Understand the motivation to purchase
Endpoint protection (EPP) remains a fundamental component of any organization’s security posture. EPP products are valuable to enterprises not only as security controls, but also as tools for visibility into resource consumption, file integrity, the presence of attached devices, and more. And with the emergence of advanced endpoint protection (AEP) products, enterprises are expecting even more from their endpoint products.
But is there a single feature that distinguishes more conventional products from “advanced” products? That’s a hard question to answer. AEP products are not easily defined; they most notably differ from conventional antivirus products by their underlying detection technologies and depth of forensic visibility, as well as by their management workflows, deployment options, and “threat hunting” toolsets.
When evaluating specific AEP products, organizations must ask:
Before making a purchasing decision, organizations looking to replace or complement EPP products with AEP products should first determine their use case, their expectations for the product, and how they’ll measure the product’s success. For help answering these questions, visit the NSS website and download the first paper in our series on selecting an AEP product.
Follow me on Twitter (@jsnppp) to keep informed as new research is released.
Follow us on Twitter (@NSSLabs) to keep informed as new research is released.