Bethesda, MD., June 4, 2018 – Automating endpoint detection and response processes is the top priority for IT professionals trying to put actionable controls around their endpoints, according to the SANS 2018 Survey on Endpoint Protection.
“The diversity and quantity of endpoints in the modern enterprise are driving the need for more automation and predictive capabilities,” says survey author and SANS Analyst Lee Neely.
Neely continues that more automation enables the SOC to stay abreast of endpoint-related threats, while addressing a major issue cited by respondents: Lack of staffing and resources to manage and monitor their many endpoint-related toolsets.
Yet, respondents are relying on the capabilities they currently have–and often those technologies are not fully implemented.
“While organization are purchasing solutions to keep ahead of the emerging cyber threats, they appear to fall short on implementing key purchased capabilities needed to protect and monitor the endpoint,” Neely continues.
For example, 50% have acquired next-gen antivirus, but the majority (37%) have not implemented the capabilities. Additionally, 49% have malware-less attack detection capabilities, but 38% have not implemented them. In some cases, it appears that while respondent organizations were able to procure these types of newer technologies, they lacked the resources to implement them.
Full results will be shared during a two-part webcast at 1 PM EDT on June 13 and 14, sponsored by Carbon Black, CrowdStrike, Endgame, ForeScout, Malwarebytes, McAfee and OpenText, and hosted by SANS. Register to attend the June 13 webcast at www.sans.org/webcasts/106795 and the June 14 webcast at www.sans.org/webcasts/106800
Those who register for the webcast will also receive access to the published results paper developed by SANS Analyst and endpoint security expert, Lee Neely, with advice from fellow SANS Analyst and forensics and incident response expert Alissa Torres.