Mention endpoint security to an infosec professional and he or she will likely think of antivirus software, vulnerability scanning, and patch management. These three areas have made up the essence of endpoint security since organizations first connected to the Internet. Antivirus software, vulnerability scanning, and patch management remained relatively effective at detecting and blocking routine malware like viruses and Internet worms from the mid-1990s through the early 2000s.