Endpoint Security

Security+ 🏆 • Security Operations 🛡️ • Difficulty: free

Definition

Endpoint security is the set of controls used to protect end-user devices such as laptops, desktops, servers, and mobile devices from compromise. It focuses on preventing attacks, detecting suspicious activity, limiting damage when something goes wrong, and helping security teams respond quickly.

Examples

A company deploys EDR on laptops to detect malicious behavior, isolate infected devices, and support investigations.
An organization uses full disk encryption and Secure Boot so stolen laptops are harder to tamper with or access offline.

Discover 🔎

Endpoints are where people work and where attackers often start. A single compromised laptop can become the entry point to email, cloud services, internal applications, and sensitive data. Endpoint security exists because endpoints are exposed to everyday risk: phishing links, malicious downloads, untrusted USB devices, and unsafe configurations.

A strong endpoint program is not just about antivirus. It is about making endpoints hard to compromise, limiting what an attacker can do if compromise happens, and giving defenders the visibility to respond before the incident spreads.

Remember: Endpoints are high-value targets because they combine user access, credentials, and network reach in one place.

Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.