Top Trending Vendors
The cloud-hosted or on-premises GravityZone platform includes EPP, endpoint detection and response (EDR), and network analysis. Bitdefender additionally provides an MDR (managed detection and response) service.Bitdefender continues to invest in detection precision, hardening, and patch guidance enhancements. It offers excellent agent performance and support for a variety of operating systems.
Bitdefender is ideal for Type B and Type C businesses, as well as companies in North America and EMEA seeking a comprehensive, unified solution.
BlackBerry renamed all Cylance products, including the EPP tool, which is now BlackBerry Protect, the EDR tool, which is now BlackBerry Optics, and its MDR service, which is now BlackBerry Guard. New Spark Suites combine BlackBerry's unified endpoint management tool with its unified endpoint security product, as well as the new BlackBerry Persona, which incorporates continuous user authentication to proactively address stolen credentials, insider threats, and compromised physical devices.
BlackBerry is a viable solution for Type B and Type C enterprises seeking cloud-managed features with a little impact on speed and excellent offline functionality. The vast majority of BlackBerry customers are located in North America.
Symantec's condition reflects its go-to-market strategy and execution, which caused tens of thousands of customers to scramble for help or alternatives. Symantec's new emphasis on its largest customers has had some success in upselling its broader product offering to larger companies. Small- and medium-sized business (SMB) clients are served via a global network of partners. Symantec's flagship solutions, Symantec Endpoint Security Enterprise (SESE) and Symantec Endpoint Security Complete (SESC), offer EPP and EDR that are managed in the cloud. A vast array of Symantec solutions share a cloud console.
Large worldwide Type A and Type B enterprise customers seeking an integrated XDR security solution at a competitive price are attracted to Symantec.
Check Point Software Engineering
Checkpoint rebranded their SandBlast Agent product as Harmony in the beginning of 2021. Harmony's security and detection capabilities include machine learning, behavioural analysis, and automated sandbox analysis. Recent advancements have increased Check Point firewall integration, integrating monitoring and threat hunting across many products.
Check Point is present in all geographic locations, and its products are suitable for all types of existing Check Point customers.
Cisco's SecureX solution is an XDR platform that blends its Secure Endpoint's EPP and EDR with security analytics, threat hunting, and threat intelligence to investigate and respond to threats from a single perspective. Cisco Threat Response is now known as SecureX threat response and is the SecureX capability for investigation and response. SecureX is native to the cloud, incorporated into every Cisco Security product, and offers centralised orchestration for each product. Additionally, SecureX connects with a variety of third-party solutions.
In addition to investing in the development of the SecureX platform, Cisco has upgraded and streamlined its threat hunting capabilities with Orbital Advanced Search and the related automated playbooks.
The markets of North America and EMEA are Cisco's primary focus, with a presence in Asia/Pacific, Japan, and South America. The majority of Cisco customers are enterprise types A and B.
Falcon platform comprises an EDR product that focuses on detection and response capabilities to identify and remediate advanced threats; however, it also provides file-based malware prevention utilising static and behavioural machine learning to protect against known threats. CrowdStrike continues to invest in additional features, such as the acquisitions of Preempt Security and Humio for its platform, as well as the development of advanced firewall management and mobile device security capabilities.
CrowdStrike is mostly present in North America and Europe, the Middle East, and Africa. Products are designed for Type A and Type B enterprises, with possibilities for Type C organisations without security personnel to consume managed services that are either partially or fully managed.
The Cybereason Defense Platform is a cloud-native system with EPP and EDR capabilities. In addition, the company provides mobile threat defence, managed detection and response, and incident response services. Cybereason has invested in both the automation of SOC operations and its AI hunting engine.
Cybereason is ideal for both Type A and Type B businesses. Its managed services make it an attractive outsourcing option for Type C enterprises.
Endpoint Security (EPP), Enterprise Inspector (EDR), Dynamic Threat Defense (sandbox), Threat Intelligence, and managed services comprise ESET's product lineup. The flagship product of ESET, ESET PROTECT Enterprise, has been upgraded to include cloud management, browser anti-tampering capability, Windows Management Instrumentation (WMI) scanning, and management of Apple FileVault 2 encryption.
ESET's robust EPP and EDR solution with a lightweight agent that can be operated using on-premises servers will mostly appeal to smaller Type B and Type C enterprises.
FireEye's XDR product offers endpoint, email, online cloud, SIEM, and network security, all of which are handled through a single SOAR console. Mandiant's service division offers security services tailored to specific industries. According to reports, FireEye is rising in tandem with the market. Recent investments have been made in prevention and investigation, detection and expansion of Linux and macOS capabilities (support for macOS Big Sur), identity deception breadcrumbs, remote shell and PowerShell malicious event detection, and identity deception breadcrumbs. FireEye Helix is a cloud-based XDR platform; however, FireEye offers a locally hosted endpoint management dashboard.
