NOT LICENSED FOR DISTRIBUTION The Forrester Wave™: Endpoint Security Suites, Q2 2018 The 15 Providers That Matter Most To Enterprises And How They Stack Up by Chris Sherman and Salvatore Schiano June 21, 2018 Why Read This Report Key Takeaways In our 21-criteria evaluation of endpoint security Trend Micro, CrowdStrike, And Symantec Lead suite providers, we identified the 15 most The Pack significant ones — Bitdefender, Carbon Black, Forrester’s research uncovered a market in Check Point, Cisco, CrowdStrike, Cylance, ESET, which Trend Micro, CrowdStrike, Symantec, Ivanti, Kaspersky Lab, Malwarebytes, McAfee, Check Point, ESET, Sophos, and Bitdefender are Microsoft, Sophos, Symantec, and Trend Micro — Leaders; Carbon Black, McAfee, Kaspersky Lab, and researched, analyzed, and scored them. This Cisco, Cylance, Microsoft, and Malwarebytes are report shows how each provider measures up to Strong Performers; and Ivanti is a Challenger. help security professionals make the right choice. Security Pros Want An Effective Endpoint Security Suite From Vendors They Trust Buyers want an endpoint security suite that is effective at stopping modern threats without adding to their security team’s complexity. They also want to trust the vendor, both as a strategic partner and as a steward of their data. Behavioral Analysis, Automation, And Real- World Performance Are Key Differentiators As traditional approaches to endpoint security prove less effective, behavioral protection and suite automation have become key differentiators in today’s market. Buyers also want to see real- world performance that backs up vendor claims. FORRESTER.COM FOR SECURITY & RISK PROFESSIONALS The Forrester Wave™: Endpoint Security Suites, Q2 2018 The 15 Providers That Matter Most To Enterprises And How They Stack Up by Chris Sherman and Salvatore Schiano with Christopher McClean, Madeline Cyr, and Peggy Dostie June 21, 2018 Table Of Contents Related Research Documents 2 Security Pros Are Demanding More-Effective The Forrester Wave™: Endpoint Security Suites, Endpoint Security Suites Q4 2016 3 Endpoint Security Suites Evaluation The State Of Endpoint Security, 2018 Overview TechRadar™: Endpoint Security, Q1 2017 Evaluated Vendors And Inclusion Criteria 6 Relevant Vendors Not Included In This Evaluation Share reports with colleagues. 6 Vendor Profiles Enhance your membership with Leaders Research Share. Strong Performers Challengers 15 Supplemental Material Forrester Research, Inc., 60 Acorn Park Drive, Cambridge, MA 02140 USA +1 617-613-6000 | Fax: +1 617-613-5000 | forrester.com © 2018 Forrester Research, Inc. Opinions reflect judgment at the time and are subject to change. Forrester®, Technographics®, Forrester Wave, TechRadar, and Total Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies. Unauthorized copying or distributing is a violation of copyright law. [email protected] or +1 866-367-7378 FOR SECURITY & RISK PROFESSIONALS June 21, 2018 The Forrester Wave™: Endpoint Security Suites, Q2 2018 The 15 Providers That Matter Most To Enterprises And How They Stack Up Security Pros Are Demanding More-Effective Endpoint Security Suites It’s 2018, and employee endpoints continue to be the most targeted asset type in the enterprise.1 Over the years, security teams have deployed a wide range of technologies to address threats to their corporate endpoints, and now many are opting for endpoint security suites with integrated prevention, detection, and automatic response. As vendors race to consolidate new methods of threat prevention with detection and response technologies, security teams have often found themselves unprotected due to gaps in coverage between products or they are otherwise unhappy with their choice of vendor and technology. Fundamental enterprise requirements are clear (see Figure 1): › Endpoint security suites must protect against modern threats. It’s no surprise that global enterprise security decision makers rate the evolving nature of IT threats as a top challenge.2 As attackers continuously advance their methods to target gaps in traditional endpoint products, security pros look to their vendors to advance their protection capabilities. This includes the ability to block the global-scale attacks that are increasingly using techniques similar to those previously seen in targeted attacks (e.g., file-less malware and user exploitation), raising the bar substantially for security suite functional expectations. › They should decrease endpoint complexity. IT environment complexity is another top challenge for global enterprise security decision makers; in fact, Forrester survey data shows that it’s the most frequently cited challenging issue.3 Complexity can come in many forms, but security teams