Gartner Magic Quadrant 2018: Endpoint Protection Security Platforms
Welcome to page four of five for the next five companies in the 2018 Magic Quadrant for Endpoint Protection Security Platforms … and their implications for MSSPs.
- Quadrant: Visionaries
- Gartner says: Microsoft is unique in the EPP space, as it is the only vendor with the capacity to embed protection features directly into the OS. It has used this advantage to step up its efforts in security with Windows 10 features, improvements to Windows Defender (also known as System Center Endpoint Protection), the addition of Windows Defender Advanced Threat Protection and Windows Defender Security Center. Microsoft has become the most-asked-about vendor during EPP-related Gartner client inquiry calls, and there is significant interest in using the security capabilities in Windows 10 to reduce security spend with other vendors.
- MSSP Alert says: Cybersecurity was a major focus area at the Microsoft Ignite 2017 partner conference. It’s a safe bet the cybersecurity emphasis will continue. The good and bad news: Microsoft is obsessed with safeguarding Windows, Office 365 and Azure. But overall, MSSPs may be seeking a more holistic approach to security that isn’t so Microsoft-centric.
- Quadrant: Niche players
- Gartner says: Palo Alto Networks is still best-known to Gartner clients for its next-generation firewall (NGFW) product line, and this continues to be the main line of introduction to Palo Alto Networks Traps for Gartner clients. Traps uses a stack of nonsignature detection capabilities, such as ML, static and dynamic analysis, as well as monitoring processes and applications as they are spawned for suspicious activity and events. Suspect files from the endpoint can be tested by Palo Alto Networks WildFire, its cloud- based threat analysis and malware sandboxing platform, which is included with a Traps subscription. Palo Alto Networks acquired LightCyber in 2017; its behavioral-based analytics technology provides automated detection of suspicious user and entity activity indicative of malware. Traps without LightCyber currently offers limited EDR capabilities, which impacts its execution and vision evaluation in this assessment.
- MSSP Alert says: Don’t overlook Palo Alto’s very strong channel leadership team. Plus, the company is attracting strong attention from next-generation MSPs like 2nd Watch.
- Quadrant: Visionaries
- Gartner says: Panda Security’s unique value proposition is the classification or attestation of every single executable file and process on a protected endpoint device, and it is the only vendor to include a managed threat hunting service in the base purchase of its EPP. Adaptive Defense 360 is fully cloud managed, and combines EPP and EDR into a single offering and single agent. Organizations without experienced security staff will find Panda Security a good shortlist candidate for an EPP solution, as will organizations considering managed detection and response solutions that are prepared to replace their incumbent EPP vendor.
- MSSP Alert says: Panda has longstanding relationships with MSPs in the SMB sector. Enterprise-class relationships also have emerged — including Panda’s growing relationship with Deloitte, a Top 100 MSSP for 2017.
- Quadrant: Visionaries
- Gartner says: SentinelOne a part of the new wave of EPP solution providers that have experienced fast growth over the past few years. The cloud-based solution is designed around fully embedded EDR and behavioral protection. SentinelOne was one of the first vendors to offer a ransomware protection guarantee based on its behavioral detection and file journaling features. In 2017, SentinelOne struggled to maintain its mind share and share-of-voice in a crowded market, which impacts the marketing-related assessment criteria across both vision and execution. However, the vendor continued to sign on a broad range of partners and resellers. SentinelOne is a good prospect to replace or augment existing EPP solutions for any organization looking for a solution with strong protection and visibility.
- MSSP Alert says: Key MSSP partners include Carvir. Recent relationships include a firewall integration with SonicWall, the pure channel company. A Vigilance security monitoring service partners surfaced in September 2017.
- Quadrant: Leaders
- Gartner says: In March 2017, Sophos acquired Invincea — a Visionary vendor in the 2017 Magic Quadrant for Endpoint Protection Platforms — giving Sophos access to its deep learning ML algorithms. The Sophos Intercept X product, designed to protect against and recover from the malicious actions related to ransomware and exploits, proved popular with both existing Sophos Endpoint Protection customers and as an augmentation to an incumbent EPP. This momentum continued its increased brand awareness in the enterprise space. Also included in the Intercept X purchase are Sophos’ EDR-like capabilities — called Root Cause Analysis — and the ML malware detection technology from the acquisition of Invincea was added in late 2017.
- MSSP Alert says: Sophos has one of the most advanced dashboards for MSPs and MSSPs that need to manage security across multiple customer sets. The company’s partner program is widely respected across the IT channel.
Continue to page five of five for the next five companies in the 2018 Magic Quadrant for Endpoint Protection Security Platforms … and their implications for MSSPs.