Zero Trust on Endpoints — Securing Visibility

We learned about the basic concept of Zero Trust in the previous blog post. In this article, I’d like to continue to address Zero Trust, but more specifically Zero Trust on Endpoints. Before we start, I would like to thank you for the favorable reviews on my previous post. It encourages me to continue to write more blogs with the content that resonates with the readers.

To most people, cyber security might sound difficult, but actually its concept is not difficult to understand although coming up with true solutions can be difficult. But if you understand the flow of how cybercrime and hacking occur, and what efforts are needed to solve them, then even solutions could be naturally created.

Today, we’re going to introduce Endpoint security products that have been recently developed as cyber security solutions. They are still in the early stages of being widely utilized in the market, but have huge potential for growth moving forward.

An Endpoint literally refers to any device that is physically an end point on a network such as laptops, desktops, mobile phones, tablets, servers, and even virtual environments can all be considered Endpoints.

Another term used frequently in Endpoint security is Vaccine. What comes to your mind when you think of a Vaccine? The COVID-19 vaccine might come to your mind first due to the recent disastrous global pandemic. In the computer field, Vaccine is the program that detects, blocks, isolates, and treats the malware. It is an IT term that directly parallels the medical term. In fact, a computer vaccine is often also called antivirus software, with a virus being a type of malware. Thus, anti-malware software might be a more proper term, but it is a cumbersome term and many people might not understand it. Interestingly, there are many other terms used in cybersecurity that come from other fields that also directly relate to their usual meaning. For example, some terms come from military terms such as kill-chain, quarantine, data exfiltration, lateral movement, etc.

By the way, I explain the term, vaccine here because it is not feasible to explain Endpoint security products without it. Now, with this background knowledge of the terms used in Endpoint security, let’s think about how ‘Visibility’, mentioned in the previous blog post has anything to do with implementing the principle of Zero Trust on Endpoints.

Visibility alone means showing everything without hiding anything. However, in the context of implementing Zero Trust principle on Endpoints, the ‘Visibility must be secured with all traffic being monitored. Visibility is needed because you can know how to address cybersecurity issues only if you are able to see things happening on Endpoints and thus, in this way, the concept of securing Visibility fits in the concept of Zero Trust.

As previously mentioned, the Endpoint is the user interface such as a PC or tablet. It usually accesses the internal network through one-step authentication. In many cases, it also acts with near full authority and no further authentication is made. But how can you trust it?

I recall one example of a company where a major hacking incident occurred by a third-party contractor. He accessed the internal network that was protected by only a simple one step authentication with no further authentication or monitoring mechanism in place and was able to wreck considerable damage. As you can see in this case, to efficiently avoid security threats, even internal threats, it’s necessary to keep monitoring the behavior of the Endpoint and responding to suspicious behaviors even after access to the network was made. Do not trust anybody! This fits the principle of Zero Trust.

The Endpoint security product needed today is called ‘Endpoint Detection and Response (EDR)’. This product records the activities that occur on Endpoints and responds to hacking attacks. It is more powerful and more effective than a vaccine alone, that can only respond to known malware and cannot act against the unknown malware. However, it doesn’t mean that a vaccine is not also necessary! It just means that vaccines alone can’t provide effective Endpoint security!

EDR is a solution to monitor, detect and respond to suspicious behaviors on Endpoints. I will explain EDR more in detail in the next blog post, but in short, there are a wide variety of suspicious behaviors possible on Endpoints that need to be guarded against. They include unknown external access to the Internet when a program runs on a PC, intentional destruction of the system by malware, attacks against the server or PC in the internal network, etc.

Meanwhile, please feel free to leave comments if you have any questions! I will continue trying to explain Cyber Security in a way that everyone can understand.




I have served as CEO of NPCore, Inc. from November 2008 to the present with an extensive career of more than 20 years in the cybersecurity industry.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} Cheerleader Champion: Win Gold Hack Free Resources Generator

Stopping Ransomware and Cyberattacks

Oasis 101: a platform for DeFi and a data economy

Web Authentication, BankID, and the death of passwords

World’s Greatest Hacker on Taking Over a Cellphone, Airplane, Tesla Automobile & more

Announcing 50K Weekly $ZONE Tokens Airdrop For AFK Elephants NFT Holders

5 Ways To Keep Your Computer Safe And Secure From Viruses And Hackers


Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Han Solo

Han Solo

I have served as CEO of NPCore, Inc. from November 2008 to the present with an extensive career of more than 20 years in the cybersecurity industry.

More from Medium

The wave of digital transformation has been active for almost two decades with elevated…

Tales from Fleet security: securing the startup

Screenshot of Fleet policies showing multiple policies being checked on Fleet-owned computers

The Future of the Operating Room is Affordable

Model T, automobile built by the Ford Motor Company from 1908 until 1927. Conceived by Henry Ford as practical, affordable transportation for the common man, it quickly became prized for its low cost, durability, versatility, and ease of maintenance. (

Sodioum, with an “O”