are especially frustrated by deployment complexities that leave gaps in coverage, poorly laid out consoles that lead to challenging admin experiences, too many screens involved in day-to-day operations, and resources-draining performance issues like false positives and false negatives. Buyers want an endpoint security suite that consolidates capabilities and minimizes complexity when possible. › Vendors need to have strategies that inspire confidence. More than ever, trust is critical in the endpoint security market. Buyers need to trust that their vendors will keep products up-to-date and effective against new attacks without significantly disrupting their business or exposing new vulnerabilities. Buyers also want to trust their endpoint security vendor to serve as a strategic partner in times of need, while inspiring confidence that the leadership team’s vision will help prepare them for future challenges. Finally, buyers must trust that their vendors will be, without exception, good stewards of their corporate data. © 2018 Forrester Research, Inc. Unauthorized copying or distributing is a violation of copyright law. 2 [email protected] or +1 866-367-7378 FOR SECURITY & RISK PROFESSIONALS June 21, 2018 The Forrester Wave™: Endpoint Security Suites, Q2 2018 The 15 Providers That Matter Most To Enterprises And How They Stack Up FIGURE 1 A Modern Endpoint Security Suite Must Meet Three Fundamental Buyer Demands Functional Efficient Trustworthy • Automated prevention, • Low complexity • Belief in vendor’s detection, and • Positive user strategy remediation experience • Condence in • Full endpoint visibility • High precision with a vendor’s technology • Automation and low false positive rate • Trust in vendor’s orchestration brand Endpoint Security Suites Evaluation Overview To assess the state of the endpoint security suites market and see how the vendors stack up against each other, Forrester evaluated the strengths and weaknesses of the top vendors. After examining past research, user need assessments, and vendor and expert interviews, we developed a comprehensive set of 21 criteria, which we grouped into three categories: › Current offering. Each vendor’s position on the vertical axis of the Forrester Wave™ graphic indicates the strength of its current offering. Key criteria for this evaluation include malware and exploit prevention, behavioral detection, and product performance, which Forrester validated using customer feedback and third-party test results. › Strategy. Placement on the horizontal axis indicates the strength of the vendors’ strategies. Here, we evaluated corporate vision and focus, security community involvement, and product road map. › Market presence. Represented by the size of the markers on the graphic, our market presence scores reflect each vendor’s enterprise customer base and licensing partner presence. Evaluated Vendors And Inclusion Criteria Forrester included 15 vendors in the assessment: Bitdefender, Carbon Black, Check Point, Cisco, CrowdStrike, Cylance, ESET, Ivanti, Kaspersky Lab, Malwarebytes, McAfee, Microsoft, Sophos, Symantec, and Trend Micro. Each of these vendors has (see Figure 2): © 2018 Forrester Research, Inc. Unauthorized copying or distributing is a violation of copyright law. 3 [email protected] or +1 866-367-7378 FOR SECURITY & RISK PROFESSIONALS June 21, 2018 The Forrester Wave™: Endpoint Security Suites, Q2 2018 The 15 Providers That Matter Most To Enterprises And How They Stack Up › A security suite that can prevent, detect, and remediate endpoint threats. We consider solutions that offer only one or two of these three capabilities to be point products, not suites. › A strong enterprise market presence. We only included vendors with at least 100 enterprise customer accounts (1,000+ nodes deployed per enterprise) and at least one deployment with 100,000+ nodes. › A high degree of interest from enterprise buyers. We only included vendors that garner substantial interest from enterprise security decision makers. For example, Forrester clients ask questions about each vendor by name during inquiries and other interactions. © 2018 Forrester Research, Inc. Unauthorized copying or distributing is a violation of copyright law. 4 [email protected] or +1 866-367-7378 FOR SECURITY & RISK PROFESSIONALS June 21, 2018 The Forrester Wave™: Endpoint Security Suites, Q2 2018 The 15 Providers That Matter Most To Enterprises And How They Stack Up FIGURE 2 Evaluated Vendors: Product Information And Inclusion Criteria Vendor Product evaluated Version number Bitdefender GravityZone Endpoint Security 6.2 Carbon Black Cb Defense Check Point SandBlast Agent Complete Endpoint Protection E80.81 Cisco Advanced Malware Protection for Endpoints