A few years ago, a proactive prevention-based security posture was more an aspiration than a reality. The endpoint security tools of the day relied on signature hash matching and heuristics to detect malware. Often, they required a suspect file to execute on, and subsequently infect, one of its subscriber’s endpoints before it could be judged malicious. Others required massive volumes of data to be sent to the cloud to be analyzed, introducing unacceptable delays in detection and response. All these approaches were inherently reactive.
A few years ago, a proactive prevention-based security posture was more an aspiration than a reality. The endpoint security tools of the day relied on signature hash matching and heuristics to detect malware. Often, they required a suspect file to execute on, and subsequently infect, one of its subscriber’s endpoints before it could be judged malicious. Others required massive volumes of data to be sent to the cloud to be analyzed, introducing unacceptable delays in detection and response. All these approaches were inherently reactive.
Today, this prevention-first security approach is both proven and practical. Yet, perhaps out of inertia, some organizations still cling to a reactive approach to cybersecurity that has long since passed its expiry date.