The State of Endpoint and Application Security (Includes Video)

Gruber_Oltsik_state-of-endpoint-securityI had a terrific week at RSA, meeting and talking with many of the world’s leading endpoint security and application security vendors. Every year, RSA provides a unique opportunity to take a fresh look at new and existing vendors, through in-person meetings with technical and marketing leaders, and checking out messaging through booths, signage, and materials.

While each company came with their own specialized story based on their latest features, products, and partnerships, there were a few common themes that really stood out. For the past 18 months, endpoint buyers have been speaking up about the challenges associated with managing too many security tools, asking for converged platforms and suites from both traditional and next-gen solutions. While platforms and suites aren’t a new idea, at RSA this year, there was a consistent theme of bringing prevention, detection, and response together in a common platform, using a single agent delivered from the cloud.

I’m super excited to see this convergence and the move to cloud delivery, but I’m also worried about the confusion I saw in the eyes of buyers as they navigated the show floor. As the industry evolves from best-of-breed solution offerings to a more integrated platform delivery model, the competitive environment further expands, as prevention vendors move into detection and response, and EDR vendors move into prevention. This means that buyers are faced with more complex evaluations, likely lengthening the sales cycle. It also means that buyers will face a more complex migration as they look to transition from existing, best-of-breed solutions to integrated platforms.

I’m really counting on platform vendors to help make it easy for buyers, by enabling their solutions to be phased in, while overlapping functionality from existing solutions runs side-by-side. And while this likely means that the buyers' world will become a bit more complicated before it gets simpler, it will provide a path for buyers to move to a more integrated, easier to manage environment over time. As platforms evolve, they will offer more and more capabilities, converging other parts of the overall security stack. This convergence should ultimately translate into a more effective, efficient security architecture.

Much progress was also visible on the application security front, with a similar theme bringing together SAST, DAST, IAST, RASP, and SCM into integrated suites. It was great to see a full day at RSA dedicated to DevSecOps this year, reinforcing the importance of AppSec, and providing an opportunity for every AppSec vendor to help drive this important agenda. Reducing friction in the DevSecOps process is critical to its success, and it is great to see the AppSec vendors heavily focused here.

I was also excited to talk with many vendors focused on enabling enterprise applications to be used securely on BYOD mobile devices. With so many users already accessing enterprise apps from their mobile devices, it is critical for security teams to add focus here.

Kudos to all the endpoint and AppSec vendors for the great progress they have made this year in bringing together converged platforms and suites! I’m kicking off a new research project this week to dig deeper into the return of endpoint platforms and suites, so I look forward to sharing further insights into what buyers are expecting over the next couple months.

Take a look at this video where I talk with Jon Oltsik about the current state of endpoint and application security. 

Topics: Cybersecurity