Microsoft、CrowdStrike LeadGartnerのパワーパックされたEPPクワッド

MicrosoftとCrowdStrikeは、Gartnerのエンドポイント保護プラットフォーム（EPP）の最新ランキングで、サイバーセキュリティベンダーのスターがちりばめられた分野をリードしました。これらの2つのベンダーは、アナリスト企業の最新のマジッククアドラントの右上に遠く離れており、McAfee、VMware Carbon Black、Ciscoなどの有名企業を残していました。Microsoft and CrowdStrike led a star-studded field of cybersecurity vendors in Gartner’s latest ranking of endpoint protection platforms (EPP). Those two vendors were far-and-away to the most upper-right of the analyst firm’s latest Magic Quadrant, leaving behind big names such as McAfee, VMware Carbon Black, and Cisco. That lead could be important as Gartner predicts that cloud-delivered EPP will account for 95% of deployments by the end of 2023. And it feeds into the growing extended detection and response (XDR) and zero-trust security approaches sweeping across the cybersecurity landscape. Gartner lauded Microsoft for its focus on large and global enterprises. The vendor’s portfolio of Defender for Endpoint and native protection in its Windows 10 platforms were cited for providing a “holistic set of security layers” for those customers. And its broader Defender offerings pull from an underlying data lake and API “allowing for unified threat hunting, excellent automation and creating a true XDR platform,” the report notes. Microsoft demerits were tied to a lack of support for legacy platforms that are nearing the end of their support lifecycle “despite many organizations still owning significant numbers of these.” And the vendor was dinged for various pricing and licensing concerns from customers. CrowdStrike might lack the sheer size of Microsoft, but Gartner noted that it provides a comprehensive suite of EPP capabilities from a single agent that makes it easier to manage a deployment. It was also applauded for having a strong reputation in the market for companies that want to consolidate their EPP and EDR agents, and its Falcon X threat intelligence and Threat Graph data analytics provide a compelling vector for countering security threats. These positives are being proven in the market as Gartner cited CrowdStrike’s robust customer base. “CrowdStrike has a customer base that is highly targeted by attackers,” the report noted. “As a result, it has consistently adapted early to shifts in attack techniques. It achieved positive results in the MITRE Phase 2 evaluations with consistent identification of tactics and techniques.” However, that level of service and performance – like Microsoft – comes at a price. Gartner explained that customers cited the need to purchase extra cost options to get CrowdStrike’s full portfolio and that for multi-year contracts, “CrowdStrike insists on upfront payment.” Two other dings against CrowdStrike were related to a perception that it’s not a big player in the burgeoning XDR space and a lack of features for serverless workloads and container runtime protection. That first issue was somewhat addressed earlier this month when CrowdStrike struck a deal with Google to extend their product integrations into a model that mirrors XDR. And, CrowdStrike earlier this year acquired XDR-focused vendor Humio for $400 million. The second issue was also tackled in February when CrowdStrike rolled out updates to its Falcon platform to provide a cloud-native security posture for serverless and containers running in multi-cloud environments. While Microsoft and CrowdStrike shared a lofty perch above their rivals, they were not the only vendors living in Gartner’s “leaders” quadrant. Trend Micro, SentinelOne, McAfee, and Sophos all gained that status, just to a lesser extent. Other big-name players in the broader grid include “visionaries” VMware Carbon Black, Cisco, Cybereason, Kaspersky, and Broadcom/Symantec, and “niche players” FireEye, F-Secure, Bitdefender, BlackBerry/Cylance, Check Point Software, Panda Security, and Fortinet.