What is next-gen endpoint protection anyway?January 14, 2018 | By Comodo
Understanding Next-Gen Endpoint Protection (NGEP)
The words ‘Next-Gen Endpoint Protection (NGEP)’ which presumably offers Next Gen Threat Prevention has been bandied about a lot. Despite this, it still remains a conundrum. So in this article, we try best to explain what next-gen endpoint protection is (as simply as possible), how it differs from the traditional endpoint protection, and how it can be useful in combating the modern-day malware and the ever-changing cybersecurity threat landscape.
What Exactly Is Next-Gen Endpoint Protection?
There was a time when endpoint protection meant installing antivirus for protecting networks. This was a time when viruses where the only security threats for computers. The static antivirus having a store of antivirus signatures was enough to safeguard networks. But now the situation has changed drastically, with the modern-day malware (of which virus is just a type) adopting sophisticated techniques that call for equally sophisticated security measures. One such security measure is next-gen endpoint protection.
Simply put, next-gen endpoint protection does not rely only on a store of antivirus signatures or signature-based technology to combat malware. It is much more than that. It is supposed to be a system of security tools which keep learning about malware (various techniques and vectors they implement) and can counter them in real-time rather than waiting for the malware to inflict damage.
What Do They Contain?
This is pretty vague at the moment as the technology is only evolving. So giving a concrete answer is definitely not possible. But there are certain technologies which have become integral to almost all NGEP(s) currently available in the market. They are: Pre-execution analysis based on machine learning, Centralized event collection and analysis, Exploit prevention or mitigation, Detection based on behavior analysis, Ransomware behavior detection and blocking, Sandbox analysis, Rollback of changes after event detection, Retrospective detection etc.,
Difference Between Legacy and New-Gen Endpoint Protection?
Apart from the fact that NEGP is designed towards combating Next Gen Threat Prevention (modern-day malware), there isn’t much. Because there’s no such thing as legacy or traditional endpoint protection now. The reason? Almost every legacy endpoint protection is being enhanced to meet today’s security requirements and therefore even these contain some (if not all) technologies included in NEGP solutions.
It may be a few years before the security community could provide a clear-cut definition of what exactly is next-gen endpoint protection and the security tools they contain. But till then enterprises like you could use endpoint protection tools like Comodo’s Advanced Endpoint Protection (AEP) which is one of the finest in the industry and is probably the only security tool which comes closer to being called next-gen endpoint protection tool (Or, perhaps, maybe is one? You be the decider).