In March of this year, we published the reports from our Advanced Endpoint Protection (AEP) v3.0 Group Test. On April 26th, we presented our AEP 3.0 webinar, during which we looked at the test results, discussed our methodology approach, and provided AEP product selection guidance.
Our group test webinars aim to provide insight into important NSS testing concepts and help those unfamiliar with our testing process understand both what motivated a test and how the information can be used effectively. As such, they are mostly one-way communication until the Q&A at the end when there is opportunity for us to engage with our audience in a dialog of sorts. During the AEP 3.0 webinar, we received a number of great questions, some of which we were not able to address at the time. We thought it was important to provide a comprehensive follow-up—and let you know where to find more information. To this end, we have documented the questions and published our responses on an AEP Webinar Q&A page.
Here’s what our presenters had to say:
I was impressed with attendance numbers, both for the live webinar and for the recording. Many industries and sectors were represented, including government, construction, education, energy, financial, healthcare, and transportation. Audience members held a variety of roles: one third indicated they were managers and team leads, and one third indicated they held director, VP, executive, and C-level positions. Company size varied from less than 10 to 5000+. We received a wide range of questions from our diverse audience and we are following up across multiple areas including vendor/product selection advice, product tuning before and during testing, threats used during testing, test result distribution and timing, and the NSS Security Value Map (SVM).
During the webinar, I mentioned that we are often asked which endpoint product is “the best.” My reply? “No such animal,” This is because every enterprise consumer of security technology has its own requirements. Common elements do exist, but it is up to an organization to first identify its priorities and then determine which products to explore further.
Use case, risk tolerance, and IT security architecture play an important part in any product selection decision. Use case because the systems the endpoint product will protect must be taken into consideration; risk tolerance because it is important to know what the impact will be if the system is not protected; and IT security architecture because the environment(s) the product exists in and data sharing requirements by adjacent security products are growing and thus becoming more important to consider.
We didn’t get into “secondary” factors during the webinar (and these are really primary factors once security effectiveness is determined). Such “secondary” factors include central management decisions (Should an organization choose cloud-delivered or on-premises deployments?) and interoperability concerns (Does the AEP product provide the information needed for adjacent controls to leverage the insight gained from the endpoint security product?).
Find out more
Visit our AEP Webinar Q&A page where we address questions asked during the presentation.
In March 2019, NSS published the results of our AEP v3.0 Group Test. This test included 21 vendors and was the most comprehensive endpoint test to date.
NSS has published a series of Intelligence Briefs on security controls in the US enterprise. The NSS Labs 2019 Intelligence Brief on Advanced Endpoint Protection provides visibility into current enterprise requirements for the technology. The paper is available to subscribers to our Research Library).