Malware co-developed almost simultaneously with the advent of the Information Age.
Creeper, the first known computer virus, was developed in 1971, just three years after the creation of the ARPAnet. Creeper would not look unfamiliar to a modern information security professional. It spread unchecked through the primitive internet, displaying the text “I’m the Creeper. Catch me if you can!” on affected mainframes.
Shortly thereafter, a different program—Reaper—was developed. Its only purpose was to delete Creeper. It was the first antivirus software. From that playful beginning, malware detection and interception developed into its present-day arms race.
Today, endpoint protection has moved far beyond basic malware scanning—it’s now a commodity of information security.
In 2016, the clean line we’ve drawn between the world we live in and the one we work in is blurring. The glut of mobile devices in the workplace and new corporate policies allowing employees to access secure corporate networks with their own phone or tablet only further muddy the water.
Add to that the advancement of cloud computing and the evolutions of distributed systems, data, and networks, and you’ve got a flood of security challenges for IT professionals.
Organizations use endpoint protection to control ports and devices, for its antivirus and firewall capabilities, to enforce compliance policies, and to prevent end-users from installing programs that they consider insecure. Many products also cover laptops and cellphones. Yet more variants of endpoint protection bundle in data loss prevention and vulnerability scanning.
Basically, endpoint protection means different things to different people, and there’s no standard definition in place, which can make shopping around for endpoint protection a complicated undertaking.
The good news is that if you need endpoint protection, there’s a thriving and competitive marketplace awaiting your custom.
Today, the endpoint security market is mature and full of vendors capable of meeting the basic requirements of a typical customer, but the door is still wide open for innovation from players both old and new. 2016 has the potential to be a year of big changes for endpoint security, so here are my top sixteen vendors to watch, presented in alphabetical order.
Bitdefender’s GravityZone Security for Endpoints delivers centralized management and deployment under the umbrella of various virtualization vendors, cloud providers, servers, desktops, laptops, and mobile decides. It is a modular solution that supports licensing for what is obligatory for your business and a specific number of units. It also includes a two-way firewall, intrusion detection, and application control capabilities, which helps to simplify security operations, and can act as a turnkey to accelerate rollout through Active Directory.
Massachusetts-based Carbon Black develops endpoint security software that detects malicious behavior and prevents malicious files from attacking an organization. Software consistently records all endpoint activity making it easy to track potential security threats and determine root causes. Carbon Black offers custom API’s, giving IT teams the ability to integrate security capabilities from a variety of solutions. Carbon Black’s products offer response and detection capabilities that disrupt an attack cycle, and that go beyond protection to offer endpoint security.
ESET is headquartered in Bratislava, Slovak Republic, and offers software programs for malware detection and protection. Their Endpoint Security solution detects and blocks Trojans, adware, viruses, worms and other forms of malware, including emerging threats. The software includes a firewall, which can help block malicious traffic and prevent the accidental spread of malware. The anti-theft feature can help protect mobile devices and, in the event that a device is stolen, can lock down device or wipe it, ensuring that unauthorized persons cannot access information.
F-Secure Corporation is an online security and privacy company based in Helsinki, Finland. F-Secure Client Security is endpoint protection for PCs running Windows. Client Security offers proactive, heuristic protection against the latest emerging threats, complete with automated software updates, and continuous endpoint protection against known vulnerabilities.
Hailing from California, FireEye is renowned for having invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide, against the next generation of cyber-attacks. Most sophisticated cyber-attacks easily circumvent traditional signature-based defenses, so FireEye retaliates with next-generation firewalls, IPS, anti-virus, and gateways. FireEye platform utilizes a virtual execution engine, armed with dynamic threat intelligence, to quickly expose and obstruct cyber-attacks in real time.
Intel Security (McAfee)
McAfee offers advanced endpoint protection for large enterprises that includes behavioral anti-malware, smart scanning, and dynamic whitelisting, in addition to essential antivirus, antispam, web security, firewall, and intrusion prevention for desktops and laptops. Power and performance is centrally managed to protect employee productivity and keep administration simple.
The company’s Anti Targeted Attack Platform is a solution that enables businesses to detect attacks and other malicious actions by monitoring web, e-mail and network activity attacks at any stage. Suspicious events are processed with an Advanced Sandbox and Targeted Attack Analyzer for a final report. The technology provides an isolated environment for analyzing attacks and their intent. Platforms are available as an independent solution or in combination with expert services aimed at rapid incident detection and response.
Originally founded in 1985 as LAN Systems, the company’s endpoint protection software allows users to manage, update and protect critical data. LANDESK’s intuitive console integrates several security layers and enforces security policies on users and devices in the private or public cloud. Users can automate patch management and deployment, encrypt data and grant network access.
Palo Alto Networks
Based in Santa Clara, California and founded in 2005, Palo Alto Networks has combined network, cloud and endpoint security into one integrated platform that delivers automated prevention against cyber attacks. Palo Alto’s Traps™ endpoint solution focuses on the attacker’s core techniques and when the attacker’s path becomes known, the program blocks advanced attacks originating from executables, data files or network-based exploits.
Founded in 1990 in Bilbao, Spain, Panda Security Endpoint Protection Platforms embrace cloud delivery of security services. Their Collective Intelligence technology offers a security model that automatically analyzes and categorizes new malware offering effective protection against Internet threats with minimum impact on system performance. Panda Security´s portfolio of solutions include SaaS-based protection of endpoints, email, and web traffic, cloud-based systems management, as well as an integrated on premises endpoint protection platform. Additionally, all products are backed by tech support services.
RSA ECAT is endpoint threat detection and response solution that exposes targeted, advanced malware, highlights suspicious activity for investigation, and instantly determines the scope of a compromise to help security teams stop advanced threats faster. RSA ECAT’s unique behavioral-based detection identifies unknown, zero-day malware and compromises that other tools don’t see.
SentinelOne offers real-time endpoint protection driven by intelligent automation machine learning. Founded in 2012 in Mountain View, California, SentinelOne uses predictive execution inspection to monitor endpoints and detect unknown threats. The solution offers real-time forensics to deliver investigative capabilities much like “sandboxing” during a breach. The technology fully automates remediation, and removes threats.
Headquartered in the United Kingdom with offices around the globe, Sophos develops products for communication, endpoint protection, encryption, network security, email/mobile security and unified threat management. Products offer comprehensive security for users and data protection for desktops, laptops, mobile devices, data, web and even email, all with a single license.
Founded in April of 1982, Symantec has more than 21,500 employees worldwide working to provide information management solutions. Symantec offers a cloud-based, endpoint protection solution that monitors your computer for misbehaving programs and threats. When Threat Protection detects a file with a virus, it attempts to clean the file and if that fails, the program quarantines it.
Trend Micro Inc. is a global security software company founded in Los Angeles, California with global headquarters in Tokyo, Japan. Trend Micro endpoint security solutions ensure mobile and desktop protection against everything from traditional threats to the latest sophisticated targeted attacks. Defend against both virtual and physical endpoints with multiple layers of anti-threat capabilities that consist of four stages: prevent, detect, analyze, and respond.
Webroot is a private company founded in 1997 and headquartered out of Broomfield, Colorado. Webroot recently announced its BrightCloud Security Services, a new portfolio of services for enterprise-class businesses, including integration for Next-Generation Firewalls and SIEMs. Webroot Secure Anywhere Endpoint Protection works by classifying suspicious programs as malicious and rolling back all of the local changes made by the malware, making the agent lightweight and fast.
Now watch this: