Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
Today’s businesses are spending more than ever before on cybersecurity solutions. But, all this spending is doing little to curtail the damage cybercrime is causing or to reduce companies’ vulnerability and risk. Worldwide spending on cybersecurity products and services exceeded $114 billion in 2018, and Gartner forecasts the market will grow at a vigorous 8.7% to reach $124 billion by the end of 2019. Yet, cybercrime is already estimated to cost global businesses more than $3 trillion per year, with annual losses predicted to increase to over $6 trillion by 2021. This makes it the fastest growing crime in the world, putting more money in criminals’ pockets than the global trade of all illegal drugs combined.
One thing is clear: what’s being done to protect businesses against cybercrime simply isn’t working. Leaders continue to rely on antiquated legacy tools and solutions. They continue to base decisions on outdated ways of thinking that are no longer adequate to secure today’s digitally transforming, borderless networks against tireless, well-resourced (often nation-state funded) attackers. Even the so-called “next gen” endpoint protection products fail to prevent 100% of attacks.
As long as we continue to evaluate systems and solutions with yesterday’s paradigms in mind, we can’t expect to turn the tide in the war against cybercrime. Instead, we need to adopt proactive approaches to security infrastructure design, to choosing technologies, and to endpoint protection.
Far too many decision-makers are still selecting cybersecurity technologies with legacy network architectures in mind. In the past, security gateways or firewalls were situated at the borders of a defined corporate network perimeter, and all traffic inside that perimeter was considered “trusted.” Employee desktop computers or workstations stayed behind in the office at the end of the workday and were accessible only to attackers who had breached the network or infiltrated the physical building itself.
Today’s information technology ecosystems are diverse and heterogeneous. Employees use mobile devices alongside their enterprise desktops, while those working from home access corporate resources via household wireless routers, and those working in the office check their personal email accounts on the company’s computers. Networks incorporate many combinations of devices in a wide array of disparate geographical locations. Their makeup is ever-changing as these devices connect and disconnect, and their shape amorphous.
We need security that can travel with data as it moves throughout this complex landscape. And, we need to shift our focus to securing endpoints, and especially end-user devices, since they’ve become the most attractive—and often, the softest—target for cybercriminals seeking to gain broader access to enterprise networks.
The earliest legacy endpoint protection platforms (EPP) detected malware using signature-based approaches. This means that they routinely scanned all files downloaded to or run on an endpoint device for those with hash values matching the signatures of known malware files. By design, none of these legacy solutions could stop 100% of malware. Each new threat had to be identified, cataloged, and added to the “known-malware” database before its signature could be detected. Any novel strain of malware in this system—no matter how dangerous—would be allowed to run, write to disk, and make changes to system files.
Criminals began bypassing signature-based anti-malware’s protections by packaging malicious software programs inside shape-shifting code. Polymorphic malware is designed to partially rewrite itself each time it executes so that subsequent iterations of the code won’t be recognized by signature-based detection methods. Experts say that as much as 94% of today’s malware is polymorphic in form.
To combat these more sophisticated threats, vendors now offer dynamic behavior-based endpoint protection solutions. These tools focus on detecting and investigating suspicious or malicious activities performed on endpoints so as to restrict malware from accessing the broader network. The file in question is allowed to execute, and if it attempts to perform an action that’s abnormal or unauthorized, like installing a rootkit or disabling a security control, it’s flagged as potentially malicious.
The problem with this approach is it remains reactive in nature. Once the file has been permitted to execute in the endpoint environment, it has been given the power to cause damage. And, today’s more sophisticated strains of malware are programmed to search for and bypass any behavior-based detection methods they find immediately upon execution. Or attackers may hide their malicious intentions in code that issues seemingly benign instructions initially while allowing them to return and install a backdoor to gain network access at a later time.
Even vendors advertising “advanced” or “next-gen” endpoint protection offerings cannot guarantee that they’ll stop all attacks. Though artificial intelligence- and machine learning-based approaches are gaining popularity, media attention, and market share, these technologies simply haven’t yet involved to the point of being foolproof. In rule-based approaches, algorithms are trained to look for file characteristics that are statistically similar to features of known malicious code. This takes time and requires large data sets. Meanwhile, attackers identify new targets, invent new tactics, and code new files every day—all while themselves using machine learning to identify vulnerabilities in systems and commercial software.
But given the scale and volume of today’s cyber attacks, all approaches that aren’t foolproof are doomed to eventual failure. And one single failure is all it takes for your environment to be compromised, your customers’ confidential data to be breached, your reputation to be damaged, and your costs and losses to skyrocket.
One thing legacy network architectures and legacy EPP solutions have in common is an over-reliance on trust. In today’s distributed and diverse computing environments, there’s no longer an “inside” zone that can be trusted. And with more than 350,000 new and unique malware files being detected daily, it’s not reasonable to assume that unknown files can be trusted to run on endpoint devices.
Implementing an advanced endpoint protection (AEP) platform that includes cloud-based analysis and verdict of every unknown file is essential for today’s digitally transforming businesses. As more and more core business processes move online, as increasing numbers of workloads move to the cloud, and as a wider variety of device types need to connect to your network, the attack surface will continue to expand. And as customers come to expect better—more seamless, more available, and more reliable—digital experiences from every business, the consequences of a breach will only grow more severe.
Advanced endpoint protection allows today’s businesses to move beyond trust and instead adopt a truly robust security posture. If you can prevent all unknown files from executing on your endpoints, and combine analysis techniques—examining signatures, whitelisting and blacklisting known safe/malicious files, performing AI-based static and dynamic behavioral analysis, and identifying fileless PowerShell and rootkit attacks—all without allowing potentially unsafe applications access to endpoint operating systems, you’ll have the strongest defenses available today. With those, you’ll have taken the critical steps needed to move beyond outdated security paradigms—and towards true protection from today’s complex and ever-evolving threats.
To learn more about how to evaluate endpoint protection platforms to find real value amidst the hype in today’s crowded cybersecurity market, download our guide, Everything You Wanted to Know About Endpoint Protection But Were Afraid to Ask, today.
Tags: Endpoint Protection,IT Security,cybersecurity
Reading Time: 4 minutes Increased dependency on computers and access to data makes an organization more vulnerable to cybersecurity threats. With the increase in cyber-criminals and cyber-attacks, many companies today are looking for greater protection of their decentralized computing work environments from their Managed Service Providers (MSPs). As a result, MSPs need to deliver firewall solutions that are designed…
Reading Time: 3 minutes Rapid technological growth and increasing digitalization in all aspects of life around the world have increased the value of ensuring cyber-security at all levels. This is increasingly true for EU member states and the organizations that are based in or operate from these countries. The number of cyber-attacks targeting EU member states has risen. The…
Reading Time: 3 minutes Disruptions are often unforeseen. This could be a catastrophic event like a hurricane, a fire, or an earthquake. Disruptions, however, can also come in other forms such as that of a pandemic. This means that a building doesn’t necessarily have to be demolished or lives have to be lost for an unforeseen event to completely…
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
See how your organization scores against cybersecurity threats