“There has been an increase in the amount of vulnerabilities discovered and reported in non-Windows platforms and in general malware and threat campaigns,” said Tanmay Ganacharya, director of Security Research Partners at Microsoft. “This is due to a variety of reasons, including the increasing popularity of mobile devices, the ease with which malware can be created and distributed, as well as the growing number of attacks that are using exploits from known vulnerabilities.”
According to the MITER statistics, Windows was the target of choice for attackers in 2017, but other systems saw a sharp rise in the number of flaws discovered. ..
Windows protections have gotten better and better over the last few years, so now the easy goal is not Windows endpoints, but some of the other endpoints that people assume are secure.
BYOD policies have made the corporate network more diverse, and devices that previously could only connect to the corporate network are now available on the Internet. Attackers are also now targeting credentials and identities, not just trying to compromise endpoints. ..
An attacker could gain access to a network by logging in even if they don’t have the correct credentials, according to the security expert.
A comprehensive security strategy that includes end-to-end protection is essential to maintaining a safe and secure network. By taking a holistic approach, organizations can identify and address vulnerabilities at every stage of the attack lifecycle, from initial reconnaissance to final execution. ..
Endpoint security is just one part of a comprehensive network security strategy. You need to detect and prevent attacks before they happen, as well as respond quickly if they do. ..
When modeling network threats, you have to think about everything that is running software and code on your network and then plan,” says Ganacharya. “How do you identify these devices? How are you going to secure them? How are you handling alerts from all kinds of devices? Do you have a handbook for responding to alerts? If threats are detected without protection, how do you follow up or respond when alerted?”