Antivirus systems only detected endpoint compromise 47% of the time; other attacks were caught through automated SIEM alerts (32%) and endpoint detection and response platforms (26%) according to the SANS 2018 Survey on on Endpoint Protection and Response.
Justin Jett, Director of Audit and Compliance at Plixer:
“The recent SANs 2018 Survey on Endpoint Protection and Response makes clear that point-security solutions are not enough to quell the ever-growing barrage of cyberattacks. Organizations should continue to deploy endpoint security, but with less than half of cyberattacks being detected by antivirus, organizations must deploy other platforms to detect and help remediate these problems as they happen. Network traffic analytics should be used across the entire network infrastructure to help IT professionals see when malicious activity is taking place. By leveraging the network data, network and security teams can work together to thwart the efforts of malicious actors.”