Most Recent Blogs

Endpoint Security in 2017

Posted: January 17, 2017   /   By: Jon Oltsik   /   Tags: Network Security, Cybersecurity, endpoint security, antivirus, Anti-malware


network_connectivity.jpgJust a few years ago, there were about 6 to 10 well regarded AV vendors that dominated the market. Fast forward to 2017 and my colleague Doug Cahill and I are currently tracking around 50 endpoint security vendors. 

Why has this market changed so much in such a short timeframe? New types of targeted threats regularly circumvented signature-based AV software over the past few years. This weakness led to system compromises, data breaches, and panicky CISOs in search of AV alternatives. This in turn persuaded the fat cats on Sand Hill Rd. to throw VC dollars at anything that hinted at endpoint security innovation.

Okay, I get the need for more than signature-based AV but there simply isn’t room in the market for 50 endpoint security vendors. Thus, it’s safe to assume a lot of M&A activity and outright business failures this year. 

Read More

Goodbye SIEM, Hello SOAPA

Posted: November 29, 2016   /   By: Jon Oltsik   /   Tags: Network Security, Cybersecurity, endpoint security, SIEM, antivirus, security analytics

Hello_goodbye.jpegSecurity information and event management (SIEM) systems have been around for a dozen years or so. During that timeframe, SIEMs evolved from perimeter security event correlation tools, to GRC platforms, to security analytics systems. Early vendors like eSecurity, GuardedNet, Intellitactics, and NetForensics, are distant memories; today’s SIEM market is now dominated by a few leaders: LogRhythm, McAfee (aka: Nitro Security), HP (aka: ArcSight), IBM (aka: QRadar), and Splunk.

Of course, there is a community of innovative upstarts that believe that SIEM is a legacy technology. They proclaim that log management and event correlation can’t keep up with the pace of cybersecurity today, thus you need new technologies like artificial intelligence, machine learning algorithms, and neural networks to consume, process, and analyze security data in real-time. 

Read More

Next-generation endpoint security market bifurcation

Posted: May 13, 2016   /   By: Jon Oltsik   /   Tags: Cybersecurity, endpoint security, antivirus

digital_lock.jpgMy colleagues Doug Cahill, Kyle Prigmore, and I just completed a research project on next-generation endpoint security (login required). But just what the heck is next-generation endpoint security? Cybersecurity professionals remain pretty confused around the answer to this question. For the purposes of its research project, ESG defined next-generation endpoint security as:

Endpoint security software controls designed to prevent, detect, and respond to previously unseen exploits and malware.

Read More

AV software: “I’m not quite dead yet”

Posted: April 14, 2016   /   By: Jon Oltsik   /   Tags: Cybersecurity, endpoint security, antivirus

Security_Integration.jpgIf you are a cybersecurity professional, you’ve probably read the quote, “AV is dead” hundreds or even thousands of times. The thought here is that antivirus software is no longer effective at blocking modern exploits and malware, thus its useful lifespan is effectively over. 

Read More

Consumer Security and Consumer Privacy Are Two Separate Conversations

Posted: February 04, 2016   /   By: Kyle Prigmore   /   Tags: Security and Privacy, Security, endpoint security, antivirus, privacy, antivirus software, consumer security

The-Endpoint-Security-Paradox.jpegAs the title of this blog post implies, there seems to be a blurred line in the general rhetoric between “privacy” and “security”. These topics are not the same, and yet I see them lumped together all too often (ahem, CNN & Co). It's tough, however, to weave a coherent single narrative on the subjects, so let me present a few disparate points to help distinguish the two:

Read More

Network Security Sandboxes Driving Next-Generation Endpoint Security

Posted: January 15, 2016   /   By: Jon Oltsik   /   Tags: Network Security, Cybersecurity, endpoint security, antivirus, APT

The-Endpoint-Security-Paradox.jpegRemember advanced persistent threats (APTs)? This term originated within the United States Air Force around 2006. In my opinion, it gained more widespread recognition after the Google “Operation Aurora” data breach first disclosed in 2010. This cyber-attack is attributed to groups associated with China’s People’s Liberation Army and impacted organizations like Adobe Systems, Juniper Networks, Northrop Grumman, Symantec, and Yahoo in addition to Google.

Read More

The Return of AV Leaders?

Posted: November 03, 2015   /   By: Jon Oltsik   /   Tags: Cybersecurity, malware, endpoint security, antivirus

protected endpointsWhen I started covering the infosec market around 13 years ago, anti-spyware was the hot topic Du Jour. The market went through a common cycle – VCs funded companies and cranked up the hype machine. Some product companies were acquired (CA purchased PestPatrol, Microsoft acquired Giant Software, etc.), while others pivoted from anti-spyware alone to endpoint security (Webroot). Ultimately, however, the anti-spyware boom cycle went bust when incumbent endpoint security leaders like Intel Security (McAfee), Kaspersky, Sophos, Symantec, and Trend Micro added anti-spyware to their existing AV products, turning a product category into a product feature. 

Read More

Some Thoughts for Millennials that Diss Antivirus

Posted: October 27, 2015   /   By: Kyle Prigmore   /   Tags: Cybersecurity, Security, endpoint security, antivirus, Anti-malware, cyber crime

blameMy generation can get awfully snarky about antivirus: go on reddit, search for the topic, and you’ll find some arrogant responses along the lines of “antivirus is just adware and all I need is Malwarebytes”.

Well hey, good for you, and Malwarebytes is great (I use it too). But we millennials have a harder time remembering what the internet was like before AV came along, a time when any email or misclicked website could brick your computer. Now with the rise of ransomware and targeted attacks putting entire devices at risk once more, we have somehow resorted to blaming antivirus for not being effective enough at blocking these attacks. It’s unfair and short-sighted, and the popularity of the “AV is unnecessary” trend remains perpetually premature.

Read More

The Roller Coaster Ride toward Free Antivirus

Posted: October 23, 2014   /   By: Kyle Prigmore   /   Tags: McAfee, Kaspersky, Avast, trend micro, antivirus, free antivirus

ESG data shows that 57% of enterprises have either already switched to free antivirus software or are actively exploring the option. It makes some sense: Free AV programs have posted competitive efficacy rates against paid versions, and AV is increasingly viewed as an IT operations checkbox as opposed to a pure endpoint security control. There also seems to be a decreasing need to assign budget for AV. The thinking is that those dollars could instead be spent on newer technologies such as advanced endpoint anti-malware products, endpoint forensics, or endpoint analytics. For many organizations, ditching paid antivirus for a free product could be viewed as a sensible cost-cutting move. 

Read More

Are Enterprise Organizations Ready to Use Free AV Software?

Posted: March 20, 2014   /   By: Jon Oltsik   /   Tags: Microsoft, Endpoint & Application Virtualization, Cisco, Information and Risk Management, Sourcefire, McAfee, Security and Privacy, Security, Bradford Networks, Malwarebytes, Kaspersky Lab, Juniper Networks, freeware, ForeScout, Avast, trend micro, bromium, Symantec, security intelligence, Great Bay Software, antivirus, Cylance, Bit9, Anti-malware, APT

Last year, ESG published a research report titled, Advanced Malware Detection and Protection Trends, based upon a survey of 315 security professionals working at enterprise organizations (i.e., more than 1,000 employees). In one question, ESG asked security professionals whether they agreed or disagreed with the following statement: “Commercial host-based security software (i.e., AV) is more or less the same as free security software.”

It turns out that 36% of security professionals either “strongly agree” or “agree" with this statement, while another 25% are sitting on the fence (i.e., they neither agree nor disagree with the statement).

Read More

Posts by Topic

see all