Legacy signature-based threat detection, which has been in use for endpoint protection since the 1980s, is no longer enough to protect organisations against an onslaught of new and evolving threats.
This is according to Jason Oehley, Regional Sales Manager at Arctic Wolf Networks, and Andy Brand, Principal Sales Engineer at Arctic Wolf, who were speaking during a webinar hosted by Arctic Wolf in partnership with ITWeb.
Oehley said: “A challenge we see in the local market is the number of organisations that don’t even have an endpoint detection and response (EDR) solution or endpoint protection platform (EPP) in place: they depend on traditional anti-virus. But endpoint protection is an extremely important piece of the puzzle of broader security.”
In a poll of webinar attendees, 65% said they employed EDR tools in their environments, while 25% did not and 8% did not know.
Oehley noted: “South Africa is currently a very soft target when it comes to attacks. We have a mindset that 60% security is good enough, but it’s not. We really need to become more aggressive and proactive about protecting our environments.”
Brand said similar patterns were seen around the world: “Traditional security won't protect you. We see more attacks every day – one every 39 seconds. In 2024, cyber crime cost the world $16.6 trillion, and may cost as much as $20 trillion this year. If global businesses were incorporating the right solutions, this number would be going down.”
Brand also said attackers were targeting smaller companies. “We see 350% more attacks on companies with under 100 employees than we see against larger enterprises,” he said. “South Africa alone suffers 2 113 cyber attacks per week, and the top threats for SMEs are ransomware and weak endpoint security.”
Brand said legacy endpoint protection did not defend against fast-changing threats. “We are using technologies from the 1980s to protect ourselves – 95% of AV or EPPs still use signatures to identify malicious files. The speed and enormity of the threats we are seeing now means we need to employ new technologies using AI."
Brand demonstrated Aurora Endpoint Defense, which analyses the common features in a single file and, based on commonalities, identifies it as malicious or not.
Combining the power of AI in EPP and EDR, Aurora Endpoint Defense offers threat prevention, exploit prevention, script control, appliance control and device control, with AI-driven threat detection, Alpha-AI SOC assistant, automated incident response, remote investigation and containment, threat hunting and forensic data collection.
An independent Tolly test report found that Aurora Endpoint Security demonstrated exceptional threat detection capabilities, successfully identifying and quarantining100% of the 1 000 malware samples. It also found that Arctic Wolf's use of CPU resources during the test was minimal.
Brand said: “Aurora Endpoint Defense has very high detection rates, is a lightweight agent that uses low system resources, and has offline capabilities, with no need for constant scans and updates. It supports legacy operating systems such as Windows XP and Windows Server 2003+. It alleviates the guess-work related to building, fine-tuning and mapping EDR rules to the MITRE ATT&CK Framework.
“Our premise is to prevent threats before they have a chance to execute. We use predictive AI without a need for signatures, and we have market-leading 99.5% efficacy rates and a high net promoter score. With Aurora Endpoint Defense, we are years ahead of the market,” he concluded.
Arctic Wolf offers the best cost to performance ratio in the industry. Reach out to Helen.Raine@arcticwolf.com to find out more.
Share