They Said It - The Shift to Modern Endpoint Security Is Clearly Underway!

By Ash Parikh · January 31, 2024

The world of endpoint security is changing dramatically. With the need for more nuanced investigations on the endpoint to counter sophisticated, fast-moving threats, endpoint security must evolve from traditional protection to include modern detection, investigation, forensics, and remediation. While AI is commonly used for detection, the modern frontier for AI is AI-guided investigation and remediation workflows and AI-guided policy management at scale.

As we start 2024, two new analyst reports make it crystal clear that a seismic shift is underway. From my perspective, the 2023 Gartner® Magic Quadrant™ for Endpoint Protection Platforms and the IDC 2024 MarketScape Worldwide Modern Endpoint Security for Large Enterprises point to a shift from traditional and legacy endpoint protection platforms (EPP) to a more integrated Endpoint Detection and Response (EDR) approach that provides a glide path to a comprehensive and open platform for Extended Detection and Response (XDR).

Let’s unpack what is going on with today’s market in endpoint security solutions. Three market trends are particularly notable:

First, today’s cybersecurity leader is looking for modern endpoint security. What does that mean? I offered a definition of modern endpoint security at the top of this post, but let’s explore this further. (If you’re interested in this discussion, follow me on LinkedIn – I will be diving into this topic with our SVP of Product Engineering, Ashok Banerjee, who I promise has some truly brilliant insights into the convergence of endpoint security and AI). In the world of modern endpoint security, we are talking about increasingly lighter shades of gray. This world is becoming much more investigative and nuanced, moving along EPP, EDR, to deeper investigations and forensics at scale. In such a world you need AI for automation. For example, you need automation across queries to find needles in a haystack, AI to establish the blast radius of a breach and steps for construction of a kill chain, and AI to recommend steps for forensics or remediation. You also want a solution that works anywhere – on-prem, hybrid, cloud, air-gapped – and enables you to take protective actions even in the case of disconnected operations. In other words, you want homogenous security with heterogenous deployment — something I’m proud to say we deliver at Trellix.

Second, customers are looking for a wide array of security controls. They don’t want just endpoint protection. They are looking for endpoint and email and network , along with other security controls. It’s only with layered security controls that security operations can detect and respond to today’s complex and sophisticated cyber threats in time to protect their organizations and minimize business impact.

And third, they want to consolidate their security stack around one vendor. It makes economic sense in today’s era of “do more with less,” and it makes sense for overall security and risk reduction. Constrained SOC teams can’t support an environment of siloed specialists and bespoke tooling. When an indicator of a ransomware attack comes in, you may not have your experts in the room. You want to be able to take action in minutes with AI-guided investigations, looking across your environment with a unified interface that shows you exactly how an attack is unfolding.

As Gartner puts it, “The EPP market is no longer limited by vendors only offering EPP and EDR capabilities, and buyers are increasingly looking for fewer vendors to deliver a wider array of capabilities. Email security, identity threat detection and response and XDR are increasingly part of the purchasing decision. This Magic Quadrant goes beyond evaluating a vendor’s ability to deliver core EPP/EDR products and services as organizations seek to consolidate into fewer vendors providing a more holistic approach to workspace security.” ¹

At Trellix, we’re passionate about innovating to meet our customers’ needs. We’ve anticipated this market direction, and that’s why we’re maniacally focused on modern endpoint security, as a path to AI-powered XDR.

IDC highlights our commitment to our customers’ journey in its MarketScape report, noting that “ Trellix’s unwavering intention and execution is to serve its existing enterprise customers better.” In my view, IDC has honed in on the compelling differentiators that are helping to make our customers wildly successful, writing that “Trellix has one the broadest portfolio of security products in the industry. While noteworthy, the benefit of broadness is diminished without effective management. Trellix ePO, enterprise-class policy management system, is unquestionably one of Trellix’s most significant competitive advantages. As other MES vendors endeavor to develop their own centralized policy management systems, Trellix is building on an established foundation.” ²

Kudos to Gartner and IDC for recognizing what the modern buyer is looking for. I’m especially gratified to see the high scores for Trellix in the new “security platform” use case in the Gartner Magic Quadrant. A big component of this is XDR, and we believe this callout continues our XDR momentum from the 2023 Gartner Market Guide for Extended Detection and Response report this past fall when we wrote about Trellix solving 4 out of 4 use cases and meeting all requirements.

Over the last year, many of our customers significantly strengthened their security postures and made major improvements in their ability to protect their organizations against ransomware and other cyber threats. I want to shout out their accomplishments and share a few of their testimonials:

• "It’s very difficult to manage disconnected solutions. Trellix has consolidated our approach and helped bring order to the chaos." - Ala Asali, Chief Security Officer, Arab National Bank
• "Trellix was the only provider that could manage their own suite of interrelated security products. That was a huge differentiator for me. Not only do they have that product knowledge, they are also able to rapidly incorporate intel from their industry-leading incident response team directly into the products.” - Manager of IT Infrastructure, Canadian subsidiary of global law firm
• “The intuitive dashboard and detailed insights have greatly enhanced our ability to monitor and manage endpoint security. With its proactive approach and minimal impact on system performance, Trellix has become an invaluable asset to our cybersecurity strategy.” - IT Manager, Banking Industry
• “The most trustworthy security solution from an endpoint perspective.” - IT Lead, IT Services Industry

Where are you in your journey? Learn more by joining me and Trellix SVP of Product Engineering, Ashok Banerjee, in a discussion of modern endpoint security on LinkedIn Live and in an upcoming webinar with experts from Trellix and IDC. Stay tuned for details on Trellix’s LinkedIn page.

And discover how you can take a modern, AI-powered approach with Trellix - from Endpoint Protection to Endpoint Detection and Response, and then to Extended Detection and Response. We have over 25 years of experience solving complex cybersecurity challenges, with our open, comprehensive and hybrid platform.

¹Gartner, Magic Quadrant for Endpoint Protection Platforms, Evgeny Mirolyubov, Max Taggett, Franz Hinner, Nikul Patel, 31 December 2023

²IDC MarketScape: Worldwide Modern Endpoint Security for Enterprises 2024 Vendor Assessment, Michael Suby