Bethesda, Md. – Automating endpoint detection and response processes is the top priority for IT professionals trying to put actionable controls around their endpoints, according to the SANS 2018 Survey on Endpoint Protection.
"The diversity and quantity of endpoints in the modern enterprise are driving the need for more automation and predictive capabilities," says survey author and SANS Analyst Lee Neely.
Neely continues that more automation enables the SOC to stay abreast of endpoint-related threats, while addressing a major issue cited by respondents: Lack of staffing and resources to manage and monitor their many endpoint-related toolsets.
Yet, respondents are relying on the capabilities they currently have--and often those technologies are not fully implemented.
"While organization are purchasing solutions to keep ahead of the emerging cyber threats, they appear to fall short on implementing key purchased capabilities needed to protect and monitor the endpoint," Neely continues.
For example, 50% have acquired next-gen antivirus, but the majority (37%) have not implemented the capabilities. Additionally, 49% have malware-less attack detection capabilities, but 38% have not implemented them. In some cases, it appears that while respondent organizations were able to procure these types of newer technologies, they lacked the resources to implement them.
Full results will be shared during a two-part webcast at 1 PM EDT on June 13 and 14, sponsored by Carbon Black, CrowdStrike, Endgame, ForeScout, Malwarebytes, McAfee and OpenText, and hosted by SANS. Register to attend the June 13 webcast at www.sans.org/webcasts/106795 and the June 14 webcast at www.sans.org/webcasts/106800
Those who register for the webcast will also receive access to the published results paper developed by SANS Analyst and endpoint security expert, Lee Neely, with advice from fellow SANS Analyst and forensics and incident response expert Alissa Torres.
Explore the threats, protections and response capabilities impacting endpoints. | SANS Endpoint Survey Pt. 1, 6/13 | www.sans.org/webcasts/106795
Discover the enablers/barriers to improving endpoint protection and best practices | SANS Endpoint Survey Pt. 2, 6/14 | www.sans.org/webcasts/106800
About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals in government and commercial institutions world-wide. Renowned SANS instructors teach more than 60 courses at in-person and virtual cyber security training events and on demand. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers a master’s degree, graduate certificates, and an undergraduate certificate in cyber security. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their ‘human’ cybersecurity risk. SANS also delivers a wide variety of free resources to the InfoSec community including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system–the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to support and educate the global information security community. (https://www.sans.org)