Analyst house Gartner, Inc. recently released its revised 2018 Critical Capabilities for Endpoint Protection Platforms, a companion resource to the popular Magic Quadrant report. Used in conjunction with the Magic Quadrant, the Critical Capabilities Report is an additional resource which can assist buyers of endpoint protection solutions in finding the products that fit best their enterprises’ IT environments.
Gartner defines Critical Capabilities as “attributes that differentiate products/services in a class in terms of their quality and performance.” Gartner rates each vendor’s product or service on a five-point (five points being best) scale in terms of how well it delivers each capability. Critical Capabilities reports include comparison graphs for each use case, along with in-depth descriptions of each solution based on the various points of comparison.
The study highlights the 21 EPP vendors Gartner considers most significant in the endpoint protection platform software sector and evaluates them against 9 critical capabilities and three use cases prevalent in the space, including:
- Console Alerting and Reporting
- EDR Core Functionality
- Third-Party Integration
- Geographic Support
- OS Support
The editors at Solutions Review have read the report, available here, and pulled out three key takeaways.
EPP Critical Capabilities are Evolving
Gartner noted in the Critical Capabilities Report that EPP is rapidly evolving as a market. Endpoint protection solutions are starting to address security architecture concerns such as hardening and incident detection. Advanced prevention capabilities such as machine learning are becoming core features of endpoint protection platforms in general—they are no longer just for the innovators.
Gartner Predicts Market Changes
The most clear-cut prediction? By 2021, EPP will provide “automated, orchestrated incident investigation and breach response” capabilities while standalone EDR becomes the province of managed security services or security operations centers.
Gartner’s other predictions come in the form of statements of priorities. Enterprises are prioritizing protection and detection capabilities over data loss prevention, encryption, or server controls, as just one example. Another is that Gartner did not consider traditional EDR capabilities as essential critical capabilities.
Endpoint Protection is Not All-Encompassing
Gartner notes that server protection is separating from EPP and that enterprises should separate their purchasing decisions for server workloads and endpoint protection.