Latest coverage for Endpoint Security
Endpoint security protects laptops, phones, servers, and other connected devices from malware, unauthorized access, and breaches.
Refine the feed
Search across headline titles and summaries.
Tag briefing
Background for this topic.
Endpoint security protects laptops, desktops, servers, mobile devices, and other systems that connect to an organization’s networks or services. It combines secure configuration, timely patching, encryption, access controls, application restrictions, and monitoring. Endpoint detection and response (EDR) tools record activity such as process execution, persistence, and configuration changes so analysts can investigate suspicious behavior.
Endpoints are common entry points for exploiting vulnerable software, stealing credentials, or installing unauthorized code. Effective programs maintain an accurate device and software inventory, prioritize vulnerabilities that are exposed or actively exploited, and apply least privilege to limit what a compromised device or account can do. They also need tested procedures to contain or isolate devices, investigate them without unnecessarily destroying evidence, and govern endpoint telemetry and administrator access to protect privacy and support applicable data-handling obligations.
BlackBerry Unveils Next-Generation UEM Redefining the Endpoint Management Market
Microsoft Defender Thwarts Large-Scale Akira Ransomware Attack
Microsoft on Wednesday said that a user containment feature in Microsoft Defender for Endpoint helped thwart a "large-scale remote encryption attempt" made by Akira ransomware actors targeting an unknown industrial organization in early June 2023
Microsoft Defender now auto-isolates compromised accounts
Microsoft Defender for Endpoint now uses automatic attack disruption to isolate compromised user accounts and block lateral movement in hands-on-keyboard attacks with the help of a new 'contain user' capability in public preview. [...]