The field of computer security has become increasingly important in today's society. The Internet has enabled interconnection of different computer networks all over the world. This interconnection capability has presented many opportunities for malicious operators to exploit these networks and infect endpoints of network environments with malicious software (also referred to herein as ‘malware’). Malware can be configured to perform any number of malicious actions on an endpoint including, but not limited to, sending out spam or malicious emails from an endpoint, stealing sensitive information from a business or individual associated with the endpoint, propagating to other endpoints, assisting with distributed denial of service attacks, and/or targeting certain regions of a storage disk in order to gain unauthorized control of an endpoint and its resources.
In addition to outsider threats, endpoints in a network environment can also be subjected to insider threats. Authorized individuals, for example, may intentionally or unintentionally cause harm within a network environment. Examples include, but are not limited to, using an endpoint to perform unauthorized activities such as copying, transmitting, or otherwise accessing sensitive data. Additionally, some network environments (e.g., large enterprise networks) may contain many thousands of endpoints, which can significantly increase the risk of at least some endpoints being compromised. Thus, the ability to effectively protect and maintain stable computers and systems continues to present significant challenges for component manufacturers, system designers, and network operators.