Forecast: The Gartner Endpoint Protection Platform 2019 Magic Quadrant

Forecast: The Gartner Endpoint Protection Platform 2019 Magic Quadrant

Technology experts around the world wait on bated breath for the release of the Gartner Endpoint Protection Platform 2019 Magic Quadrant. The research giant published the 11th iteration of the EPP Magic Quadrant in April of last year; rumors suggest Gartner plans to release the 2019 Magic Quadrant (the 12th iteration) sometime this summer. Editor’s Note: This turned out correct). 

Thanks to their proprietary research methodology, Gartner’s annual marketplace analyses generate a level of buzz in the tech world only matched by Apple’ keynote speeches. Regardless of the technology field, many consider the Magic Quadrant Gartner’s premier report in each cybersecurity marketplace. In fact, IT administrators and cybersecurity professionals use Gartner’s findings as a critical jumping-off point for their yearly purchasing decisions.

Of course, cybersecurity professionals can’t sit on their hands and wait for the 2019 Magic Quadrant. They face a quickly evolving cyber threat landscape with new species of ransomware and fileless malware arising every day. Cybersecurity professionals need to understand what capabilities and priorities should comprise their digital perimeter.

Therefore, with the Endpoint Protection Platform 2019 Magic Quadrant still some ways away, we decided to share our own predictions; we share educated guesses on the content of the 2019 Magic Quadrant and how the market evolves.

For the sake of clarity, we use Gartner’s definition of endpoint protection platforms as a foundation; these are “deployed on endpoint devices to prevent file-based malware, to detect and block malicious activity from trusted and untrusted applications, and to provide the investigation and remediation capabilities needed to dynamically respond to security incidents and alerts.”  

Here are our predictions:

The 2019 Magic Quadrant and New Threats

Since the release of the 2018 EPP Magic Quadrant Report, enterprises have not only fought against ransomware and file-based malware. Lately, fileless malware constitutes a much more serious threat to business digital perimeters; they can evade and circumvent signature-based and file-based detection capabilities emblematic of legacy endpoint security solutions.

Moreover, fileless malware’s exploitation of endpoints’ native processes leaves little evidence during or after a breach. Thus, IT professionals can struggle to recognize they’ve suffered a breach until long after the fact, leaving vulnerabilities unguarded.

Additionally, more enterprises—especially financial businesses—suffer from island hopping attacks. These exploit vulnerabilities in third-parties to reach their intended targets;  in some cases, they exploit the emails of others to distribute fileless malware.

Thus, we predict Gartner may change its definition of endpoint protection platforms to accommodate the rise of these new fileless and distributed threats. Next-gen endpoint security providers already work to detect and mitigate fileless malware, and Gartner should recognize their efforts. In addition, the research giant should also change their definition of endpoint protection platforms to protect more than endpoints; it must also include third-parties and the increasingly porous enterprise perimeter.

Speaking of which…

The Cloud Hangs Over The EPP 2019 Magic Quadrant

In the 2018 Endpoint Protection Platform Magic Quadrant, Gartner ranked cloud adoption as a critical criterion for their report. Failing to accommodate cloud adoption or cloud-reporting severely reduced vendor’s rankings in the MQ.

However, in the year since that report, the cloud has only grown in prominence for business processes and storage. More and more enterprises abandon traditional on-premises for cloud-based infrastructure, which decentralizes their digital perimeter. Fittingly, workforces also become increasingly decentralized—remote workers constitute a significant portion of most businesses’ employees.

Therefore, endpoint security cannot simply focus on endpoints. Their capabilities and infrastructures must accommodate the cloud. The 2019 Magic Quadrant should reflect this, possibly by increasing the weight of cloud capabilities in their criteria. Additionally, it should also change which vendors enter the Quadrant in the first place; we may discover endpoint security vendors with insufficient cloud offerings no longer make the cut.     

EDR, EDR, EDR.  

As an endpoint security capability, EDR has become the belle of the ball. Endpoint Detection and Response allows enterprises to use their endpoint protection platform to detect threats which bypassed their prevention tools. In fact, EDR can detect threat behaviors and security events and alert investigative teams to the cyber attacks.

As cybersecurity moves from a prevention-model to a detection-model, EDR proves increasing vital to healthy business-level cybersecurity. Thus in the previous Endpoint Protection Platform Magic Quadrant, EDR capabilities proved a significant factor in vendor placement. Indeed, Kaspersky Lab lost its status as a Leader because it only introduced EDR to its platform relatively recently.

Most likely, the 2019 Magic Quadrant for Endpoint Protection Platforms will use EDR as an even more significant evaluation criterion. Most likely, failure to have EDR which meets minimum standards shall result in exclusion from the Quadrant altogether. Indeed, we would be surprised if the 2019 EPP Magic Quadrant resembled its predecessor.

Will Identity Factor In?

We admit this one is something of a long shot (hence why we include it at the end). Yet it certainly bears mention and consideration. Currently, cybersecurity professionals contend identity now constitutes a significant portion of the digital perimeter if not its entirety. While malware and other non-identities threats still carry risk, identity-based attacks now serve as hackers primary means of entry into enterprise networks.

Will Gartner thus ask endpoint security providers to consider this in their solutions. Most likely no. However, it does highlight the importance of using multiple cybersecurity solutions to ensure a high level of safety in the digital marketplace.

You can read the 2019 Gartner Magic Quadrant for Endpoint Protection Platforms here. 

Follow me

Ben Canner

Editor, Cybersecurity at Solutions Review
Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner
Follow me