The widespread damage caused by WannaCry and Petya demonstrated that the current state of endpoint security is simply inadequate. As this new generation of malware exhibited evasive behaviour and self-propagation capabilities, many monitoring systems were unable to detect their presence.
Most organisations today are not prepared for these unknown threats - new classes of cyberattacks that have never been encountered before. Traditionally, anti-virus solutions rely on signatures to detect known threats. This approach is ineffective when an unknown threat hits, because the malware does not express any indicators that the solution can detect.
With the Internet of Things and BYOD adoption, the number of endpoints will continue to grow. This means that the attack surface for hackers is larger than ever before, hence it is crucial for enterprises to strengthen their endpoint defences, and employ new approaches such as behaviour-based security.
A behaviour-based security platform can continuously monitor all your endpoints, watching for suspicious, abnormal or malicious behaviour. The thousands of malware variants still rely on the same fundamental behaviours to do damage. As behaviour-based security does not rely on a fixed set of signature data, it is able to recognise polymorphic malware that alters its characteristics, or unknown malware that has not been seen before.