{"id":786,"date":"2016-12-03T12:23:41","date_gmt":"2016-12-03T10:23:41","guid":{"rendered":"https:\/\/community.virtono.com\/?p=786"},"modified":"2016-12-11T18:25:14","modified_gmt":"2016-12-11T16:25:14","slug":"threat-defense-isnt-just-about-detection","status":"publish","type":"post","link":"https:\/\/www.virtono.com\/community\/knowledgebase\/threat-defense-isnt-just-about-detection\/","title":{"rendered":"Threat Defense Isn\u2019t Just About Detection."},"content":{"rendered":"<p>An intelligent endpoint is one that is highly automated to detect security problems faster and more accurately, respond immediately and remediate problems fully. If done correctly, intelligent endpoints provide invaluable insights and forensics into threat behaviors. In order to stop increasingly sophisticated threats, many security and IT organizations have focused on endpoint detection and response (EDR). Creating truly intelligent endpoints requires a comprehensive and easily managed security framework, one that automatically detects and responds to threats before they do their damage. If an intelligent endpoint is your strategic goal, then meaningful integration and flexibility are important aspects to consider in an EDR solution.<\/p>\n<p>Beyond stopping the sheer volume of threats, detecting and protecting against advanced threats has become essential to maintaining trusted endpoints. Endpoint security supplements centralized security measures with additional protection at the point of entry for many threats as well as effectively blocking access attempts prior to entry. Another stark reality is that advanced threats are, by nature and design, attacking more than one endpoint at a time in order to gain access to valuable data and systems through multiple footholds. It is increasingly rare that a security breach can be contained within a single system or application, in large part because so many attacks successfully evade security point products.<\/p>\n<p>Additionally, security administrators are stretched to capacity trying to be experts on emerging threats and react in time to stop impending data breaches. Threats evolve, requiring administrators to learn and evolve, as well. Meaningful insights and automation are necessary to keep security professionals informed and moving forward. This means the emphasis has shifted from trying to stop attacks to quickly pinpointing, identifying and shining a bright light when attacks occur. Determining which endpoints are being attacked, what data is vulnerable and how quickly it can be remediated before massive damage is done is paramount. That\u2019s where EDR comes in. According to Gartner,1 the EDR market is defined as solutions that have the following four primary capabilities:<\/p>\n<ol>\n<li>. Detect security incidents.<\/li>\n<li>Contain the incident at the endpoint, such that network traffic or process execution can be remotely controlled.<\/li>\n<li>Investigate security incidents. 4. Re-mediate endpoints to a pre-infection state.<\/li>\n<\/ol>\n<p>EDR is all about speed and agility; it helps organizations reduce their windows of threat exposure from weeks or days to just minutes. The best EDR sorts through all the noise most security defenses yield, which often shows up as inordinate numbers of alerts or rising incidents of false positives. With the cost of remediating a data breach now exceeding tens of thousands of dollars per day, the pressure has intensified to spot problems with greater reliability and speed, to correct them immediately and to protect against further endpoint incursions and data exfiltration. At the end of the day, intelligent endpoints must be able to spot trouble, avoid it and limit the damage when threats do strike. It\u2019s one thing to say you have a problem; it\u2019s an entirely different thing to fix the problem immediately or prevent it altogether.<\/p>\n<hr \/>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>An intelligent endpoint is one that is highly automated to detect security problems faster and more accurately, respond immediately and remediate problems fully. If done correctly, intelligent endpoints provide invaluable insights and forensics into threat behaviors. In order to stop increasingly sophisticated threats, many security and IT organizations have focused<\/p>\n","protected":false},"author":3,"featured_media":802,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":true,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[5],"tags":[],"class_list":["post-786","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledgebase"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/12\/16673209002_4901b0e2c3_b.jpg?fit=846%2C480&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p7ISfL-cG","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":784,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/targeted-attacks\/","url_meta":{"origin":786,"position":0},"title":"Targeted Attacks.","author":"Daniel Draga","date":"December 2, 2016","format":false,"excerpt":"More Data than Sense. As we look at the responses, most of these detection and correction efforts combine human expertise with tools and data. All efforts can be improved through access to and better interpretation of relevant data, policy-based workflows, and appropriate and facilitated automation. So what\u2019s holding these valiant\u2026","rel":"","context":"In &quot;Knowledgebase&quot;","block_context":{"text":"Knowledgebase","link":"https:\/\/www.virtono.com\/community\/category\/knowledgebase\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":749,"url":"https:\/\/www.virtono.com\/community\/knowledgebase\/hunt-down-apts-with-big-data-analytics\/","url_meta":{"origin":786,"position":1},"title":"HUNT DOWN  APTs WITH BIG DATA ANALYTICS","author":"Daniel Draga","date":"November 11, 