KuppingerCole Report
Market Compass
By John Tolbert

Endpoint Protection, Detection, and Response

The KuppingerCole Market Compass provides an overview of the products offerings in Endpoint Protection, Detection and Response. The Endpoint Security space continues to see much innovation and some consolidation. The formerly separate products Endpoint Protection (EPP) and Endpoint Detection & Response (EDR) are increasingly coming together in the marketplace.

1 Management Summary

The KuppingerCole Market Compass provides an overview of a market segment and the vendors in the Endpoint Protection, Detection & Response (EPDR) mark ...

Login Get full Access

2 Market Segment

This Market Compass covers solutions that can detect and prevent malware from executing on endpoints, have built-in firewalls, perform URL filtering, ...

Login Get full Access

2.1 Market Description

The Endpoint Security product market has been well-established for 30+ years. Anti-virus vendors arrived on the scene to deal with the earliest viruse ...

Login Get full Access

2.2 Market Direction

The Endpoint Security market is rapidly changing in a few ways. The use of Machine Learning (ML) algorithms for automated malware analysis was at one ...

The Trend Compass tracks the development of EPP and EDR independently. EPP began as antivirus and grew steadily in importance and effectiveness from t ...

Login Get full Access

2.3 Capabilities

The Endpoint Security market is mature, but there has been a lot of churn: emergence of new technologies and new approaches embodied by new vendors, a ...

Login Get full Access

2.3.1 Common functionality

The common functionality that should be provided by all solutions includes:

Use case Description Relevance
Autonomous agent oper ...
Login Get full Access

2.3.2 EPP Functionality

The Endpoint Protection feature list that will be rated in the following sections include:

Use case Description Relevance
Multip ...
Login Get full Access

2.3.3 EDR Functionality

The Endpoint Detection & Response features that will be considered include:

Use case Description Relevance
Near real-time evalua ...
Login Get full Access

3 Vendors and Products

The vendors covered by this report provide endpoint security functionality in the areas of Endpoint Protection (analysis of code prior to or during ex ...

Login Get full Access

3.1 Vendors Covered

  • Bitdefender
  • BlackBerry
  • Carbon Black
  • Cisco
  • Cybereason
  • ESET
  • F-Secure
  • FireEye
  • Fortinet
  • Kaspersky
  • Malwarebytes
  • McAfee
  • Microsoft
  • ...
Login Get full Access

3.2 Featured Vendors

Some vendors are better positioned to meet narrow use cases, while others have stronger offerings across the range of Endpoint Protection, Detection a ...

Login Get full Access

3.2.1 Featured for EPP capabilities: F-Secure

F-Secure is a first-generation antivirus company with next-generation anti-malware technology. F-Secure uses standard and cutting-edge methods to dete ...

Login Get full Access

3.2.2 Featured for EPDR capabilities: Kaspersky

Kaspersky offers a leading-edge EPP suite. It utilizes all available technical methods to discover and prevent execution of malware as well as provide ...

Login Get full Access

3.2.3 Featured for EPP innovation: Bitdefender

Bitdefender is a top of the line EPP solution, deploying all relevant pre-execution and runtime malware detection and prevention techniques. Their sol ...

Login Get full Access

3.2.4 Featured for EPDR innovation: SentinelOne

SentinelOne Platform has some of the most advanced EDR features, relying on state-of-the-art ML detection models. SentinelOne does not baseline device ...

Login Get full Access

3.2.5 Featured for EDR innovation: Sophos

Sophos been a recognized name in EPP for decades. It has a good reputation for anti-malware, which was enhanced with the addition of Invincea a few ye ...

Login Get full Access

3.2.6 Featured for XDR innovation: Palo Alto Networks

Palo Alto, once the pioneer in Next Generation Firewall (NGFW) technology, is now the pioneer for “XDR”, or the union of EDR and network security ...

Login Get full Access

3.2.7 Featured for EPDR universal coverage: ESET

ESET has been an avant garde anti-malware company for many years. Their products incorporate the latest approaches to discovering and preventing malwa ...

Login Get full Access

3.2.8 Featured for Threat Intelligence integration: Symantec

Symantec, a global cybersecurity leader for decades, has a wide range of integrated security products, covering endpoints, applications, networks, and ...

