Solutions Review’s annual Vendors to Know in Endpoint Security platforms provides the details on some of the most critical solution providers in the space.
The editors at Solutions Review continually research the most prominent and influential endpoint security vendors to assist buyers in searching for the tools befitting their organization’s needs. Choosing the right vendor and solution can be complicated; it requires constant market research and often comes down to more than just the solution and its technical capabilities. To make your search a little easier, we listed the vendors to know in endpoint security platforms in 2021.
Note: Companies are listed in alphabetical order.
Solutions Review’s Vendors to Know in Endpoint Security Platforms, 2021
Bitdefender’s GravityZone Enterprise Security is a modular solution delivering centralized management and deployment for a range of endpoints: cloud providers, servers, desktops, laptops, and mobile devices. Updates to the endpoint security suite emphasize protecting anti- ransomware attacks and anti-exploit technology. Recently released products include GravityZone Ultra Suite. Additionally, Bitdefender continues to innovate its cloud workload security and its browser isolation tools and capabilities.
Blackberry | Cylance
Cylance built its reputation on the back of proactive and preventive antivirus technology based on proprietary artificial intelligence, machine learning, and algorithmic science. Headquartered in Irvine, California with offices around the world, Cylance was founded by a team of recognized and respected security industry professionals and scientists with the goal to “redefine the endpoint standard of protection by preventing threats from ever executing.” Blackberry has pushed Cylance to improve its unified endpoint management capabilities. Also in 2019, BlackBerry Cylance launched its CylancePERSONA solution to deliver behavioral analytics.
Broadcom’s Symantec Cyber Security offers a deep bench of endpoint security technologies spanning a range of prevention, detection, and remediation capabilities. Cloud-based, Broadcom is regarded as a thorough anti-malware solution globally. Prior to its acquisition in 2019, Symantec announced a new Managed Endpoint Detection and Response solution, and it has been recognized as a Leader in Data Security Portfolio Vendors by the Forrester Wave. In its new form, it focuses on emerging and evolving threats.
VMware | Carbon Black
VMware | Carbon Black’s endpoint security software—Cb Defense—offers streaming malware protection and EDR to detect and prevent bad actors from attacking your organization in real-time. Cb Defense consistently records all endpoint activity making it easy to track potential security threats and determine their root causes. VMware Carbon Black offers custom API’s, giving IT teams the ability to integrate security capabilities from a variety of solutions. It also offers Cb Protection, which is designed to replace legacy endpoint security solutions and help with PCI DSS compliance mandates, and Cb LiveOps. Cb LiveOps builds off the Carbon Black Predictive Security Cloud for real-time threat remediation.
Check Point Software provides an endpoint security solution that combines data and network security with threat prevention technologies, including remote access VPN for both Windows and Mac software. Check Point’s Sandblast Zero-Day Attack Protection prevents potential security threats at the initial stages, which can help prevent significant damage before it occurs. Check Point also offers anti-bot technology to block command and control technologies and a managed security service option. In 2019 it expanded its CloudGuard to support Kubernetes computing services and expanded its IoT security through the acquisition of Cymplify.
Comodo’s endpoint security solutions provide a centrally managed, 7-layered suite protecting end-user devices and their applications against malware and other digital threats. System administrators can terminate suspicious network connections, force-close processes, stop malicious services, and uninstall applications directly. Enterprise administrators can also resolve processes causing CPU or RAM saturation, quickly establishing the largest files on the endpoint’s hard drive and selectively deleting them if necessary.
CrowdStrike’s endpoint solution, Falcon Host, offers visibility in real-time and detects attacks within your enterprise software. Falcon Host integrates into your current environment and enables your IT security team to detect and block suspicious activity to prevent damage to your business. It covers Windows desktop and servers as well as Mac computers, whether on or off the network and combines EDR and anti-malware into a single agent. In 2020, CrowdStrike released an enhancement to its platform’s visibility, detection, and response capabilities across Windows, macOS, and Linux operating systems and new customization capabilities.
