Premier Tech XDR Frequently Asked Questions

An endpoint refers to any device or node that is connected to a network and can serve as a potential entry point for cyber threats. It is typically a user-operated device or a networked device that communicates with other systems or networks. Endpoints can include, but are not limited to:

• Desktop computers: Traditional computers, including PCs and Macs, that are used by employees.
• Laptops: Portable computers that can be carried and used in various locations.
• Servers: Computers or systems that provide services or resources to other devices on a network.
• Mobile devices: Smartphones, tablets, and other portable devices that connect to networks and run applications.
• Virtual machines: Software-based emulations of computers or operating systems running on a physical server or in a cloud environment.
• Cloud-based endpoints: Devices or instances hosted in cloud environments, including virtual desktops, cloud servers, or containers.

Endpoints play a crucial role in network communication and can be vulnerable to cyber threats such as malware infections, unauthorised access attempts, data breaches, or other malicious activities. Protecting endpoints is a critical aspect of cybersecurity to ensure the security and integrity of networks and systems.

A virus is a type of malicious software (malware) that is designed to replicate itself and infect other files or systems. It attaches itself to host files and spreads when those files are executed or opened. Viruses can cause various harmful effects on infected systems, such as corrupting files, disrupting system operations, stealing information, or even rendering the system unusable.

Malware, or malicious software, is a broader term that encompasses various types of harmful software designed to disrupt, damage, or gain unauthorised access to computer systems or networks. Malware includes viruses, but it also includes other types of malicious programs such as worms, trojans, ransomware, adware, and spyware.

Spyware, also known as grayware, is a type of malware that is designed to secretly gather information about a user’s activities, often without their knowledge or consent. It can monitor keystrokes, capture screenshots, record browsing habits, gather personal information, and transmit it to malicious actors. Spyware is often used for purposes such as identity theft, unauthorised surveillance, or targeted advertising.

Grayware is a broader category that includes potentially unwanted programs (PUPs) and other software that may not be explicitly malicious but exhibits intrusive or undesirable behaviour. This can include adware, browser hijackers, or software bundles that install additional unwanted programs without the user’s consent.

Both spyware and grayware are considered forms of unwanted and potentially harmful software that can compromise user privacy, security, and system performance. It is important to have robust security measures in place, such as antivirus software and regular system scans, to detect and remove viruses, malware, spyware, and grayware from your computer or network.

Web Reputation enhances protection against malicious websites. Web Reputation leverages Trend Micro’s extensive web security database to check the reputation of URLs that Clients are attempting to access or URLs embedded in email messages that are contacting websites.

Refers to the process of observing and analysing the actions and behaviour of software, applications, or systems to detect any abnormal or malicious activity. It involves monitoring various indicators and patterns of behaviour, such as file access, network communication, system changes, and process activities. behaviour monitoring helps identify potential threats that may not be detected by traditional signature-based antivirus solutions. By analysing the behaviour of programs or processes in real-time, behaviour monitoring can detect and mitigate the effects of malware, ransomware, or other malicious activities.

A security technique that involves the inspection and control of web addresses (URLs) accessed by users within a network. It works by filtering or blocking access to specific URLs based on predefined policies or categories. URL filtering can be used to prevent users from accessing malicious or inappropriate websites that may contain malware, phishing content, or explicit material, or violate the organisation’s security policies. It helps enforce web browsing security, protect against web-based threats, and ensure compliance with acceptable use policies.

A network virus, also known as a worm, is a type of malware that is specifically designed to spread across computer networks. Unlike traditional viruses that require user interaction or the execution of infected files to propagate, network viruses exploit network vulnerabilities to self-replicate and infect other devices or systems. Network viruses can spread rapidly, infecting multiple machines within a network or even across the internet. They can cause significant disruption, overload network resources, compromise sensitive information, or launch coordinated attacks on targeted systems. Network viruses often utilise network protocols, such as email, file sharing, or network services, to propagate and infect vulnerable systems. Implementing network security measures, such as firewalls, intrusion detection systems, and regular security updates, is essential to prevent the spread and impact of network viruses.