FireEye is mostly appealing to Type A enterprises that require a comprehensive security platform with extensive cyberthreat intelligence capabilities and services, and who view it as less of an EPP-specific security vendor.
F-Secure has a history of delivering endpoint security with expert managed services, adding EDR and its Countercept MDR service in 2018 and launching threat hunting in the first quarter of 2020. Recent investments have included the development of advanced machine learning models and anomaly detection via its Blackfin AI research stream, as well as the introduction of new threat hunting capabilities.
The EMEA area is F-primary Secure's market, having a presence in all other global regions. Customers of F-Secure are primarily Type B and Type C medium and smaller businesses, but customers of Countercept's MDR service and Consulting are typically major businesses.
McAfee's new MVISION strategy aims to integrate the McAfee portfolio with an XDR solution. McAfee's baseline endpoint offering combines native OS capabilities with additional protection features such as ransomware rollback. The premium MVISION EDR package from McAfee now incorporates MVISION Insights, which prioritises threats and countermeasures and guides responders accordingly.
Products mostly available in North America and EMEA are suited for Type A and Type B enterprises, with possibilities for Type C organisations without security personnel.
Microsoft Defender for Endpoint (MDE) offers an integrated and complete set of EPP, EDR, and threat hunting capabilities via a cloud-hosted console and data lake. The native protection and prevention provided by Defender Antivirus in the Windows operating system is widely used and well-liked by users, and is also utilised by other companies in this Endpoint Protection Platform.
Microsoft invested in its OS coverage in 2020, offering substantial new macOS and Linux protection capabilities and enhancing threat and vulnerability management and attack surface reduction. Microsoft also extended support for iOS and Android devices.
On a global scale, Microsoft appeals to all types of organisations, notably major companies.
Cytomic Covalent, renamed by Panda, is a comprehensive EDR system that includes modules for encryption and patching, as well as Cytomic Insights for increased monitoring and reporting. Device control, online access control, data loss prevention (DLP), and system management are all provided. Panda has invested in enhancing the EDR capabilities of its Cytomic EDR and Orion solutions, as well as integrating SIEM and other APIs with third-party security technologies. In the summer of 2021, integration of Panda's endpoint products into a WatchGuard unified cloud platform is anticipated.
Panda wants to expand into North America in 2021, targeting Type B and Type C enterprises in EMEA.
SentinelOne's Singularity platform, its XDR solution, was released. Existing EDR and threat hunting hosted on a new cloud platform and data lake get third-party integrations. The recent acquisition of Scalyr has resulted in the strengthening of the XDR solution. In 2020, investments included more automatic mitigation choices with Storyline Active Response and new IoT identification and protection features in Ranger.
SentinelOne's core markets are North America and EMEA, and development into India and the Middle East is planned. In each of these areas, it offers solutions to accommodate all business kinds.
In March of 2020, private equity firm Thoma Bravo completed the acquisition of Sophos. Sophos Central is a centralised management console for EPP, EDR, and MTD that provides enhanced endpoint visibility, simplified management, and enhanced threat detection. In addition, it maintains disc encryption, server security, the firewall, and email gateways. Investing has been concentrated mostly on the Sophos Central cloud-hosted service, including additions to Live Response, forensic, and device discovery data.
Sophos is optimal for Type A and Type B enterprises, with choices available for Type C organisations without security personnel. Customers are primarily from North America and Europe, the Middle East, and Africa.
Trend Micro's Apex One platform offers a wide range of capabilities, and more complex EDR capabilities can be added with an XDR add-on to interface with the company's other security solutions. The company offers support for all current and a significant number of legacy operating systems, as well as on-premises, cloud, and hybrid management solutions. Recent investments have included the XDR platform used for detection and response, as well as the unification and rebranding of a comprehensive collection of cloud workload and container security solutions, dubbed Cloud One.
Trend Micro is optimal for Type B and Type C businesses. It has a global presence, although its popularity is greatest in Asia/Pacific, specifically Japan.
Microsoft Carbon Black
VMware completed its acquisition of Carbon Black. With this feature, it provides protection for endpoints, networks, and cloud-based applications. VMware has also made substantial strides in its partner ecosystem, including its sophisticated Next-Gen SOC Alliance with SIEM and SOAR companies. Investments have centred on integrating Carbon Black into existing VMware virtualization solutions and integrating Carbon Black with VMware's growing array of security technologies based on a single cloud-hosted dashboard and data lake.
Products that are suitable for Type A and Type B businesses are acquiring a strong presence in the managed security service provider (MSSP) and incident response (IR) industries, primarily in North America. In addition to vSphere, NSX, and Workspace ONE customers with cloud workloads and managed endpoints, VMware Carbon Black also attracts customers with cloud workloads and managed endpoints.