Endpoint Protection Platforms Magic Quadrant - What's New
Reading the fine print in Gartner's recent Endpoint Protection Platform (EPP) Magic Quadrant report (Dec 2023 edition) - a few notes below:
Palo Alto Networks is the new arrival into the Leaders quadrant and it's the only network security vendor there, offering solutions in adjacent markets such as SASE and NGFW.
Crowdstrike has increased its position as leader and surpassed Microsoft both in ability to execute and vision, making it the best positioned vendor in the report. It appears this is mainly due to market share growth rate and well executed integration of XDR, ITDR (identity threat detection and response), cloud security and ASM (attack surface management) functionalities.
Trend Micro has consolidated and improved its leader position in the MQ. They also got most points for integrating ASM, ITDR, security configuration management and XDR capabilities in its Vision One platform.
Generally, it appears Gartner leader positioning favors holistic XDR platforms that combine ITDR, vendor provided MDR, ASM and other adjacent functionalities that enable customers to consolidate their other tools and adopt a single-vendor solution.
Interestingly, the inclusion criteria include:
a cloud-based, SaaS-style, multitenant security analytics and management infrastructure that is required to be maintained by the EPP vendor;
at least 30 days of telemetry and detection events in the vendor's management infrastructure;
native integration with vendor-owned or third-party security controls, such as identity protection (ITDR), email security, security service edge (SASE) and workload protection.
Finally, some numbers from Gartner's surveys:
An overwhelming majority of EPP deployments (90%) consist of cloud-delivered EPP solutions, with on-prem deployments relegated to niche air-gapped environments;
roughly 57% of organizations have EDR capabilities deployed on endpoint level;
MDR adoption continues to grow rapidly, although still relatively a modest 17% of organizations subscribe to vendor-managed service wrappers to provide or augment their security operations functions.
You can download the full report here.