applications or dynamic link libraries (DLLs). Can prevent zero days.
Investigation and forensics/Endpoint detection and response (EDR) which records and reports on system-level activities in order to appraise nature and scale of an attack.
High fidelity machine learning to analyse files before execution and at runtime for greater accuracy. It also features “noise cancellation” capabilities to reduce false positives.
What’s more, this range of capabilities is also available to protect server endpoints in the datacentre and cloud, all from a single console for maximum efficiency. And the right technique is always chosen at the right time to ensure it doesn’t slow down corporate systems. It’s the best way to stay protected and accelerate compliance, as we enter a new era of advanced, highly persistent and wide-ranging threats.