Endpoint security is an approach to the protection of computer networks that are remotely bridged to client devices. It monitors the connection of laptops, tablets, mobile phones and other wireless devices to corporate networks creates attack playbooks for security threats.

Endpoint security is usually run by a software that helps monitor and track activity on all endpoint devices connected to a network. One of the more common types of SOC automation is via SOAR (security orchestration automation and response). Popular endpoint security vendors include SentinelOne, CrowdStrike and Cylance.