Skip to main content

Next Generation Endpoint Protection - CIS Control 8, Malware Defense Effectiveness, Performance Metrics and False Positive Rates

The Center for Internet Security (CIS) Critical Security Controls v6.1 is comprised of battle tested and prioritized security controls that significantly reduce the risk to businesses from cyber breach. Endpoint security is the primary objective of Control eight, Malware Defenses which will be analyzed in this study. (Manage Cybersecurity Risk with the CIS Controls). This paper details a handful of real-world testing scenarios to determine which Next Generation Endpoint Security (NGES) products have the greatest effectiveness in blocking file based malware from executing, including freshly minted zero-day variants that have been repacked so they have unique hashes. In addition to measuring efficacy in blocking malware, this paper includes a secondary scope to examine the system resource consumption introduced by these products to give the reader a better understanding of the business impact these products have on the overall end-user experience. A tertiary scope analyzes the false positive rate of NGES with respect to common administrative tools used regularly by IT practitioners on the Microsoft Windows 10 Enterprise and Windows 2012 R2 Server platforms.

Download file

37830 (PDF, 4.37MB)

20 Jun 2017
ByDean Sapp
Share
All papers are copyrighted

No re-posting of papers is permitted

Related Content

Securing the Web: Shortening TLS Certificate Lifespans for Enhanced Security

Research Paper

Google has proposed changing the maximum validity period of TLS certificates from 398 to 90 days....

  • 5 Dec 2024

Security, Cost, and Compliance in the Cloud for Medical Nonprofits

Research Paper

Most Nonprofit Organizations (NPOs) are founded to serve or provide assistance to a neglected facet...

  • 5 Dec 2024

Lack of Intentionality: Honeypots Show Us Wandering Drones

Research Paper

Many honeypot studies focus on the trends, sources, and motivations behind recorded attacks. For...

  • 9 Oct 2024

Securing the Future: How Memory-Safe Programming Languages Impact Industry Safety

Research Paper

This study aims to empirically evaluate whether programming languages designed with inherent memory...

  • 20 Aug 2024

Whacking Moles: Blocklists and Their Role in the Endless Cycle of Malicious Domain Registration

Research Paper

Filtering out the evildoers on the Internet is an endless and often unavailing task. With millions...

  • 7 Feb 2024

Establishing Confidence in Software Bill of Material (SBOM) Vulnerability Analysis

Research Paper

When inquiring with IT professionals today, be they system administrators or cybersecurity experts,...

  • 8 Dec 2023

Detecting Rogue Ethernet Switches Using Layer 1 Techniques

Research Paper

Ethernet is a ubiquitous standard for local area networks (LAN) and commonly used in other networks....

  • 29 Nov 2023

NTP Over IPv6: A New Look at an Old Protocol

Research Paper

The Network Time Protocol (NTP), described in RFC 5905, is an important and often hidden component...

  • 31 Aug 2023

Defeat the Dread of Adopting DMARC: Protect Domains from Unauthorized Email

Research Paper

Many large organizations do not implement Domain-based Message Authentication, Reporting, and...

  • 11 Nov 2020

Defense in Depth for a Small Office/Home Office

Research Paper

Much attention is given to enterprise security with expensive solutions and teams of both IT and...

  • 18 Dec 2019

Security Considerations for Voice over Wi-Fi (VoWiFi) Systems

Research Paper

As the world pivots from Public Switched Telephony Networks (PSTN) to Voice over Internet Protocol...

  • 30 Apr 2019

Cyber Threats to the Bioengineering Supply Chain

Research Paper

Biotechnology and pharmaceutical companies rely on the sequencing of DNA to conduct research,...

  • 12 Feb 2019

Cyber Defense Challenges from the Small and Medium-Sized Business Perspective

Research Paper

With 5.7 million SMBs in the United States, it is essential that the risks involving cybersecurity...

  • 17 Nov 2017

Threat Rigidity in Cybersecurity

Research Paper

Fear Uncertainty and Doubt (FUD) works as an influence strategy by amateur cybersecurity...

  • 3 Nov 2017

Botnet Resiliency via Private Blockchains

Research Paper

Criminals operating botnets are persistently in an arms race with network security engineers and law...

  • 22 Sep 2017

Hardening BYOD: Implementing Critical Security Control 3 in a Bring Your Own Device (BYOD) Architecture

Research Paper

The increasing prevalence of Bring Your Own Device (BYOD) architecture poses many challenges to...

  • 22 Sep 2017

ComBAT Phishing with Email Automation

Research Paper

An analysis of organizations' email reporting processes reveals two challenges facing cyber security...

  • 15 Sep 2017

Show Me the Money! From Finding to Fixed to Funded

Research Paper

Corporations both large and small, whether public or private, can always benefit from an information...

  • 24 Apr 2017

Building and Maintaining a Denial of Service Defense for Businesses

Research Paper

Distributed Denial of Service (DDoS) attacks have been around for decades but still cause problems...

  • 25 Jan 2017

Leveraging the Asset Inventory Database

Research Paper

A well maintained Asset Inventory Database can aid in building a more comprehensive security program...

  • 4 Jan 2017