Endpoint Security Software
Endpoint Security Software TrustMap
TrustMaps are two-dimensional charts that compare products based on trScore and research frequency by prospective buyers. Products must have 10 or more ratings to appear on this TrustMap.
What is Endpoint Security Software?
Endpoint security software protects enterprise-connected devices from malware and cyber attacks. Endpoint protection involves a multifaceted approach combining scanning and antivirus / antimalware, threat detection, and infiltration prevention. Beyond simple antivirus software, endpoint security includes endpoint protection platforms (EPP) as well as endpoint detection and remediation (EDR) software.
Endpoint security software has become increasingly crucial as Bring Your Own Device (BOYD) policies have become the norm for many businesses. Under BOYD policies, employees can use their personal devices, most commonly smartphones or laptops, for doing professional work or accessing business systems. Each of these personal devices are an endpoint that could be a vulnerability to the business.
Endpoint security software can help mitigate the risks that BOYD poses. It allows administrators to centrally manage the business’s endpoint vulnerabilities using a variety of tools at scale. This centralization is far more preferable than trusting each endpoint owner individually.
Vendors providing total endpoint protection software generally offer basic antivirus as well as higher tier applications providing additional security and remediation features for businesses. The specific advanced features offered will vary by each product.
Machine learning in particular has taken a key role in modern endpoint security. Machine learning methods allow endpoint security products to adapt to new threats more quickly than humans could manually achieve. This improved efficiency has made machine learning a mainstay in most leading endpoint security software.
Features of Endpoint Security Software
Endpoint security software offers the following features:
Traditional endpoint scanning and antivirus /antimalware capabilities
Scheduled or continuous monitoring of files and connected devices
Lock down or restricted access of endpoints by administrator
Restrict endpoint users from accessing various websites and applications
Policy-based configuration and compliance controls
Endpoint Security Comparison
Comparing endpoint security software “apples-to-apples” can be difficult. Consider these factors when comparing different products:
Mobile Device Support: Mobile devices come with their own unique security challenges and requirements vs. more traditional computers. Consider how well each product support mobile device protection. An additional factor would be how unobtrusive the software is, which can make a big difference in adoption when trying to implement the software in BOYD environments.
Policy Management: How easily can administrators establish, manage, and customize security policies for different groups of devices, down to individual devices? Consider not only whether each product can do so, but also how easy to manage those processes are, since centralized management is such a core benefit of endpoint security software in the first place.
Hosted vs. On-Premise Software: Consider whether it is better for the business to deploy the software on an on-premise server vs. having the software provider host the product. Hosted solutions let businesses outsource the continual updates and improvements necessary to maintain effective security. In contrast, on-premise solutions allow in-house IT administrators to have a higher level of control at the cost of additional maintenance requirements.
Simple antivirus and threat detection software is relatively inexpensive, with a device per year pricing model. These simple tools can range in price from free to several hundred Dollars depending on the number of devices supported. More complex endpoint protection platforms including remediation can cost more.
Symantec Endpoint Protection is the company's flagship antivirus / endpoint security product.
Bitdefender GravityZone combines multiple security services into a single platform to reduce the cost of building a trusted environment for endpoints.
Sophos Endpoint Protection (Sophos EPP) with Intercept X is an endpoint security product providing an antivirus / antimalware solution that when upgraded with Intercept X or Intercept X Advanced provides advanced threat detection and EDR capabilities.
The ESET Endpoint Security product line, from Slovakian company ESET, combines antivirus and antispyware with anti-phishing, support for virtualization, as well as remote management and antispam and other features for businesses, as well relatively simple deployment for small offices.…
CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment…
Fortinet offers FortiClient, their endpoint security system emphasizing automated advanced threat protection, security fabric integration, secure remote access, endpoint quarantine, and a comprehensive reporting dashboard.
The Trend Micro Endpoint Security platform Apex One (formerly OfficeScan) provides antivirus and malware detection, and endpoint visibility. The product suite can be extended with associated applications that cover mobile endpoint protection, endpoint encryption, as well as network…
Cylance, a Blackberry company since the early 2019 acquisition, developed their flagship business antivirus and endpoint protection software in CylancePROTECT, featured in business and home editions boasting artificial intelligence guided protection. BlackBerry Protect is a post-…
Trend Micro offers the Smart Protection Suite with XGen, an endpoint security suite including data loss prevention and mobile device protection. The Smart Prtection Endpoint Suite is the basic edition. The Smart Protection Complete Suite also includes a message security gateway for…
The VMware Carbon Black Cloud Endpoint Standard solution (formerly Cb Defense) is an endpoint security and "next-gen antivirus (NGAV)" that uses machine learning and behavioral models to analyze endpoint data and uncover malicious activity to stop all types of attacks before they…
Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint…
Panda Adaptive Defense 360 combines next-generation antivirus protection, endpoint detection and response (EDR), patch management, content filtering, email security, full disk encryption, and more, into one package. The platform touts a unique zero-trust security service that certifies…