Objective
Detect changes as quickly as possible. Continuous detection as part of Endpoint Security should involve real-time monitoring of network topology, connections and traffic flow.
Mitigate threats across the cyber kill chain.
Detect changes that pose a potential threat to the organization's security.
Identify abnormal behavior and other indicators that reveal a malicious presence in the network.