Professional Documents
Culture Documents
Endpoint Security
Realizing the Potential of Next-Generation Endpoint Protection
Contents Introduction
Preventing zero-day attacks
Detect to protect: a flawed model
99% is not the answer
Adopting a new approachthe adaptive security architecture
Summary
BROMIUM ADVANCED ENDPOINT SECURITY 02
Introduction
Cyber security seems to be repeating itself. Each year brings the According to leading research
analysts, cyber-security spending
promise of improved security solutions, but this promise falls approached $75B in 2015; however,
short against the reality of continuous data breaches. according to the Identity Theft
Resource Center, the number of
It has become apparent that the majority of security solutions dont U.S. data breaches totaled 781
in 2015 with millions of records
live up to the hype, yet cyber-security spending has become irrational. compromised.
Security solutions continue to repeat the same mistakes as their SOURCE: WWW.IDTHEFTCENTER.ORG
zero-day
team is preventing zero- solutions, which add cost
day attacks and detecting and complexity, but do not
attempted breaches in solve the problem since
attacks. progress. Enterprises are
fighting a losing battle against
they are based on detection.
The endpoint is by far the
todays advanced, targeted weakest link and the number
and often undetectable one attack vector.
cyber attacks. Enterprises
protect:
for the most part, rely on latest approach gaining of breaches used malware
trying to detect malicious attention, machine learning, that was customized to the
activity. However, detection is similarly challenged. specific environment of the
a flawed rates for todays advanced
threats are typically around
Normal behavior cannot be
easily defined, which makes it
target. Antivirus and other
security products that claim
model. 5-10%. Whether incorporating
techniques such as behavioral
difficult to detect anomalies.
Training a machine-learning
to be able to detect malware
quite simply cannot keep
analysis, heuristics or artificial engine with human experts up. The arms race between
intelligence, the fact is is time consuming and attackers and vendors favors
detection-based approaches expensive, and no guarantee the attacker.
hinge on the ability to for success.
accurately distinguish We need to accept that, just
legitimate applications and like us, our computers cannot
files from malicious threats reliably distinguish good from
the answer.
and next-gen AV vendors 230,000 new malware through likely comprises
split hairs at the 99% catch- samples per day. This figure, the more difficult and
rate level. With each year compounded with other catastrophic threats. The
proving to be a banner year disturbing trends highlighted question remains: should
for malware variants and in the 2016 Verizon Data customers feel safe even
evasion techniques, running Breach Investigations Report, with a 99% protection rate
the math exposes the fallacy underscore how quickly over critical threat vectors?
of detection even more starkly. cybercriminals are modifying Given the stakes involved,
According to a new report their code to avoid detection. organizations cannot afford
from Panda Security more 1% of 84,000,000 is an to settle for good enough.
than 84 million new malware unacceptable number,
samples were collected over
PREDICTIVE PREVENTIVE
ADAPTIVE
RETROSPECTIVE DETECTIVE