Enhance cybersecurity awareness and survivability for DoD, industry partners, and academia in the face of the ever-increasing threat of cyber attacks. Cybersecurity (CS) includes managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes, including analog and physical form. CS includes information availability, identification and authentication, confidentiality, integrity, and non-repudiation as well as the economic considerations with respect to selection of CS techniques, CS processes, and industry trends.
Threat Detection & Endpoint Protection
I am currently looking at endpoint protection solutions providers and two different products have my attention.
One product introduces virtualization (or sandbox) where threats detected on a system reside (i.e. if a user has malware installed in a drive by attack) and is subsequently reviewed by some type of engine that cross references known threats. Should the threat not be known it’s then escalated to a senior team of security professionals who dig deeper.
The other solution leverages an endpoint protection with a custom monitoring service (24/7). Other features are also available that record activities and observe user behavior. Endpoints report activity to the cloud services that’s monitored by security processionals.
While both solutions seem to work I am leaning towards the latter as our internal teams are pressed for time and may not have the deep security knowledge needed to create remedial actions on threats (oh we are also SMB).
You must be logged in to reply to this topic.