The most promising weapon in the endpoint security arsenal is machine learning with its ability to quickly learn, make instant decisions, and enable rapid response to prevent threats rather than dealing with them during execution or after the fact. One of the main advantages of machine learning is that it can capture minor deviations in an executable in a way that signature based approaches cannot. As with any new approach, vendors have been quick to jump on the bandwagon and claim the benefits of machine learning for their products.
With all the buzz in the market, it’s important to understand the role machine learning can and should play, and how to separate hype from reality in effectively preventing malware.