Standard vs “NextGen” Endpoint Protection
During 2013 a new crop of software companies emerged within the security industry space promising a new and different way to protect workstations and servers from malware and emerging threats. They were abandoning the existing virus signatures approach to detection and focusing entirely on file analysis, program behavior and machine learning. Using a combination of hash identification, mathematics and sophisticated AI, these new endpoint security brands were set to change the world.00
So. Did they? Yes and No.
The expectations and goals for the IT decision makes regarding exactly what type of product to install on servers and workstations have certainly shifted. Combining a fear of being caught with outdated security and a belief in out-of-the-box
YES: Without question some of the new technology brought forward by these companies has forever altered the security landscape PCs, servers and networks. This especially true in the area of Endpoint Detection and Response (EDR), where each of these organizations first cut their teeth. We now have deeper, real-time insight into the specific behavior and damage inflicted from some of the today’s most dangerous zero-day malware, fileless infections and APTs.
NO: Truth be told, many of the traditional endpoint protection products had included features like advanced heuristics and machine learning for several years. These brands just did not define themselves by this functionality, or craft a marketing message that suggests that newer, “nextgen” practices are the only way to go. Industry veteran security software still believe a layered defense (including some signature-based detection) is the best overall approach.
End result
Most of the endpoint protection solutions on the market today are more of an amalgamation of several perceived “NexGen” technologies along with many traditional detection and prevention methods. The old guard has stepped up to add more advanced features that align with the new kids on the block, while the freshman players have injected some older, proven security processes – reluctantly admitting that these other layers still serve a purpose. There is also emerging technology just now finding its way into commercial software applications and soon to be part of the mix. In the end, we have a better overall crop of EPP solutions that offer significantly more protection from emerging threats.