ENDPOINT DETECTION
AND RESPONSE
The world is in a constant state of flux, and technology is no different.
The cloud has changed our lives in immeasurable ways, from the rise
of e-commerce to enterprise-based solutions that billions of individuals rely on daily.
As we start off a new year, it’s time to look at new security.
Technology advances daily and cyber criminals find new ways
to exploit these changes and compromise company data.
As the threat landscape has shifted over time, so too have
security needs for networks. Because of this shift,
Endpoint Detection & Response has emerged and is
expanding anti-virus into a whole new realm.
What do these items all have in common?
These items represent clear and present dangers to your network, business, and personally identifiable information. For many years, anti-virus solutions were the major players protecting your systems. Everything modern anti-virus can do, EDR takes a step further providing security and peace of mind.
What you need to know about EDR versus traditional anti-virus:
Anti-virus and EDR compete for resources. It is only recommended to run one or the other on each system.
EDR can do everything your existing anti-virus can do, but takes things a step further and detects more threats. EDR can be managed by the JTC Engineers without requiring input from your staff.
Most anti-virus solutions operate on traditional virus signatures being updated, leaving a gap in coverage between when the virus is discovered and when anti-virus begins protecting your system against the new threat, making it a reactive approach. EDR is proactive and uses integrated machine learning and advanced AI to identify suspicious behaviors and address them even before there’s a signature. For example, if multiple files on your system change at once, chances are it’s more likely a result of an attack rather than user error.
While anti-virus does a great job of preventing malware, cybercriminals can attack endpoints via other methods that would not be stopped by traditional anti-virus.
Here are five types of attacks that may slip past traditional anti-virus:
• Polymorphic malware
• Weaponized documents
• Browser drive-by downloads
• Fileless attacks
• Obfuscated malware
Now, more than ever, we are seeing insurance carriers require EDR products be deployed before they will provide cyber insurance, as well.
EDR offers ransomware rollback, which might be the greatest value of all! This feature uses advanced technology to take snapshots of the system at regular intervals. If ransomware hits, it only takes JTC Engineers a few clicks to roll back your disk image to a previous point in time, helping save significant time and reduce data loss.
As the threat landscape continues to evolve and change, JTC is excited to offer EDR to further protect your network.