Collaborating Authors

Maintaining Effective Endpoint Security 201


Today's enterprises are faced with unique, modern-day issues. Many are focused on adopting more cloud-based services and reducing infrastructure footprint, all while the number of devices accessing the environment grows. This, in turn, requires security teams to create different levels of access, policies, and controls for users. Plus, as these businesses expand some unexpected security issues may arise, such as alert volume, lack of visibility, complicated management, and longer threat dwell times. To strike a balance between business objectives and a healthy security posture, IT teams can implement some of the tactics we recommended in our Effective Endpoint Security Strategy 101 blog, such as virtual private networks (VPNs), proper employee security training, and machine learning (ML) and artificial intelligence (AI) technology for predictive analysis.

EDR – Not just for Large Enterprises?


When you think of Endpoint Detection and Response (EDR) tools, do you envision a CSI-style crime lab with dozens of monitors and people with eagle eye views of what their users and defenses are doing? For many, the idea of EDR seems like something for "the big players" with teams of highly trained people. This is based on the historical products and presentations of these tools in days gone by however, it's no longer true. For starters, threats and the need to investigate them to prevent a repeat of an outbreak or breach. Malware and attack methods became smarter to put it simply and stopping them became much more difficult.

FireEye Brings Advanced Machine Learning to Endpoint Security with MalwareGuard


FireEye, Inc. (NASDAQ: FEYE), the intelligence-led security company, today announced the addition of MalwareGuard – a new advanced machine learning based detection and prevention engine – to its Endpoint Security solution. MalwareGuard is designed to help detect and block cyber-threats including never-before-seen threats to provide customers an added level of protection to stop attacks and protect customer information, sensitive data, and intellectual property. MalwareGuard is integrated into the FireEye Endpoint Security agent and is available now for current customers at no additional cost, and via a free trial for other organizations interested in upgrading their endpoint defenses. Better Data for Better Machine Learning FireEye MalwareGuard is the result of a two-year research project from FireEye data scientists and testing in real-world incident responses. The MalwareGuard model is trained using advanced machine learning techniques to enable MalwareGuard to make intelligent malware classifications on its own and without human involvement.

AI and machine learning in network security advance detection


But as they've been applied to endpoint protection in just the last few years, they've augmented the value of the products that employ them. Let's look at what machine learning is and how it's used within the context of endpoint security. Machine learning is a subset of artificial intelligence designed to allow the computer to answer questions on its own without human intervention. In the case of machine learning in endpoint security, the question it answers is simple: Is this malicious? Before the application of machine learning to network security, humans needed to define what to look for, what relationships should be categorized as bad, how to analyze the data, and what data to use in the first place -- keeping in mind that these definitions changed daily.