For any organization, an effective security posture is based around the concept of defense in depth. Multiple layers of defense should be implemented to ensure security even if one layer should fail. Relating to endpoint systems, an Endpoint Protection Platform is often seen as consisting of one of more base defensive layers. Automated preventions can be executed based on a detection engine, such as one powered by machine learning. A second layer of prevention within an EPP could then be based on customized prevention polices to eliminate the risk of unwanted executions that may go undetected by the automated layer. In this way, an effective EPP could prevent the bulk of endpoint threats, freeing security analysts to then conduct threat hunting exercises and respond to more advanced threats via an Endpoint Detection and Response solution.