EPP is the most common and effective malware prevention approach and accepted as a basic security hygiene for all organizations. Mass spread threats (such as WannaCry and NotPetya) may cause great damage to business operations and infrastructure. A properly configured and maintained EPP product can significantly reduce the attack surface, ransomware, and other threat risks.
3rd gen:
A centrally managed EPP with audited and optimized settings
Standard hardware, secure OS, and apps
Minimum authorization management
Removable media management
Reduction of security abuses with reporting and central management for vulnerabilities and patches
4th gen:
Using EDR with EPP, which uses modern inspection methods such as ML
Using behavioral analysis which inspects and prevents malware
Memory protection capabilities
Using server-side HIPS, FIM, virtual patch management and micro-segmentation
5th gen:
Application control and inspection
Isolation of risky processes and prevention of affecting other processes by encapsulation
Using deception technologies
Advanced endpoint behavioral analysis, breach detection and intervention
