Everybody seems to be buying into the concept of doing more with less, but how can we apply that to endpoint security? Apply zero trust principles WITHIN endpoints.

Industry analysts say that enterprises rely solely or mostly on detection-based cyber defense technologies. Their reports also demonstrate why detection-based tools alone are not enough. Breach volume increased 33% from 2019 to 2020 to 5,258 following a 96% increase from 2018 to 2019, per the Verizon DBIR. Mandiant’s 2020 cyber incident investigations found that 65% of the organizations did NOT discover the attack within the first week. Machine learning did not magically fill these costly detection gaps. The remainder of this blog focuses conceptually on why detection is missing the mark. It concludes with a brief introduction of what the enterprise needs and the steps to get it.

Recent high-profile and widespread cyberattacks on local, federal, and national government entities have disrupted people, economies, and critical national infrastructure across the globe. These attacks are often reminders that reactive technologies that detect the presence of malware and then attempt to remedy the harm are no match for today’s sophisticated attacks. Antivirus and other detection-based methods fail because they attempt to monitor and parse almost infinite volumes of detection and indicator of attack data, requiring more tools, more personnel, and more skills. AppGuard is different.

Zero-day attacks are difficult but not impossible to defend against. This paper outlines the zero-day attack threat and why traditional endpoint protection tools are ineffective at  protecting against these attacks. Find out how the Microsoft Exchange Server attack unfolded and the steps you can take to prevent becoming a victim to zero-day attacks.

The recent SolarWinds supply chain attack serves as a strong reminder that we are all part of someone’s supply chain, and every chain has a weak link. This paper outlines how supply chain attacks unfold and the steps you can take to prevent becoming a victim of the next supply chain exploit by adopting a zero trust solution.

Cyber Security Associates (CSA) provides cyber consultancy and cyber managed services to detect and protect organizations from today’s ever-changing cyber threats.  Their core services are based around a 24/7 Security Operations Centre (SOC) in Gloucester.

Maiden Lane Medical provides patient-centered healthcare based on an in-depth understanding of each patient’s unique and evolving medical needs. With seven locations and over 100 medical professionals, it is critical that their sensitive customer data is never at risk, and their systems are up and running 24/7. Being down for any length of time has a significant impact on revenue and costs, as well as puts lives at risk.

Major global airline with approximately 50,000 employees that transports about 7,000,000 passengers around the world per year. Critical infrastructure must be operational 24×7 to avoid major financial losses. A cyber breach could jeopardize passenger lives, harm reputation, and significantly impact revenue.

If you’re a small or medium size business and think you are not big enough to be a target for cyber criminals, think again. According to Ponemon Institute, 63% of SMBs experienced a data breach in 2019. That’s because hackers are opportunistic – they realize that SMBs typically have fewer, less trained resources dedicated to fighting cyber adversaries and are more likely to pay off ransomware demands without the resources to remediate. Staying ahead of malicious actors is difficult, especially for small and mid-sized companies. Unfortunately, that challenge is even greater now that the COVID pandemic has altered the way we conduct business.

Microsoft provides a broad range of security protection and detection capabilities that protect endpoints from a wide spectrum of threats. The company’s anti-virus, Microsoft Defender, included free in every version of Windows, and Microsoft Defender for Endpoints, a full-blown Endpoint Detection and Response (EDR), are widely deployed. But, even the best threat identification technologies (e.g. NGAV and EDR) cannot find and stop fast-striking, well obfuscated, or new malware, leaving a dangerous time gap.