If there’s one term that vendors love to attach to their security solutions, it’s “next-gen.” This is especially true for endpoint security products, which are routinely marketed as next-gen, or simply as “game-changers.” Some of these vendors may feel their solutions qualify for next-generation status because they include behavioral detection elements or some degree of machine learning, while still others claim to offer cloud-based protection. But scratch the surface of these claims and it becomes clear that most are reworked versions of the same old platforms that powered the first generation of endpoint protection platform (EPP) solutions. And while some may incorporate one or two newer methods, the majority still rely on dated techniques such as signature-based threat detection and obsolete architecture designed for on-premises delivery.
It Takes More Than a Few New Features
The bottom line is that it takes more than a few new detection features to qualify an endpoint security solution as next-gen. To truly deserve that label, a product needs to offer the complete package, delivering the kind of anticipation, prevention, detection, visibility and intelligence capable of beating the most determined attackers — and defeating them repeatedly. Decision-makers interested in finding such capabilities should insist the solution they choose has the following essential elements:IT Hygiene
As outlined in a previous CrowdStrike® blog, IT hygiene is a foundation block for efficient security that allows you to identify and close gaps in your environment. It does this by providing the visibility and information your security and IT teams need to implement preemptive measures and make sure you’re as prepared as possible to face today’s sophisticated threats. As recent cyberattacks illustrate, out-of-date and unpatched applications, credential abuse and employing stolen credentials are key attack vectors. The ability to discover, patch and update vulnerable applications and monitor login activities can give you a tremendous advantage over attackers.Next-Generation Antivirus (NGAV)
Traditional antivirus (AV) solutions boast of up to 99 percent effectiveness, but a gap of just one percent means 100% probability of a breach by adversaries using either known or unknown malware. That’s why NGAV can be an important tool, though finding the right solution can be challenging. A recent blog on this topic outlines the four steps to choosing the right AV replacement. Among those steps is verifying vendor claims. Organizations should be wary that some vendors claiming to have behavioral analytics capabilities offer solutions that focus exclusively on indicators of compromise (IOCs), which are only present after an attack has occurred. Effective NGAV must also look for indicators of attack (IOAs) that identify active attacks and allow you to stop an event before damage is done. For more information, read “Understanding Indicators of Attack (IOAs).”Also, get practical tips on what to look for in a next-gen antivirus solution by downloading the "Guide to AV Replacement: What You Need to Know Before Replacing Your Current AV."