Where are the threat actors in your infrastructure? How did they get in? What did they take? Who are they? How do we get them out? How do we prevent them from getting back in?
In order to answer these questions, you need several capabilities on the endpoint. Endpoint security helps improve your ability to prevent the initial compromise, to detect the compromise once it occurs, to contain the compromise so that it doesn't spread, and then to investigate the compromise to understand what the threat actors did once they breached your infrastructure.
Threat actors craft their attacks to subvert your anti-virus and anti-malware. This allows threat actors to "live off the land," avoiding detection and operating discreetly in the network.
In this video about endpoint security, SecureWorks CTO Jon R. Ramsey gives an IT Executive's perspective on how threat actors are crafting attacks that subvert anti-virus and anti-malware and go straight for the endpoint. This is why having more visibility into your endpoints is essential to detecting and preventing future intrusions.