Gartner has once again positioned Sophos as a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms (EPP).
ith the recently launched next-generation anti-exploit product, Sophos Intercept X, and the continued enhancement of the cloud-based management platform, Sophos Central, Sophos offers a broad portfolio of endpoint security products and has held a Leader position in this report since 2007.
According to the report, the next wave of cyber-threats will be fileless. “Advanced attackers have been exploiting script-based attacks for years. Common Windows utilities, such as the command line interface, PowerShell, Perl, Visual Basic, Nmap and Windows Credential Editor, can be exploited to compromise machines without dropping any executable files, evading all traditional forms of malicious file detection.”
In response to this, Gartner recommends that: “EPP buyers should look for vendors that focus on memory exploit protection, script analysis and behaviour indicators of compromise. Ultimately, we [Gartner] believe that vendors that focus on detecting behaviour indicative of attacker tradecraft (that is, tools, tactics and techniques) will be the most effective.”
“For the last several years Sophos has built products that integrate exploit prevention, behaviour analytics and pre-execution heuristics. The launch of Intercept X added signatureless anti-exploit and anti-ransomware capabilities with root cause analysis to run alongside and complement existing endpoint protection products,” says Brett Myroff, MD of Sophos distributor, Netxactics.
“We believe that Sophos’ continued placement as a Leader in this highly competitive market reflects its ability to continually innovate and deliver quality products in response to the changing threat landscape. Not only have the products been proven in customer deployments worldwide but they are also assessed by independent third-party testing to demonstrate their effectiveness against the threats that Gartner cautions are on the rise.”
Sophos believes that the only way to successfully protect against the growth of sophisticated threats is to use an ensemble of products that work together and share threat and security status for faster detection and more immediate response.
“This is the core tenant of Sophos’ synchronised security strategy. It is only by taking a new ‘best of breed system’ approach to close the gaps that exist in the traditional multi-vendor single product deployments that companies will more effectively protect their critical data assets. Sophos includes network security, endpoint security and encryption products in this synchronised security strategy and will continue to expand its capabilities,” Myroff says.
Sophos continues to deliver on its strategy to integrate endpoint protection platforms and endpoint detection and response capabilities into the Sophos Central management platform to deliver a more effective solution. Sophos believes this strategy is consistent with the prediction in the report statig: “By 2019, EPP and EDR capabilities will have merged into a single offering, eliminating the need to buy best-of-breed products for all but the most specialised environments.”