The days of simple endpoint protection are over. Scanning and screening for malware has become a very complex process, and most traditional anti-malware tools only find a small fraction of potential infections.
Nowadays there are numerous advanced endpoint detection and response (EDR) tools, all claiming to find and block the most subtle attacks, even ones that don’t leave many fingerprints.
As we wrote last fall, there are two basic approaches: hunting (looking for some odd behavior) and sifting and gathering particular trends or activities (which has its roots in traditional anti-virus).
