Endpoint security applies threat prevention, detection and response capabilities to the multitude of devices that interact with corporate networks. Endpoints can include computers, tablets, mobile devices, point-of-sale (POS) systems, and IoT devices. Endpoint security complements network security which focuses on securing the networking infrastructure that the endpoints connect to with technology like firewalls.
Antivirus (AV) falls under the umbrella of endpoint security and is generally regarded as one of the more basic capabilities as it protects only against known viruses and malware. As attackers have become more sophisticated, traditional AV has fallen short. As a result, endpoint security solutions have been fortified with AI/ML in order to detect malicious behavior rather than relying only on existing signatures for known bad. In addition, endpoint security has been extended to include endpoint detection and response (EDR) functionality, which essentially “records” endpoint activity to give incident responders a way to understand exactly how a threat made its way onto an endpoint and how the threat behaved once it infected the endpoint.
View the Cybersecurity Dictionary for top terms searched by your peers.