White Paper
Data-Driven Security Reloaded: Summary of Research Findings for Endpoint Threat Detection, Prevention, and Response
Date: 05/08/2015 Length: 6 pages Cost: $99.00

Linked In

Information security has always been a large producer and consumer of data. More sophisticated best practices and expanding compliance and regulatory requirements have almost exponentially accelerated the production and consumption of data. Event and activity logs have grown to big data proportions and the diversity of data being consumed has become significantly more varied. As a result, traditional log and event management tools and monitoring practices are becoming increasingly insufficient.

To add to this, the problem of maintaining security for an environment is at an all-time low. Executives are being dismissed or forced to resign post breach whether they knew about security issues prior to the breach or not. Threats seem to come from every angle. Not only are attackers consistently probing, but the attacks themselves are more persistent; once a foothold is achieved, detection and removal are also more difficult.

This research summary discusses how "the death of antivirus" has not meant the end of protecting the endpoint. Both management- and operations-level IT and information security practitioners are re-embracing the idea that, despite the onslaught of malware and other persistent threats to endpoints, prevention is possible with endpoint threat detection and response (ETDR) technologies.

Over the last year, ETDR solutions have seen a significant surge in adoption, jumping the technology chasm from an emerging technology into a growth technology (see Figure 1 in the Analysis Summary). Through a best of breed approach, administrators and security personnel responsible for protecting information are getting higher fidelity data to provide better context for preventing incidents in a world where traditional prevention methods have often failed. ETDR tools provide practitioners with a means to thwart attacks and verify success via bidirectional information exchange with other systems. Bit9 + Carbon Black and Enterprise Management Associates have partnered to provide this research, which identified that nearly 80% of respondents believed that ìconsistent prevention of stealthy threats, advanced persistent threats, or advanced target attacks are possible with technology solutions existing today."

EMA Staff


EMA Services

IT Professionals

EMA can help you:

  • Support your decisions
  • Succeed with key projects
  • Align IT with the business

Learn More!

IT Vendors

EMA can help you:

  • Build the right product
  • Reach the right prospects
  • Establish market credibility

Learn More!

EMA Advisory Notes Service

An Affordable Way to Stay on Top of Key Trends & Industry Events

Subscribe now

EMA Premium Research Service

In-Depth Insight into IT Management Benefits, Challenges & Best Practices in the Enterprise

Subscribe now

©1996-2023 Enterprise Management Associates, Inc. All rights reserved.
EMA™, ENTERPRISE MANAGEMENT ASSOCIATES®, and the mobius symbol are registered trademarks or common-law trademarks of Enterprise Management Associates, Inc.
Site Terms & Conditions | Integrity Policy | Site Map | My Account
Subscribe to EMA RSS Feed