CISO MAG - Free Issues Endpoint Security Powerlist | Page 40

COVER
STORY
BUZZ
Executive Summary
40
Enterprises
have
been
using
endpoint security solutions for years.
BYOD has exponentially increased
the number of endpoints thereby
broadening the threat landscape.
Today, the typical organization
has hundreds if not thousands of
endpoints: desktops, workstations,
laptops, mobile phones, tablets,
access points, printers, IP-cams, USB
devices, credit card readers, POS
devices, servers, cloud VMs, and
virtual desktops. The addition of IoT
devices will increase the number of
endpoints even more. Traditional
anti-malware, signature-based, and
file-scanning solutions will not be
able to keep up and manage all those
endpoints.
New solutions capable of advanced
forensic capabilities, as well as
managed services for threat hunting
and
neutralization, are
sorely
needed. Modern endpoint security
solutions must give an organization
complete visibility to all its endpoints
and enable it to monitor and manage
the endpoints on their networks.
Endpoint security solutions must be
able to prevent, detect, block, and
remediate all threats to endpoint
computing devices.
Mordor Intelligence estimates the
endpoint detection and response
(EDR) market will grow to US$
3,443.64 million by 2024, growing at
a CAGR of 22.97 percent, between
2019 and 2024.
CISO MAG | November 2019
Vo l u m e 3
We observe both traditional security
solutions providers and new players
moving to meet this demand. Not
long ago, the market was split into
two camps: EPP (Endpoint Protection
Platforms) and EDR (Endpoint
Detection and Response). Traditional
players have been offering EPP
whereas new players are offering
EDR. However, the line between
traditional and new is blurring, with
most vendors offering both solutions
today due to customer demand. EPP
vendors are now adding modern EDR
capabilities.
EPP is the older approach that
uses anti-malware scanning based
on signatures in a database. The
signatures database needs to be
regularly updated as new threats are
detected. Anti-malware is a generic
term that includes anti-virus, personal
firewall, anti-spyware, application
control, intrusion prevention—all
the security solutions that run on an
endpoint.
EDR refers to the tools that are
used to detect and investigate
threats on endpoint devices. EDR
tools typically provide detection,
analysis, investigation, and response
capabilities. However, EDR uses some
advanced forensics capabilities for
detecting and investigating security
breaches–and the ability to restore
the infected endpoints to a pre-
infection state. These solutions are
becoming automated with machine
learning and artificial intelligence.
Issue 10
Vo l u m e 3
COVER
STORY
Z Z U B
Issue 10
Some vendors are sweetening their
offerings by bundling endpoint
monitoring
and
management
services. These services offer in-
depth or advanced threat hunting,
forensics, and remediation services.
Another key trend is that endpoint
protection is now moving to the
cloud, with SaaS-based services for
monitoring endpoints. The demand
for endpoint security services has
increased as cloud security has
improved. Traditionally, endpoints
were centrally managed from an
on-premise server communicating
with agents on the endpoints. This
shifts the responsibility of managing
endpoints out of the enterprise and
into the hands of managed security
services providers (MSSPs).
CISO MAG conducted a multiple-
choice survey, in the month of October
2019 to present new research on the
usage of endpoint security solutions.
Here are some key findings of
the survey, indicating that many
organizations still need to complete
their endpoint security deployments.
3 key takeaways
The three prominent find-
ings that stand out in the
survey are:
The best of both: Half of
1. 
all companies (53.19%) that
participated in this survey are
using both EPP and EDR solutions.
An integrated solution that offers
the best of both worlds is the
preferred choice.
2. Endpoint visibility: Almost
half of the respondents (46.38%)
want real-time endpoint and
application visibility.
3. 
Managed services: Two-
thirds (62.55%) said their
endpoint
solution
included
managed endpoint detection
services. So, many are opting for
specialized cloud-based services
to monitor and manage endpoints
with advanced threat protection.
CISO MAG | November 2019
41