The endpoint security market is quite dynamic right now, with lots of new entrants, and ongoing innovation for improving threat detection and response. In the midst of all this market energy we are very pleased to be named a Leader in Gartner’s 2018 Magic Quadrant for Endpoint Protection Platforms (EPP)1. Three vendors were named to the Leaders quadrant, down from 4 last year. At the risk of aging us, we have been recognized as a leader since this this Magic Quadrant started back in 2002 (first called Enterprise Antivirus).
Since the early days of the Gartner Magic Quadrant for this category, there have been successive waves of innovation. Back in 2002, integrated firewalls captured the market’s and Gartner’s attention. Over the years’ we’ve seen technologies such as full disk encryption, behavioral detection, application control, and more recently machine learning as effective new ways to protect endpoints, detect threats and give security teams peace of mind. Trend Micro has consistently been part of these innovation waves and we’re excited there are lots more to come.
It’s clear that this year, the market is excited about Endpoint Detection & Response (EDR). There are two main drivers for this, and we are strongly committed to delivering effective solutions in both areas:
Better detection & automated response:
EDR’s investigative capabilities are useful, but the only way it is manageable is if automated threat detection is effective and accurate, followed by rapid automated neutralization (quarantine, isolation, rollback of damaged files, etc.). Trend Micro has a powerful capability set here that we’ve built into our core EPP agentt, including behavioral detection methods and two powerful machine learning engines (one at pre-execution time, and one working at runtime to help spot stealthier ransomware and file-less threats). Very few other vendors are using machine learning for runtime detection — so far! We are obsessed with our effectiveness. In the last two years, Trend Micro has detected and intercepted 1.7 billion ransomware threats2 using its cross-generational blend of techniques. And we consistently perform well in independent third party testing.
After successful detection & response, after a missed detection, or for hunting purposes, EDR’s investigative capabilities can bring a lot of value. Trend Micro Endpoint Sensor delivers strong investigative capabilities to complement the detection & response functionality of our core EPP solution. (And, we’ll be packaging the investigative features into the EPP agent during 2018 to simplify deployment).
The downside of EDR’s investigative capability is that it typically requires an analyst with specialized skills to operate it from day to day. Many organizations don’t have the resources to staff these positions, so we expect a strong future for Managed Detection & Response (MDR) where the investigation & hunting skills can be delivered via SaaS offering.
We’re committed to continuing to work hard for our global customer base, delivering effective threat detection & response, and investigation capability that fits our customers’ requirements. And we know that to earn our position in the Leaders’ Quadrant, we need to continue executing well on our product quality and service delivery.
There is always noise in the market, and the last couple of years have been especially deafening, with new VC investments in the industry, and ransomware being driven by a viable business model. Enterprises face a huge challenge when trying to assess solutions, with many vendors’ marketing all sounding the same. Gartner’s framework and analysis helps sort through some of this noise. What else can customers use to help frame their decisions? Two words: independent testing. While it’s great for vendors to talk about cutting-edge techniques, at the end of the day enterprises want to know if the techniques actually work. Trend Micro strongly supports steady improvements to the transparency and methodology of independent third-party testing. We urge the vendor community and customers to continue investing in testing approaches that address the #1 customer pain: threat detection.