Moving Target Defense Blog

For the first two decades of the internet age, from the early 1990s to the 2010s, high-quality antivirus software that blocked the most malware came at an appropriate premium. After all, the endpoint was—and still is—of the primary attack vectors for cyber threats, so it stands to reason that antivirus could charge a premium to secure your endpoint. 

Antivirus software is kind of the lock on a window: it keeps out the most basic sorts of intruders but provides little protection against someone willing to break the glass. The analogy is even more apt because, like window locks, antivirus software has become commoditized. When looking at the results from public tests like AV-Comparatives, it’s clear that for the most part, antivirus platforms block the same attacks. In light of this, it makes little sense to pay for third-party antivirus; especially for Windows systems where this functionality is free and embedded.

We recently introduced Morphisec Guard, a full endpoint protection platform designed to secure your enterprise against the worst cyberattacks. Guard is a single lightweight offering, including world-class antivirus, together with the market's most advanced protection against unknown zero-days, fileless attacks, exploits, and evasive malware.

The term “advanced persistent threats” describes the highly evolved nature of today’s cyberattacks. Hackers have developed sophisticated techniques – in-memory exploits, living-off-the-land attacks, remote access trojans, and more – that allow them to evade detection and attack in obscurity. However, as much as these techniques have changed over time, the underlying goal, or “tactic” as MITRE calls it in their ATT&CK framework, remains the same: stealing something valuable.

The term “new normal” means different things to different people. For some, the term is synonymous with a return to the office (just with a few tweaks), while others think that co-located teams are gone for good. The reality is probably somewhere in between. Household names like Google and Facebook are planning for a future where most of their employees work remotely most of the time. And where big tech goes, other organizations tend to follow.

In the ongoing war over cybersecurity, endpoints seemed like settled territory. After years of surrounding these vulnerable vectors with defensive technologies and company-wide IT hygiene best practices, it became easy to assume the endpoints were ironclad. Unfortunately, the latest generation of emerging threats handily circumvents and, in many cases, obliterates existing endpoint security defenses.