2015-10-25 12:50:02 UTC

When evaluating Endpoint Security, what aspect do you think is the most important to look for?


Let the community know what you think. Share your opinions now!

Guest
66 Answers
Real UserTOP 20

Key points for me are speed, scale & reporting, and I generally classify my toolkit into these compartments.

2017-10-26 13:10:15 UTC26 October 17
Vendor

evaluation of endpoint protection should look at what the product offers for prevention, detection and remediation. On prevention does the product provide basic exposure prevention, the ability to prevent the end users device from navigating to known malicious sites, or to insert an unauthorized external media (usb). Does the product prevent the execution of malware, either through heuristics matching, emulation, downlaod reputation or signatures. If exposed to malware does the product provide robust malicious action detection, run time behaviors, exploit detection, malicious command and control beaconing etc. Last the product needs to include robust remediation capabilities, not simply malware removal but the ability to understand the root cause of the threat and what led to the detection of malicious activity. With that last bit of information you should be able to scan the network for other similar indicators of compromise, so you can fully remediate the detected activity. Often malware today involves the exploit of running applications with no payload delivery, in these situations it is critical that the endpoint product can detect/block and take action on memory resident threats. It gets fairly complex, but the key evaluation criteria are what does it do to Prevent, Detect and Remediate malicious activity. Any vendor without a good story for all of this is just a point solution in the overall security posture for your company.

2016-03-04 16:15:51 UTC04 March 16
Real UserTOP 20

Coverage. Performance. Enterpriseness :-)

2017-12-08 21:08:05 UTC08 December 17
User

Speed (installation, detection, scans), low impact (on boot, memory). Then price etc.

2017-10-26 14:08:40 UTC26 October 17
Vendor

I agree with Stephen, but also would like to add that I think it's important to evaluate which attack vectors the solution will block. Oftentimes I see people do testing with only known malware samples. One should test with known samples, unknown malware 0days, as well as exploits.

2015-12-04 21:44:28 UTC04 December 15
Real User

Endpoint Security should be proactive, the days of reactive endpoint protection are far gone. I have evaluated many End Point Security products and what stands out with all of them is they are very similar and are all working towards the proactive approach. Most technology being used are the same with a few exceptions. The answer to this question must be based around the organization looking for the solution. Some Company's don't allow BYOD there for mobile endpoint solutions are not needed
Generally I look for Suppliers Support, Price, Ease of installation and removal.

2015-11-17 12:59:44 UTC17 November 15
Find out what your peers are saying about Symantec, HCL, Microsoft and others in Endpoint Protection for Business. Updated: September 2019.
366,239 professionals have used our research since 2012.
Sign Up with Email