Endpoint Security 2020: The Resurgence of EPP and the Manifest Destiny of EDR

PC-era signature-based endpoint protection techniques were rendered helpless due to the "patient zero" effect, as targeted malware resulted in an exponential increase in the number of malicious binary variants. Ultimately, the reactive signature approach succumbed to an explosion of malware variants. Note that succumbing to malware variants did not happen suddenly but over time as attackers attempting to evade signatures through small binary modifications were seen as early as 1997. At the endpoint, the response came in two large categories: first, endpoint protection, or EPP enhancement, and second, forensics tools for endpoint detection and response, or EDR.


Share content on email