Login Get full Access

3.2.9 Featured for Threat Intelligence integration: McAfee

McAfee was an early pioneer in antivirus and cybersecurity products and is a charter member of the Cyber Threat Alliance. McAfee’s Global Threat Int ...

Login Get full Access

3.3 Vendors to Watch

Besides the vendors covered in detail in this document, we observe some other vendors in the market that have some but not all required capabilities i ...

Login Get full Access

4 Ratings at a Glance

Based on our evaluation, a comparative overview of the ratings of all the products covered in this document is shown in table 1.

Login Get full Access

5 Product/Service Details

Spider graphs

In addition to the ratings for our standard categories we add a spider chart for every vendor we rate, looking at specific capabilitie ...

Login Get full Access

5.1 Bitdefender

Bitdefender is a private company, and was founded in 2001 in Bucharest, Romania. The company specializes in cybersecurity technologies for Windows PCs ...

Login Get full Access

5.2 BlackBerry

Following its 2019 acquisition of Cylance, an advanced AI-based cybersecurity company, BlackBerry has been transforming itself as a security vendor. I ...

Login Get full Access

5.3 Cisco

Cisco, well-known for network devices and services, also offers many security solutions. AMP for Endpoints is their EPP and EDR combined product with ...

Login Get full Access

5.4 Cybereason

Cybereason, a late stage venture backed company, was founded in 2012 and is based in Boston. Today they have a strong global presence. Cybereason star ...

Login Get full Access

5.5 ESET

ESET was founded in 1987 and is headquartered in Bratislava, Slovakia. They specialize in EPP and EDR. For enterprise customers they also offer threat ...

Login Get full Access

5.6 F-Secure

F-Secure was founded in 1988 in Helsinki. They are consistently rated among the highest scoring anti-malware vendors in independent tests, including a ...

Login Get full Access

5.7 FireEye

FireEye was founded in 2004 in Milpitas, CA. FireEye started out with email and web sandboxing tools, but through growth and acquisition they have add ...

Login Get full Access

5.8 Fortinet

Fortinet was founded in 2000 in Silicon Valley. In late 2019 they acquired EnSilo. The company produces a wide range of hardware and software security ...

Login Get full Access

5.9 Kaspersky

Kaspersky has been providing cybersecurity solutions for more than two decades and is best known for the EPP product. Though headquartered in Russia, ...

Login Get full Access

5.10 Malwarebytes

Malwarebytes was founded in 2008 and is headquartered in Silicon Valley. They are a mid-stage venture-backed company best known for their consumer ant ...

Login Get full Access

5.11 McAfee

Silicon Valley based McAfee was an early pioneer in the anti-virus business. McAfee was founded in 1987, acquired by Intel in 2011, then spun off from ...

Login Get full Access

5.12 Microsoft

Redmond-based Microsoft began offering Defender as an anti-spyware program more than a decade ago. Defender ATP has evolved considerably since then, b ...

Login Get full Access

5.13 Palo Alto Networks

Palo Alto Networks was founded in 2005 in Santa Clara, CA. It has become a leading network security vendor. First known for their Next Generation Fire ...

Login Get full Access

5.14 SentinelOne

SentinelOne, founded in 2013, is an endpoint security vendor headquartered in Mountain View, CA. The company is a privately held, late stage “unicor ...

Login Get full Access

5.15 Sophos

UK-headquartered Sophos was founded in 1985 and was acquired by Thoma Bravo in 2019. Sophos is centered squarely in the cybersecurity market, with a s ...

Login Get full Access

5.16 Symantec (was acquired by Broadcom Inc.)

Mountain View-based Symantec provides a comprehensive set of security tools. Symantec was recently acquired by Broadcom, which is maintaining the Syma ...

Login Get full Access

5.17 VMware

In 2019, Carbon Black was acquired by VMware. VMware Carbon Black has a strong emphasis on cloud-based EPP and EDR, and the ability to protect virtual ...

Login Get full Access



© 2021 Kuppinger Analysts AG. All rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice.

KuppingerCole supports IT professionals with outstanding expertise in defining IT strategies and in relevant decision making processes. As a leading analyst company KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole, founded in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.

For further information, please contact clients@kuppingercole.com.