In its 2017 first quarter endpoint security report, Forrester Research declared blacklist-based anti-malware “on its way out.” Tools and processes like patch management, application whitelisting and endpoint data loss prevention, according to Forrester, had reached the equilibrium stage, meaning they are relatively mature and likely to see continued adoption over the next several years.
Forrester identified the following four advanced controls as growth solutions for the future:
- Application Execution Isolation: Run commonly used applications within logical containers to limit the impact of malware and exploits on endpoints
- Application Integrity Protection: Protect endpoints by verifying that code behaves as expected or by blocking common exploit techniques and potentially malicious behaviors
- Endpoint Visibility and Control: Identify anomalous process and system behaviors by analyzing endpoint activity data from the vendor’s sensor network, the customer’s endpoint environment and third-party threat intelligence
- User Behavior Monitoring and Analytics: Identify high-risk behavior on employee devices and focus on detecting insider threats
For more on what federal agencies are doing to secure their endpoints, check out our feature, “Why Stronger Endpoints Create More Secure Networks for Feds.”