Next-Generation Security Buyer Perceptions, Priorities, and Issues: A Guide for Endpoint Security Consumers and Vendors

The endpoint security market is an extremely vendor-dense and highly competitive area. Vendors in the space are generally divided into two camps: those promoting prevention and those promoting detection. Though the vendors who provide prevention also alert on the attacks they detect, thus providing detection, the primary differentiator in the two approaches is pre-compromise versus post-compromise. Prevention vendors alert on attacks they identified and stopped while the detection vendors alert on what happened to the system that looked like an attack.

While the vendors in this space agree that a (strictly) signature-based approach is not the way to go for ongoing success due to inability to scale and false positive/negative alerts, they disagree on which general approach is better. The most common argument between supporters of these approaches goes something like this: detection supporters say that prevention cannot stop everything and thus is not reliable. Prevention supporters say that once the endpoint is compromised, it cannot be trusted and therefore must be cleaned/remediated, taking valuable time from the personnel affected by the clean-up. 

The two camps are further joined by the "Big 5" traditional antivirus vendors who dominated the antivirus market for more than a dozen years but in recent years began losing revenue to the startups. Though these companies are currently not much more than a revenue nuisance, as they continue to grow, that impact will increase. It is ultimately the failing of these companies to adapt their technologies and defense strategies to accommodate the advancing attacks that gave way for the creation of the NGES startups.

This research quantifies these perceptions. The approach was to identify as many vendors in the endpoint protection space as possible, letting the research participants identify whether or not they heard of or used each and whether or not they thought they met the provided definition of an NGES solution. Once the baselines were established, qualified respondents were asked about their perceptions of the vendors and what drove the perceptions. The outcome reveals market penetration of the vendors and how well they are perceived in the marketplace, and the data can be used by marketing teams to redirect their efforts in the most useful manner to bolster positive perception and address negative perception.