Teknologize CEO, Byron Martin, and CTO, Dan Morgan sat down to discuss the difference between antivirus software and endpoint security.
What is Antivirus Software?
Antivirus software, is a computer program used to prevent, detect, and remove software viruses, and other malicious software like worms, trojans, adware, and more on individual devices such as a laptop or computer.
What is Endpoint Security?
Endpoint Security, also known as, advanced endpoint protection protects systems from file, fileless, script-based and zero-day threats by using machine-learning or behavioral analysis across an entire network as a whole including the endpoints (devices used to access the network).
Every endpoint connected to the Internet faces 1.5 attacks per minute.
What's the Difference Between Antivirus and Endpoint Security?
Byron Martin: What's the difference between antivirus and advanced endpoint protection?
Dan Morgan: So anti-virus is going to be more about caring about the files on the computer. Is this file you downloaded, is this temporary file that's in your cash, are these known bad files?
Byron Martin: Okay.
Dan Morgan: Endpoint protection is more about protecting the entire computer.
Now it doesn't care just about the files, it cares about how is this process this windows process that's more of a conhost , right? Every malware under the sun, I think runs as conhost , so endpoint protection takes it a bit further.
It goes in and it says, hey this process is doing something that we don't really like, let's stop it. Let's say no, process conhost.exe you can't do that, you know, maybe it'll be a false positive but chances are that analysis is going to prove that it might've been a malicious intent and it also does a lot more and that's why it does a lot better at lessening those tar have factors.
It sees a file being encrypted in the windows operating system by an unknown process that doesn't typically encrypt files and it throws up red flags it stops the process in its tracks.
So, it really can help alleviate some of the risk that comes with using a computer on the internet. But it has functionality, right? We're talking about just the antivirus or the anti-malware component of it. The other functionality that an end point production has is kind of that USB drive functionality.
You can disable or enable USB drives if you don't want your employees using or you know, whomever using a USB hard disc you can turn that off.
You can make it, so they only are allowed to use HID devices, human interfaces, keyboards, mice, stuff like that, that kind of thing.
Byron Martin: It definitely sounds like it's significantly more advanced. Two things I pulled out of it is that it watches for behavior versus just comparing files to known bad files. It watches more behavior and analyzes that, but then it has a couple other things that it will do.
Like you said, block USB ports and things where you can add additional security layers and things like that.
Dan Morgan: Yeah exactly, I mean, it's the behavioral analysis it's really the important part that's what's in the new next gen, if you will antivirus.
See the entire discussion and the test results of several antivirus software programs to see how well they did against live Ransomware.
If you’re interested in learning more about Endpoint Security for your organization call 509-396-6640 or Contact us for more information!
Teknologize has offices located in the Tri-Cities, Washington, 509-396-6640 and Bend, Oregon 541.848.6072.