2017 proved the necessity of endpoint security perhaps more than ever. Major malware and ransomware attacks changed the global conversation about the safety of our data and servers, and we learned more concretely that traditional, signature-based antivirus are insufficient to protect us. This revelation emphasized the need for more comprehensive and adaptive antivirus and firewall solutions to combat the constantly evolving threats.
To address this mounting crisis—and perhaps to help reassure enterprises of all sizes—some endpoint solutions providers are taking the initiative to step up their innovations. They’re designing and upgrading their security solutions to work more holistically, to better identify diverse threats and respond to them. In other words, they’re moving from traditional antivirus to Next Generation Antivirus (NGAV).
NGAV can mean many things to different people, but for our purposes we define NGAV as being capable of:
- Better detecting, preventing, and responding to new versions of malware, including signatureless malware
- Allowing for threat data collection to reduce false positives and categorize threats
- Automating remediation capabilities
- Providing for a simple user experience and simplifies event interpretation
NGAV is an interesting subsection of the endpoint security market, as it is still developing as a field of its own in cybersecurity and as the solutions evolve and mature. As endpoint security companies jockey for position in the market and as greater security threats loom in 2018, NGAV providers seem poised to meet the challenge with more innovations to keep attackers at bay and detect threats in real-time.
With that in mind, here are six NGAV vendors we’ll be watching, presented in alphabetical order.
Barkly is a young Boston-based NGAV startup already turning heads, and December proved to be an excellent month for the vendor. December marked Barkly Endpoint Protection Platform’s validation to assist healthcare organizations with compliance of HIPAA. Early December also saw the announcement of the industry’s first mobile incident response capability for endpoint protection, allowing enterprises to respond to incidents from their iOS or Android device regardless of location. Their interface and comprehensiveness compared to traditional antivirus is also receiving more industry and customer attention and praise. Is 2018 the year they truly take off in the NGAV market?
On the corporate side of things Carbon Black has made some boardroom moves in recent months that imply a planned expansion into the global marketplace, especially in Asia. There’s also been rumors of an IPO in the coming year, mitigated by similar claims attached to the company last year.
On the technical side, the Massachusetts-based vendor offer NGAV through CB Defense, which is designed to take a system-centric approach to malware and malwareless attacks and improve visibility. Their solution consistently records all endpoint activity making it easy to track potential security threats and determine root causes, simplifying threat management and detection. 2018 might prove a particularly bountiful year for Carbon Black.
Endpoint and NGAV provider Crowdstrike made even more of a name for itself after investigating the DNC data breach, and they placed as a Visionary in the 2017 Magic Quadrant for Endpoint Protection Platforms. But the vendor doesn’t appear to be resting on its laurels. CEO George Kurtz is reportedly pushing for customers to install lightweight software that can monitor for incoming threats and relay their findings back to Crowdstrike to create real-time protection solutions and upped their NGAV detection capabilities. In May they upgraded their platform’s cloud protection capabilities. In November they announced the Crowdstrike Falcon Spotlight, centralized vulnerability management module for easier use.
Rumors persist of a possible acquisition of Crowdstrike by VMware, but so far neither company will confirm. Either way, Crowdstrike looks to be making bold strides forward as a NGAV solutions provider for 2018.
2017 has proven rough for the Moscow-based endpoint and NGAV solutions provider. Kaspersky Lab received the Gartner 2017 Endpoint Security Customer Choice Awards Platinum for their easy deployment and trusted protection earlier in the year, but the latter may not hold as true now. The vendor has been dogged by controversy for months, accused of affiliation with the Russian government and of conducting espionage on the U.S.
While these allegations have yet to be conclusively verified, they are being treated seriously by state actors and enterprises alike. Kaspersky Lab was officially banned from all U.S. Government servers, and the vendors has shuttered its D.C. office. The British government has warned agencies against using Kaspersky software. Best Buy, among other retailers, has pulled Kaspersky Products from their shelves.
Kaspersky once held, and in some circles maintains, a reputation for in-house innovation and thorough protection, and 2018 will reveal whether that reputation can survive these blows. It is entirely possible the vendor will bounce back–they’re offered to submit their code to an independent third-party to verify their transparency.
The Israeli cybersecurity startup Morphisec, only entered the U.S. market in December of 2016, but they are already starting to make waves here. In August of 2017 they released the Morphisec Endpoint Threat Prevention 2.0, upgrading their usability and threat intelligence and expanding their protection scenario—all bolstering their NGAV capabilities. Then in November they announced that their solution blocked 100% of exploits and evasive malware in SE Labs’ independent Advanced Endpoint Protection Test, which is quite the achievement. And they’re addressing the severe cybersecurity staffing issue by launching the Women in Cybersecurity Scholarship Program in the US.
Morphisec’s NGAV solution utilizes a honeypot-esque security model, utilizing specifically unmodified systems resources as a dummy to trap and expose malicious activity while the real databases remains untouched. It’s a deceptive defense that can prove effective against non-traditional threats. 2018 will see if Morphisec can capitalize on their successes this year.
The California-based Sentinel One made quite a lot of announcements in late 2017. In September, they launched Vigilance—a turn-key solution to accelerate cyber threat detection, prioritization, and response. They also partnered and combined solutions with network security vendor SonicWall to improve data breach detection and prevention. In November they hired experienced Country Manager Fiaaz Walji to help them expand their market presence in Canada. Then they released endpoint deep visibility nodes and lateral movement detection solutions to their security portfolio, improving their NGAV capabilities.
In other words, they seem to be making calculated moves, positioning themselves to become more global and more recognized. 2018 might prove a windfall year for them.
Latest posts by Ben Canner (see all)
- Protecting Against Cryptojacking: What Can You Do? - March 22, 2018
- By the Numbers: Armor’s Black Market Report: A Look Inside the Dark Web - March 22, 2018
- Why You Still Need an Endpoint Protection Solution - March 21, 2018