This page is fully or partially automatically translated.

  • Technical contribution
  • Management, Awareness and Compliance

Endpoint Security - it's all about software and people

At which neuralgic points should IT protection start?

itsa 365: man in command centre
Last year, around half of the companies (45 percent) experienced a targeted attack, as Kaspersky found out in an international survey of IT decision-makers. These threats are often designed in such a way that they only work in a fixed context: For example, a file does nothing malicious until a specific application is opened or a user scrolls through a document. The overwhelming majority of cyber threats enter the network through endpoints. 


Endpoints - how secure they are

For this reason, an Endpoint Protection Engine still forms the basis of any security strategy. It classically applies various protective measures with which a large pool of pests can already be identified and warded off. Kaspersky Endpoint Security for Business includes comprehensive identification and security functions such as program, web and device control, a powerful anti-malware engine, patch management, vulnerability assessment and adaptive anomaly control to detect and block unusual activities. 


Integrated endpoint protection

As versatile as the services are, an EPP (Endpoint Protection Platform) only develops its full effect in combination with other security solutions. That's why Kaspersky has developed a new approach for its endpoint security portfolio in which the EPP and an EDR (Endpoint Detection and Response) and sandboxing solution are fully integrated and work hand in hand.

With the majority of malware already sifted through the endpoint platform, the endpoint security resources of EDR and Sandbox can focus on the small but particularly dangerous rest of the threats: previously undetected malware and complex, targeted attacks. 


EDR examines the chain of attack 

Kaspersky EDR Optimum provides end-to-end visibility and advanced analysis so companies can see exactly where an attack has begun and where it is at. EDR simplifies incident analysis by automatically scanning forensic data to identify potentially malicious activity in an IT system or network. This information can be used to detect complex malware in the early stages of an attack.

The software also reacts automatically. This is because it is not only a matter of obtaining a thorough understanding of the cause of the threat and analysing attack patterns in depth, but also of neutralising attacks sustainably and without enormous effort.


Team player sandbox 

Kaspersky Sandbox also works seamlessly with the endpoint security platform. The solution automatically checks files that have been classified as potentially suspicious by the EPP. It also detects threats specifically designed to bypass endpoint protection mechanisms. The sandbox then reports the results of its scans back to the installed endpoint protection platform, which takes further action in case of malware. 


Employees as first line of defence

Besides the use of powerful software, one safety factor must not be forgotten: the human being. Only if employees are aware of potential cyber threats and know how to behave correctly in case of suspicion, they can make a decisive contribution to security in the company. 

Online training courses such as Kaspersky ASAP (Automated Security Awareness Platform) with realistic attack scenarios tailored to the employees' level of knowledge are ideal for this purpose - with learning content on topics such as passwords, e-mail security, web browsing, social networks or DSGVO. This portfolio of skills ensures that employees can safely use IT resources in their everyday work. 


Further information is available at: 
https://www.kaspersky.de