Endpoint Protection and Response

What Will I Learn?

Abstract:

Endpoints almost always represent the first pawn in an attacker's malicious movements inside a victim environment: Phishing, ransomware, and other forms of email- and browser-based attacks are compromising user endpoints, then attackers are using those endpoints to pivot deeper into the network. Servers are also problematic, as the many successful attacks on Web, email, DNS, and network and security devices have proven. Even printers and newer forms of endpoints are coming under compromise, according to the 2017 SANS Endpoint Security Survey.

In this new 2018 survey, publishing in association with the SANS DFIR Summit, SANS revisits threats, protections and response capabilities impacting endpoints. The whitepaper developed from this survey is intended to promote better endpoint hygiene and provide valuable thought leadership to the community.

Key Takeaways

• The different types of endpoints connecting to enterprise networks
• What type of endpoints respondents consider most at risk
• The types of exploits starting at endpoints
• Best and worst endpoint prevention and detection capabilities
• The value of proactive prevention techniques such as hunting, intelligence/machine learning and vulnerability management
• Integrative technologies and functions used to protect and defend the endpoint

Presenters