Cynet 360 is the world’s first Autonomous Breach Protection platform that natively integrates XDR attack prevention and detection capabilities (including NGAV, EDR, Deception, and more) with automated investigation and remediation, via a single lightweight agent with zero operational effort. Cynet 360 technology is complemented by a 24\7 MDR service free of charge, placing end-to-end breach protection within reach for any organization regardless of its security team size and skill.
Druva inSync is an unified data protection and information governance solution that delivers a single pane of glass for protecting and managing dispersed data across endpoints and cloud applications, ensuring that data is protected and governable by IT. With inSync, customers can dramatically increase the availability and visibility of business-critical data, while reducing costs, risk, and complexity. It also integrates backup and compliance monitoring into typical security workflows; it combines SaaS application and endpoint backup to protect end-user data and can allow for the provisioning of data protection.
FireEye utilizes a purpose-built, virtual machine-based security platform providing real-time threat protection to enterprises. FireEye incorporates firewalls, IPS, antivirus, and gateways as a means of supplementing signature-based detection methods. The FireEye platform uses a virtual execution engine with threat intelligence to expose and obstruct cyber-attacks in real-time. In 2019, it announced the availability of the FireEye Cyber-Physical Threat Intelligence subscription service which provides context, data, and actionable analysis on threats. It also introduced cloud security capabilities to deal with cloud infrastructures and hybrid environments as well as updated its email security with new threat detection.
Forcepoint emphasizes cloud security in its endpoint protection platforms. It designs its systems with remote employees and multiple endpoint connections in mind—essential considerations for the enterprise undergoing digital transformation or planning to do so. Its programs watch for insider threats via behavioral analysis and use a multi-layered firewall to maintain network integrity even during device updates, using a centralized platform for easy deployment and management. Its Web Security capabilities integrate with data loss prevention, cloud sandboxing, and advanced malware detection in a single pane of glass.
GoSecure leverages big data and behavioral analytics with a next-generation endpoint security solution called GoSecure EDR. Obviously, this uses EDR, machine learning, and behavioral analysis to recognize threat context and increase endpoint visibility. This allows its solution to catch threats missed by legacy signature-based detection methods. GoSecure software distinguishes between unknown and known threats via signatureless scanning and responses to both proportionally so that malware diversion tactics will not fool them.
Ivanti combines the technologies of Heat Software and LANDesk. More specifically, Ivanti seeks to combine Heat’s cloud solutions with LANDESK’s IT systems management to deliver simplified service management processes, real-time visibility across enterprise services and infrastructure, and facilitate productive interactions in your business. Its solution can also implement application control for all your endpoints that does not disrupt users in their work. Its solutions thus balance endpoint security with business process facilitation. Ivanti also released the Ivanti Password Director, a self-service password management tool. In 2019, it announced the Ivanti Security Controls for patch management and third-party applications.
Kaspersky is renowned for its threat intelligence software and for its network of security experts located around the world. Its mission statement dedicates them to fighting cyber-crime and to innovating new techniques to stopping attacks. It focuses on internal innovations rather than on acquisitions. It possesses an industry reputation for accurate malware detection and management for the layperson. Kaspersky appeared in the 2019 Magic Quadrant for Endpoint Protection Platforms as a Visionary, and the Forrester Wave for Endpoint Security Suites as a Strong Performer.
LogMeIn Central is a cloud-based endpoint management solution designed to enable IT professionals to effectively monitor, manage, and secure their endpoint infrastructure. Its expertise in remote technologies supports enterprises with remote employees or endpoints scattered across the globe, allowing for centralized management. In addition, LogMeIn Central provides IT organizations with actionable security and workflow insights that can help increase productivity, reduce IT costs, and mitigate risk. Central also allows security teams to monitor the health of each LogMeIn host.
McAfee promotes its McAfee Endpoint Security. With this platform, it signals a transition away from signature-based malware detection it helped innovate to one oriented to more machine learning, behavioral analysis detection, and prevention endpoint security methods with low user impact. McAfee offers machine learning behavioral analysis, real-time scanning, cloud analytics, application containment, and automated EDR. In 2019, it introduced CASB-Integrated Cloud Security Platform and continued to innovate its protections against cloud-native breaches. McAfee’s research has uncovered recent surges in malware attacks and ransomware.
