Laserfiche WebLink
01/12/2021 12.E.1. <br />Terminology <br />• AV = Anti -Virus <br />• Signature based malware detection software <br />• EPP = End Point Protection <br />• General term used to describe software products that are used to protect workstations and <br />servers against cyber threats (e.g. anti-virus, host based firewall solutions, etc.) <br />• EDR = Extended Detection &'Response <br />• Software tools primarily focused on detecting and investigating suspicious activities (and <br />traces of such) on hosts/endpoints <br />• IR =Incident Response <br />• A structured process used by organizations to detect and respond to cybersecurity incidents <br />• MDR = Managed Detection & Response <br />• An outsourced service that provides organizations with threat hunting services and responds <br />to threats once they are discovered <br />1/12/2021 12.E.1. <br />Current EPP & AV Solution <br />0 <br />• The EEP & AV software currently in use is signature based <br />• This type of anti-virus software relies upon pre -distributed malware signatures to <br />detect anomalous computing or network behavior <br />• Signatures are updated on a recurring basis; however, the detection capabilities <br />of this type of legacy software are limited to known malware attacks and do not <br />provided protection against new or previously unknown malware attacks <br />• Cyber criminals are constantly innovating the techniques used to conduct their <br />attacks <br />• Legacy AV software is inherently disadvantaged when it comes to detecting <br />attacks for which signatures have yet to be developed <br />• Next generation (Nextgen) EEP & AV software solve this dilemma via the addition <br />of Extended Detection & Response (EDR) functionality. <br />1/12/2021 12.E.1. <br />