Endpoint security is the function of protecting laptops, desktops, and mobile devices (ENDPOINTS) from being vulnerable to cyber attacks and other malicious online threats.
Endpoint Security or an Endpoint Protection Platform (EPP) is defined by Gartner as "A solution deployed on endpoint devices to prevent file-based malware attacks"
AV is your first line of defense.
Standard AV uses what's called ‘Signature Based’ detection. In order to be effective, the AV must have knowledge of the virus to detect and remove it.
The challenge, Viruses and malware constantly change/mutate (Variants), rendering them unrecognizable to the AV, until the latest signature (antidote) is available for download. This creates a gap in today’s cyber security landscape.
EPP is your second line of defense.
Working alongside Antivirus, it fills the gap.
Endpoint Protection (EPP) is not dependent on Virus ‘Signatures’. Using analytics, it recognizes the behavior of the threat for which a signature does not yet exist.
EPP employs machine learning, which is able to determine if an exploit is being used and stop it from executing.
EDR Combines both AV and EPP and adds a third line of defense, 'Threat Intelligence'.
Using behavioral analytics, Artificial Intelligence(AI) and Machine Learning(ML), EDR allows us to identify threats at the earliest stage of a cyber attack. EDR will also notify your apii IT Security team to intervene before a breach can occur.