Endpoint security is an important component of computer security, whether you are a home user, a small business or running a massive company. But it's just one layer.
Latest reports now online
Using multiple layers of security, including a firewall, anti-exploit technologies built into the operating system and virtual private networks (VPNs) when using third-party WiFi is very important too.
What many people don't realise is that anti-malware software often actually contains its own different layers of protection. Threats can come at you from many different angles, which is why security vendors try to block and stop them using a whole chain of approaches.
A fun video we created to show how anti-malware tries to stop threats in different ways
How layered protection works
For example, let's consider a malicious website that will infect victims automatically when they visit the site. Such 'drive-by' threats are common and make up about one third of this test's set of attacks. You visit the site with your web browser and it exploits some vulnerable software on your computer, before installing malware – possibly ransomware, a type of malware that also features prominently in this test.
But let's say this layer of security crumbles, and the system is exposed to the exploit.
Maybe the product's anti-exploit technology prevents the exploit from running or, at least, running fully? If so, great. If not, the threat will likely download the ransomware and try to run it.
At this stage file signatures may come into play. Additionally, the malware's behaviour can be analysed. Maybe it is tested in a virtual sandbox first. Different vendors use different approaches.
Ultimately the threat has to move down through a series of layers of protection in all but the most basic of 'anti-virus' products.
The way we test endpoint security is realistic and allows all layers of its protection to be tested.