After the infection has been analyzed with the aforementioned remediation and response tools, and once the cause of the infection has been identified, the administrator will have to adjust the company's security policies to prevent any such situation from occurring again.
The Adaptation phase may result in a large number of initiatives depending on the results obtained through the forensic analysis: from employee training courses on appropriate Internet use, to reconfiguration of corporate routers or user permissions on their personal computers.
Adaptive Defense can be used to strengthen endpoint security:
If the company's users tend to always use the same software, but there are users who install programs from dubious sources, a possible solution to reduce the risk posed by those users is to implement the Lock mode provided by the advanced protection. This will minimize malware exposure on top risk computers, preventing installation of illegitimate programs.
This will establish measures to limit communication between computers and protect them from network attacks.
Related topics