[resources, glossary, endpoint-security]

    cyber security

    Endpoint Security

    What is Endpoint Security?

    Endpoint security is the set of cybersecurity practices and tools designed to protect an enterprise’s endpoints from cyber attacks. An endpoint is any device that connects to a company’s network from outside its firewall, such as employee laptops or mobile devices, printers, or Internet of Things devices.  

    This is made especially challenging due to BYOD (bring your own device) policies and remote work situations, where security teams have less visibility and less control over endpoints accessing the network. That’s why enterprises that have a large amount of cyber risk exposure from endpoints may consider investing in a broader endpoint protection solution.

    What Does Endpoint Security Include?

    Most basic endpoint security plans include managed antivirus and patch management requirements for end users. More robust endpoint security programs include threat hunting, vulnerability scanning, device management, data leak protection, and so on. 

    Endpoint detection and response (EDR) is an example of a system used for endpoint security, where a system analyzes endpoint connections for typical or expected behavior, and terminates connections for those who act in an unusual way. EDR tools often use machine learning to identify user patterns. 

    Many of these organizations deploy cloud-based tools to support this wider variety of processes.