Gartner Names Microsoft a Leader in Endpoint Protection Platforms

September 13, 2019   //   Managed Defense Security, , , ,

The Gartner Magic Quadrant recognizes Microsoft as a top provider of Endpoint Protection Platforms. Their latest product offerings prove they have risen to the challenge that today’s threat landscape presents.

According to Gartner, “Microsoft has been placed in the Leaders quadrant this year due to the rapid market share gains of Windows Defender Antivirus (Defender), which is now the market share leader in business endpoints”. This achievement represents Microsoft’s ability to provide best-in-class protection and deliver on innovations that learn and evolve just as attackers change their tactics.

See the full report from Gartner here, including the graphic below:

Market Definition of EPP

According to Gartner, “An endpoint protection platform (EPP) is a solution deployed on endpoint devices to prevent file-based malware, malicious scripts and memory-based threats. It is also deployed to detect and block malicious activity from trusted and untrusted applications, and to provide the investigation and remediation capabilities needed to dynamically respond to security incidents and alerts”.

Microsoft Defender Advanced Threat Protection (ATP)

Microsoft has continuously been evolving their endpoint security platform, Microsoft Defender Advanced Threat Protection (ATP), by consistently enhancing features and frequently adding new and innovative capabilities each year.

A recent analysis of Windows Defender ATP data found that 96% of malware encountered is unsigned.

Some Features Include:

  • Multi-layered protection: Microsoft Defender ATP provides multi-layered protection (built into the endpoint and cloud-powered) from file-based malware, malicious scripts, memory-based attacks, and other advanced threats
  • Threat Analytics: Contextual threat reports provide SecOps with near real-time visibility on how threats impact their organizations
  • A new approach to Threat and Vulnerability Management: Real-time discovery, prioritization based-on business context and dynamic threat landscape, and built-in remediation process speed up mitigation of vulnerabilities and misconfiguration
  • Built-in, cloud-powered protections: Real-time threat detection and protection with built-in advanced capabilities protect against broad-scale and targeted attacks like phishing and malware campaigns
  • Behavioral detections: Endpoint detection and response (EDR) sensor built into Windows 10 for deeper insights of kernel and memory, and leveraging broad reputation data for files, IPs, URLs, etc., derived from the rich portfolio of Microsoft security services
  • “Deployment” is as easy as it gets by being built directly into the operating system. There is no agent to deploy, no delays or compatibility issues, and no additional performance overhead or conflicts with other products. No deployment and no on-prem infrastructure directly leads to lower TCO.
  • Contain the threat: Dramatically reduces the risk by strengthening your defenses when potential threats are detected. Microsoft Defender ATP can automatically apply Conditional access to restrict the endpoint from accessing corporate data until the threat was remediated.

Developed with Microsoft, SWC’s Managed Defense service leverages the intelligent tools in Microsoft 365 and Windows Defender ATP to harden your defenses, alert you to suspicious behavior, and quickly respond to threats to keep your organization secure.

Want to learn more about Managed Defense? Watch our demo to see Managed Defense in action during two security incident scenarios.

SWC Managed Defense