EDR + Application Containment: Redefining the Modern Endpoint Security Stack

In an effort to secure the endpoint and protect critical applications and data, government IT departments continue to add protective layers, restricting the users’ ability to do their work and generating a great number of false positive security alerts, which take up scarce IT resources to triage and investigate. And still, threat actors continue to succeed in penetrating even the most elaborate layered defenses – typically by using clever tactics and social engineering to lure end-users to click on email attachments and phishing links, install malicious content, or disclose credentials.

With so many versions and variants of malware out there, security teams often have to deal with never-before-seen, polymorphic, or zero-day threats. And even when a vulnerability is identified, and patches become available, it takes an average IT team 67 days to patch computer systems, leaving a window for exploits to breach the network. The DoD exposure to attacks is exacerbated by the complexity of the government’s Information Systems landscape, its continued reliance on legacy applications, and the wide variety of device and connection options, including instances when employees connect to secure environments using devices that are neither managed nor owned by the DoD.

As part of an ongoing modernization initiative, the U.S. DoD is evaluating security solutions that offer the smallest footprint, lowest costs, and highest effectiveness against cyber-attacks. The combination of containment (Application Isolation and Containment) and Endpoint Detection and Remediation (EDR) technologies provides the most comprehensive protection for the endpoint as well as High-Value Assets, along with the fastest breach response times. Two prominent enterprise security experts, Bromium and McAfee, have joined forces to deliver an integrated solution that approaches cyber threats from multiple angles, reducing the noise of false positive alerts, minimizing triage times, decreasing operational costs, and helping harden the entire security infrastructure against future attacks. No single defensive solution can completely protect an organization from threats, but implementing a set of best-of-breed integrated tools, including Bromium Secure Platform, McAfee Active Response, and Bromium Protected App, gives you the greatest chance for success.

• Why threat-actors continue to succeed in penetrating multiple defensive layers
• Why common access and device policies are making it increasingly difficult to secure DoD’s infrastructure and assets
• How two prominent vendors – Bromium and McAfee – are partnering to give the DoD the best set of integrated tools that are effective against threats and cost-efficient to implement and use.

If you have questions or would like to schedule a demo of our solutions, contact us.