In addition to its PCs and operating systems, Microsoft also offers Window’s Enterprise Mobility and Security, a software endpoint security suite. This offers an integrated set of solutions designed to work with Microsoft’s operating system smoothly without needing to interrupt workflow with a complex deployment. It even provides a cloud-based management system. Microsoft has received high customer approval rates, as evidenced by its position as Leader in the 2019 Magic Quadrant for EPP. Additionally, it appears as a Leader in the Forrester Wave for Endpoint Security Suites and a Strong Performer in Email Security.
Palo Alto Networks
Palo Alto Networks has combined network, cloud, and endpoint security into one integrated platform that delivers automated prevention against cyber-attacks. Palo Alto’s Traps endpoint solution focuses on the attacker’s core techniques and when the attacker’s path becomes known, the program blocks advanced attacks originating from executables, data files, or network-based exploits. It is multimethod and completes a platform-centric approach to prevention. In 2019, Palo Alto Networks acquired Aporeto, a machine identity-based micro-segmentation company, as well as Demisto, a SOAR provider.
RSA offers RSA NetWitness Endpoint as its threat detection and response solution. The RSA NetWitness Endpoint exposes targeted, advanced malware, highlights suspicious activity for investigation, and instantly determines the scope of a compromise to help security teams stop advanced threats faster. NetWitness Endpoint’s unique behavioral-based detection identifies unknown, zero-day malware and compromises missed by traditional signature-based detection methods. RSA calls its RSA Netwitness Endpoint an EDR solution that can leverage endpoint behavioral monitoring and advanced machine learning.
SentinelOne provides behavior-based anti-malware, anti-exploit, and EDR capabilities as an integrated endpoint solution; in other words, it incorporates prevention, detection, and remediation capabilities in one program, which can be deployed on-premises or via the cloud. SentinelOne offers real-time forensics to deliver investigative capabilities and multiple behavior detection methods. It can predict malicious behavior across multiple threat vectors and close vulnerability gaps. In 2020, it was recognized in the Gartner Peer Insights Customers’ Choice for Endpoint Detection and Response. It also released full remote shell capabilities.
Sophos released Sophos Intercept X — a set of signatureless detection and prevention technologies designed to protect against endpoint attacks —in 2016. Intercept X targets exploits in applications and operating systems and provides specific countermeasures to ransomware. Since the release, Sophos has continued to be an enterprise-driven endpoint protection solution globally. In 2019, Sophos acquired Rook Security for its Managed Detection and Response capabilities. Even earlier in the year, Sophos acquired DarkBytes, another MDR provider, to serve as the foundation of its new services.
Trend Micro, Inc.’s endpoint security solutions ensure mobile and desktop protection against everything from traditional threats to the latest sophisticated, targeted attacks. Focusing on multi-layered security, exploitation protection, and machine learning, Trend Micro’s offers a full suite of EDR and EPP solutions. It has received praise for its fully-featured solution with adaptive preventative capabilities and for its patching capabilities and managed detection services. Trend Micro also offers its team of security threat experts and researchers, who work to identify millions of threats and secure the Internet of Things.
Webroot’s EPP Solution— SecureAnywhere Business Endpoint Protection—utilizes behavioral analysis, machine learning, and contextual threat intelligence. It allows Webroot to protect enterprises’ networks while remaining lightweight and unobtrusive to business processes. Its solution provides multi-vector protection for all stages of endpoint attacks, mitigating long-term damage. Its cloud-based architecture classified a majority of the Internet—no small feat—for risks to evaluate browser safety for both on and off-premises devices. A solid entry to round out the Vendors to Know in Endpoint Security Platforms, 2021.
Those were our picks for the Vendors to Know in Endpoint Security platforms, 2021. For more on these Vendors to Know in Endpoint Security platforms, check out the Buyer’s Guide.
- Endpoint Security Providers: Best of 2023 and Beyond - October 31, 2022
- Best Books for Defending the Digital Perimeter - September 14, 2021
- Apple Vulnerability Places All of Apple iOS at Risk - September 14, 2021