2016","format":false,"excerpt":"ORGANIZATIONS THAT START to address information security in a meaningful way will come to a point in their maturity when they have a lot of machine data. The challenge many CISOs face is how to leverage that data quickly and correlate events dynamically across the enterprise to track down advanced\u2026","rel":"","context":"In &quot;Knowledgebase&quot;","block_context":{"text":"Knowledgebase","link":"https:\/\/www.virtono.com\/community\/category\/knowledgebase\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/dataintegration2.jpg?fit=1200%2C500&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/dataintegration2.jpg?fit=1200%2C500&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/dataintegration2.jpg?fit=1200%2C500&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/dataintegration2.jpg?fit=1200%2C500&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/dataintegration2.jpg?fit=1200%2C500&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":984,"url":"https:\/\/www.virtono.com\/community\/knowledgebase\/malware-detection-on-your-server\/","url_meta":{"origin":786,"position":2},"title":"Malware Detection On Your Server","author":"Daniel Draga","date":"June 26, 2017","format":false,"excerpt":"The term malware encompasses a large range of unwelcome software that is designed to damage a computer. A partial list of malware might, for example, include viruses, spyware, Trojan horses, and worms. The rapid proliferation of such software is enough to concern users of all levels, from novices to seasoned\u2026","rel":"","context":"In &quot;Knowledgebase&quot;","block_context":{"text":"Knowledgebase","link":"https:\/\/www.virtono.com\/community\/category\/knowledgebase\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/06\/What-is-Malware.jpg?fit=600%2C300&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/06\/What-is-Malware.jpg?fit=600%2C300&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/06\/What-is-Malware.jpg?fit=600%2C300&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":760,"url":"https:\/\/www.virtono.com\/community\/knowledgebase\/3-major-challenges-in-cloud-security\/","url_meta":{"origin":786,"position":3},"title":"3 major challenges in Cloud security","author":"Daniel Draga","date":"November 17, 2016","format":false,"excerpt":"Is your institution planning to leverage cloud computing and mobile computing in order to improve service agility, increase increase student and research success and lower costs of ownership, and lower capital expenses? If so, you are no doubt aware that your institution is also increasing its attack surface. Cloud-based technologies,\u2026","rel":"","context":"In &quot;Knowledgebase&quot;","block_context":{"text":"Knowledgebase","link":"https:\/\/www.virtono.com\/community\/category\/knowledgebase\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/Cloud-security.jpg?fit=1200%2C800&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/Cloud-security.jpg?fit=1200%2C800&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/Cloud-security.jpg?fit=1200%2C800&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/Cloud-security.jpg?fit=1200%2C800&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/Cloud-security.jpg?fit=1200%2C800&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":3947,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-install-configserver-security-firewall-csf-on-almalinux\/","url_meta":{"origin":786,"position":4},"title":"How to install ConfigServer Security &#038; Firewall -CSF on Almalinux","author":"George B.","date":"September 28, 2023","format":false,"excerpt":"In this guide, we will walk you through the step-by-step process of installing CSF on AlmaLinux, ensuring that your system is fortified against potential threats. Every system administrator has a responsibility to protect their server from potential attacks and vulnerabilities. ConfigServer Security & Firewall (CSF) is a strong tool that\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/09\/How-to-install-CSF-on-Almalinux.png?fit=360%2C240&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":763,"url":"https:\/\/www.virtono.com\/community\/knowledgebase\/fighting-mobile-data-security-hurdles\/","url_meta":{"origin":786,"position":5},"title":"Fighting  Mobile Data Security Hurdles","author":"Daniel Draga","date":"November 18, 2016","format":false,"excerpt":"As mobile devices and applications continue to flood the business landscape, the security holes that these consumer devices pose put your entire enterprise network at risk. Fortunately, there are a number of steps you can take to not only heighten your mobile data security, but overcome common hurdles. In this\u2026","rel":"","context":"In &quot;Knowledgebase&quot;","block_context":{"text":"Knowledgebase","link":"https:\/\/www.virtono.com\/community\/category\/knowledgebase\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/mobile-security.jpg?fit=590%2C391&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/mobile-security.jpg?fit=590%2C391&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/mobile-security.jpg?fit=590%2C391&ssl=1&resize=525%2C300 1.5x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/786","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/comments?post=786"}],"version-history":[{"count":1,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/786\/revisions"}],"predecessor-version":[{"id":787,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/786\/revisions\/787"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media\/802"}],"wp:attachment":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media?parent=786"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/categories?post=786"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/tags?post=786"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}