Adaptive Defence starts with gaining visibility and control from the perimeter to the endpoint. And it involves multi-layered protective controls to make cyber attacks difficult or raise the cost of attack for the adversaries.
Threat actors prefer to maintain a long “dwell time”, move laterally and exfiltrate data from the compromised organization.
Endpoint Detection and Response (EDR) solutions can record endpoint-system-level behaviours and events. Coupled with machine learning and a rich database of known exploit techniques, EDR solution provides early identification of breaches, while providing complete visibility during incident response.
Malware are increasingly sophisticated, evasive and unique. A large number of malware hashes are seen for the first time in each attack, rendering signature-based protection insufficient.
Advanced Threat Protection (ATP) refers to defending your network against sophisticated malware or targeted attacks by using a multi-layered defence approach with traditional malware protection, machine learning protection, malware analysis techniques and application control to provide the defence-in-depth.
Moving data between segmented networks is both critical and challenging. Networks may be segmented to provide a physical or virtual gap or security boundary between networks of different classifications, networks maintained by different authorities, intranet-internet, etc. While the need to share is critical, it must be balanced against the need to protect.
Content inspection gateways and the next generation content isolation platforms address these challenges, ensuring that data meets all established security policies and is free of malware, viruses, and so on, before it is moved to the destination.
The enterprise is moving to an increasingly mobile workforce. Traditional perimeter defences do not protect mobile workers from a hostile environment. Hence, it is essential to protect the endpoints and the data on the endpoints with a suite of endpoint protection services. Alternatively, use containerisation and isolation technologies to protect the data on untrusted or BYOD devices.