The Endpoint

Endpoint security is spread across control families within the Center for Internet Security critical security controls. The Center for Internet Security urges organizations to start with hardened deployments of their laptops, desktops, and servers and have a mechanism to both securely store these hardened base builds and to securely deploy them to the either the respective hardware or hypervisor. Modern antimalware systems are typically called Endpoint Detection and Response (EDR). While many modern anti-malware software will also act as a host-based firewall, and a host-based intrusion detection system, the data leakage prevention and end point encryption functions that were provided by many traditional end-point-protection software is not provided by modern EDR software. The vestiges can be exploited by malicious actors who gain access to the end points through unpatched issues in attachments sent via email, scripts that run in the context of vulnerable browsers, or any of the other ways through which malicious software is placed on to endpoints.