Endpoint protection has evolved substantially over the past few years. At one time an endpoint protection platform was defined as antivirus software and a centralized console for keeping AV rules and definitions up to date. Now, even the oldest antivirus companies recognize that traditional antivirus systems are not very effective at protecting endpoints. The industry has evolved to incorporate many other aspects of endpoint protection.
That said, Gartner still takes a particularly narrow view of endpoint protection, defining the landscape as anti-malware, personal firewall, and port and device control. That stands in opposition to the definition of malware defense the Center for Internet Security provides (abbreviated below):
Critical Security Control (CSC) 8: Malware Defenses
- 8.1. Automated continuous monitoring
- 8.2. Centralized infrastructure
- 8.3. Limit use of external media
- 8.4. Enable anti-exploitation features
- 8.5. Enable behavior-based malware detection
- 8.6. Enable DNS query logging
Currently, Ivanti outsources 8.1 and 8.5 in the above malware defenses list to trusted partners Invincea and Kaspersky Lab. Both provide traditional signature-based antivirus defense and newer behavior-based and adaptive anti-malware technologies—a combo that offers extensive protection traditional AV software can’t hope to replicate. And we couple these solutions with a rich, robust, and thorough endpoint protection solution that exceeds the capabilities of any other solution in the industry.
Gartner’s narrow view of malware defense limits what providers develop for their customers (so they can check those boxes Gartner defines and qualify for inclusion). We have chosen to integrate more capabilities and augment with partner technology to provide complete coverage.
One of the potential outcomes of meeting Gartner’s narrow definition of endpoint protection is to undervalue innovation in the category. At Ivanti, we have chosen not to do that.