A Systematic Review on the Evolution, Challenges, and Future Trajectories of Endpoint Security: Integrating Zero Trust and Federated Learning Perspectives

Abstract

As cyber threats evolve in complexity and frequency, endpoint security has transformed from simple antivirus solutions into comprehensive frameworks incorporating artificial intelligence, real-time behavioral analytics, and cloud-based telemetry integration. This paper presents a systematic review of the technological evolution and present challenges of endpoint security, covering the transition from signature-based antivirus software to modern systems such as Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), Managed Detection and Response (MDR), and Network Detection and Response (NDR). Through a longitudinal timeline and thematic synthesis of recent developments, we analyze how endpoint protection technologies have adapted to address growing threats such as zero-day exploits, ransomware-as-a-service, and Internet of Things (IoT) vulnerabilities. Our findings reveal that while next-generation endpoint security solutions offer robust capabilities, they remain constrained by implementation complexity, data privacy regulations, and device interoperability. This study distinctively contributes to the literature by presenting a conceptual framework for integrating Zero Trust and Federated Learning principles into future endpoint defense strategies and by identifying critical, previously under-detailed research challenges associated with this integration. The paper concludes by discussing the importance of these integrations for creating scalable, privacy-preserving, and globally coordinated endpoint defense strategies.