Next Generation Endpoint Security (NGES)
What is Next Generation Endpoint Security (NGES)?
Next-generation endpoint security (NGES) is a class of technology made for protecting endpoints from compromise and/or notifying system managers of a compromise. Next-generation endpoint security solutions are targeted to detect unknown malware, which other non-next-generation solutions might fail to detect.
An endpoint is anywhere data is stored or processed. This creates a large field for solutions, since it can include not only user stations like PCs and laptops, but also smartphones and tablets as well as servers, credit card processing terminals, and other special function devices. Though not all endpoints address all operating systems and device types, NGES solutions have several attributes in common.
Features of Next-Gen Endpoint Security Solutions
For a NGES solution to have Next Gen Endpoint Protection, it must have:
- Comprehensive protection services in the form of prevention and/or detection services (some solutions provide both).
- Hunting and/or forensic capabilities to locate/identify adversary activities and their artifacts. Hunting relies on real-time data collection and dissemination, while forensics rely on historical artifact collection.
- The ability to provide people managing the endpoints with some form of endpoint search and status interrogation.
- Centralized software distribution or works with an existing distribution solution.
- Some form of centralized management console for determining the status of and issues with all managed endpoints.
- Components for centralized data collection and/or threat analysis.
- The ability to provide the protection services in real-time (as an incident occurs) or near real-time (consistently operating within a few minutes).
- The ability to identify zero-day or emerging attacks against endpoint vulnerabilities.
- The ability to identify custom malware, advanced persistent threats (APTs), and advanced targeted attacks (ATAs), as well as their artifacts, even those originating from the most sophisticated attackers.
- The ability to provide those people managing the endpoints with sufficient visibility and context that will create high confidence of and actionable insights into the endpoint attack or compromise.
- The ability to provide some form of automated and/or automatic mitigation actions to support incident response.
- Some form of centralized reporting capabilities for both operations and management-level reporting.
Deep Instinct is a NGES solution. The Deep Instinct Prevention Platform stops known, unknown, and zero-day threats with the highest accuracy and lowest false-positive rate in the industry, providing reduced risk, greater SOC efficiency, more complete security, and the knowledge that attackers have lost their advantage.