Look for the Right ML to Protect Your Endpoints
Avoid Legacy AV: Products that rely on legacy signature-based techniques alone, whether they use their own AV engine or OEM someone else’s, should be ruled out automatically, even if they claim to be “next-generation.” Those products provide the same incomplete malware protection as traditional signature-based engines.
ML engine location: If an ML is only in the cloud, the endpoint won’t be protected when offline, opening another gap in protection. Machine learning engine needs to reside on the endpoint itself to offer full protection.
ML Model Training: Not all machine learning models are created equal. A poorly-trained model will produce incorrect predictions, generate a flurry of false positives, and as a result, undermine protection efficiency. Our models are constantly trained to reduce false positives, so that our threat hunters are left handling investigations only where necessary - resulting in less false alerts to you.