Given the current context, a “defence in depth” strategy is important and organisations should prepare adequately. This includes many aspects like suitable policies and procedures, end-user training (awareness), vulnerability management processes, good configuration management, (local) firewalls, Web application protections, Security Information and Event Management (SIEM) systems, Intrusion Detection Systems (IDS), proper network segmentation, mobile device management…and all of those should be tailored to your organisation and take the architectural design into account such as cloud usage, “Bring your own device” strategy, etc.
Deploying and managing Antivirus, EDR (endpoint detect and respond) and even XDR (extended end-point detection and response) are part of the solution required to achieve this goal.
This document provides guidance on generic, pragmatic and generic technical criteria and some relevant references for Antivirus, EDR and XDR security solutions.