2018 Gartner Critical Capabilities for Endpoint Protection Platforms: Key Takeaways

Gartner critical capabilities endpoint protection

Analyst house Gartner, Inc. recently released its revised 2018 Critical Capabilities for Endpoint Protection Platforms, a companion resource to the popular Magic Quadrant report. Used in conjunction with the Magic Quadrant, the Critical Capabilities Report is an additional resource which can assist buyers of endpoint protection solutions in finding the products that fit best their enterprises’ IT environments.

Gartner defines Critical Capabilities as “attributes that differentiate products/services in a class in terms of their quality and performance.” Gartner rates each vendor’s product or service on a five-point (five points being best) scale in terms of how well it delivers each capability. Critical Capabilities reports include comparison graphs for each use case, along with in-depth descriptions of each solution based on the various points of comparison.

The study highlights the 21 EPP vendors Gartner considers most significant in the endpoint protection platform software sector and evaluates them against 9 critical capabilities and three use cases prevalent in the space, including:

  • Console Alerting and Reporting
  • EDR Core Functionality
  • Third-Party Integration
  • Geographic Support
  • OS Support

The editors at Solutions Review have read the report, available here, and pulled out three key takeaways.

EPP Critical Capabilities are Evolving

Gartner noted in the Critical Capabilities Report that EPP is rapidly evolving as a market. Endpoint protection solutions are starting to address security architecture concerns such as hardening and incident detection. Advanced prevention capabilities such as machine learning are becoming core features of endpoint protection platforms in general—they are no longer just for the innovators.  

Gartner Predicts Market Changes

The most clear-cut prediction? By 2021, EPP will provide “automated, orchestrated incident investigation and breach response” capabilities while standalone EDR becomes the province of managed security services or security operations centers.  

Gartner’s other predictions come in the form of statements of priorities. Enterprises are prioritizing protection and detection capabilities over data loss prevention, encryption, or server controls, as just one example. Another is that Gartner did not consider traditional EDR capabilities as essential critical capabilities.   

Endpoint Protection is Not All-Encompassing

Gartner notes that server protection is separating from EPP and that enterprises should separate their purchasing decisions for server workloads and endpoint protection.

Read Gartner’s Critical Capabilities to see how all the top providers scored.

Other Resources:

Gartner’s 2018 Magic Quadrant for Endpoint Protection Platforms (EPP): What’s Changed?

Comparing the Top Endpoint Security Vendors — Solutions Review

2018 Gartner EPP Magic Quadrant: What’s In a Vision(ary)?

Answering the Top 4 Enterprise Endpoint Security Questions

Endpoint Detection and Response: A New Wave in Security?

Ben Canner
Follow me

Ben Canner

Editor, Cybersecurity at Solutions Review
Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner
Follow me

Leave a Reply

Your email address will not be published. Required fields are marked *