Defense & Operations
EPP (Endpoint Protection Platform)
Also known as: Endpoint Protection Platform, Next-Gen Antivirus, NGAV
Definition
A preventive endpoint security suite that combines antivirus, anti-malware, host firewall and exploit protection to block threats before they execute on a device.
Examples
- Microsoft Defender Antivirus blocking a malicious .docm macro using ML-based behavior monitoring.
- An EPP enforcing a USB device-control policy that prevents users from mounting unknown removable storage.
Related terms
EDR (Endpoint Detection and Response)
An endpoint security technology that continuously records process, file, registry and network activity to detect, investigate and respond to threats on hosts.
XDR (Extended Detection and Response)
A security platform that unifies telemetry from endpoint, network, identity, email and cloud sensors to deliver correlated detections and integrated response actions.
System Hardening
Reducing the attack surface of a system by removing unnecessary features, tightening configurations, and enforcing secure defaults.
Preventive Controls
Controls designed to stop a security event from occurring in the first place by removing the opportunity or capability to act.
Security Controls
Safeguards or countermeasures — technical, administrative, or physical — used to prevent, detect, or respond to threats against information assets.
Patch Management
The end-to-end process of identifying, testing, deploying, and verifying software updates that fix vulnerabilities or bugs.