IT Glossary



Endpoint Protection Platform (EPP)

An endpoint protection platform (EPP) is a solution deployed on endpoint devices to prevent file-based malware attacks, detect malicious activity, and provide the investigation and remediation capabilities needed to respond to dynamic security incidents and alerts.

Detection capabilities will vary, but advanced solutions will use multiple detection techniques, ranging from static IOCs to behavioral analysis. The inclusion of artificial intelligence (AI) and human-driven managed services such as managed threat hunting — lowering the barrier to entry for more advanced capabilities — will increase over the next 18 months. Deception capabilities, intended to trick adversaries into revealing their presence by accessing fake services or planted files, or by using planted credentials, are emerging.

Desirable EPP solutions are primarily cloud-managed, allowing the continuous monitoring and collection of activity data, along with the ability to take remote remediation actions, whether the endpoint is on the corporate network or outside of the office. In addition, these solutions are cloud-data-assisted, meaning the endpoint agent does not have to maintain a local database of all known IOCs, but can check a cloud resource to find the latest verdicts on objects that it is unable to classify. Integration with security orchestration, automation and response (SOAR) tools will become increasingly desirable.

Gartner Tech Conference & Webinar

The premier gathering of security leaders, Gartner Security & Risk Management Summit delivers the insight you need to guide your organization to a secure digital business future. The comprehensive agenda addresses the latest threats, flexible new security architectures, governance strategies, the chief information security officer (CISO) role and more.

Free Webinar: New technologies are enabling more secure innovation and agile IT. It’s time to advance your security program to deliver the trust and resilience the business needs to stay competitive. Get the answers you need by attending a webinar, hosted by Gartner analyst Tom Scholtz (Vice President and Gartner Fellow, Gartner Research, and Conference Chair at Gartner Security & Risk Management Summit 2017), on Managing Risk and Security at the Speed of Digital Business, on April 4 at 10:00 a.m. EST.


Become a Client

Call us now at:

+1 800-213-4848

or

Contact us online 

Free Research
Discover what 12,000 CIOs and Senior IT leaders already know.
Free Access