Most of us know by now that traditional anti-virus doesn’t work, or at least doesn’t work well enough to be the sole line of defense against potential endpoint exploits. Last year Symantec SVP Brian Dye told the WSJ that traditional AV only catches 45% of malware, and many security professionals think the number is even lower. These days, most enterprises need more, or at least want an endpoint product that can actual prevent zero-day infections and exploits from happening and be more proactive.
We looked at two relatively new protective products, Carbon Black (now owned by Bit9, with a screen shot shown above) and Cylance Protect (with a screenshot of its threat analysis shown below). Both are designed to approach securing your endpoints from a different and more complete perspective. To be effective, a modern endpoint security tool needs to be both a gatherer and a hunter: being able to find a needle in the proverbial haystack, when you don’t even know what the needle looks like. That is where this new breed of tools comes into play.
You can read the review published today here.
Paul Tanasi writes:
Hi David, I’m wondering why you didn’t look at the “traditional” AV vendors who although you say AV doesn’t work you failed to approach them to see what they’re doing these days. Intel Security (McAfee) who already have a significant endpoint presence (i.e. agents and management console) deployed across the world have solutions that compete with Carbon Black, Cylance, Tanium, etc. Shiny new toys are nice but plugging a “new” solution into existing infrastructure without having to re-train your entire staff is also very key. Cost of ownership on a shiny new toy when you already have most of the pieces in place probably makes little sense to most organizations. Someone’s always going to come up with a new way of doing things but it behooves any IT security admin to do their homework or wait a few months to see what everyone else is doing before jumping on the bandwagon.
We tried to get Intel to participate but they didn’t return our calls. You saw the long list of vendors that I attempted to reach out and include in my review, perhaps the old ways aren’t all that good anymore.