Endpoint protection refers to a wide range of solutions for protecting and/or detecting compromise of the end-user’s computing device (desktop, laptop, mobile device, etc.). Endpoint protection solutions, in general, use one or more of the following techniques:
- Hardening: the solution blocks or otherwise eliminates commonly exploited vulnerabilities. Monitoring/Detection: the solution monitors the system and/or user behavior and detects anomalies.
- Sandbox: the solution redirects any untrusted content to a sandbox environment that enables safe identification of malicious content.
- AntiVirus solutions are an example of endpoint solutions that generally use a signature/rule-based approach.
- Sensitive Information Protection solutions rely more on information classification and heuristics or machine learningbased algorithms for detection of abnormal information.
- Malware Protection solutions rely on a combination of one or more of the three techniques.