Next Generation Security – Finally goodbye to Antivirus

Posted on : 30-09-2016 | By : richard.gale | In : Cyber Security

Tags: , , , , ,

0

Over the past two years, the market for what we know as Next Generation Endpoint security tools has doubled each year and looks set to continue in a similar vein for the coming period. Whilst the market represents a current spend of around $500m per annum this compares, according to IDC, an estimated $9Bn in the traditional antivirus market.

Though antivirus and endpoint protection have been around for over 20 years, the next-generation endpoint security market, whilst still relatively young, is accelerating very quickly along the growth curve. New start-ups are constantly emerging at a rapid pace, moving away from the traditional signature based AV, who are being left only to deal with the “noise” or as a basic hygiene factor/safety net.

So is the traditional AV market dead? Arguably yes. Are many companies taking the plunge and removing their AV endpoint agents in favour of next generation technologies? From what we see, not quite yet.

It is understandable that the switch hasn’t quite reached the tipping point. It takes somewhat of a leap of faith in order to turn –off a security technology that has served us well for decades. Indeed, against a backdrop of technology budgets being reduced overall, except in the areas of compliance, risk and security, there is perhaps no rush (for now).

“Whilst speaking to one of our clients recently, they explained that doubling the 2016 budget for security products was a directive from the top. The fact that physically being able to implement them this year is irrelevant, in fact, they may actually just start again in 2017. They just need to be seen to be doing everything to mitigate risks”

What will change the market, without organisations staying behind the risk card, will be widespread certification of the next generation market as an auditable replacement. If this happens, then we can expect businesses to pin their colours firmly to the more effective next generation solution and ditch the legacy AV Note: some vendors are already certified as replacements, on an individual choice and investment basis.

So, in a crowded and somewhat confusing market, who are some of the key players that we expect to emerge as the winners in eating into that $8.5Bn deficit? Let’s take a look at a few;

 

Palo Alto (Traps) prevents security breaches through using a number of techniques, including machine learning. It focuses on the core exploitation techniques used by all attacks which must use a series of these exploitation techniques to successfully subvert an application. Traps renders these techniques ineffective by blocking them the moment they are attempted.

Broadgate View“a strong contender, specifically for customers who use, or are thinking about, Paolo Alto in the next generation firewall space”

 

Cylance (CylanceProtect) – The architecture consists of a small agent that integrates with existing software management systems or Cylance’s own cloud console. The endpoint will detect and prevent malware through the use of tested mathematical models on the host, independent of a cloud or signatures. It is capable of detecting and quarantining malware in both open and isolated networks without the need for continual signature updates. The mathematical approach stops the execution of harmful code regardless of having prior knowledge or employing an unknown technique.

Broadgate View – “An interesting proposition and one that is gaining a lot of interest in the market. The small footprint, mathematical intelligence based approach and minimal updates needed, make this one to watch”

 

Menlo Security – Lastly, let’s say a small word about Menlo. Whilst not in effect an endpoint solution, falling into the Isolation camp, it moves the executable code to a secure platform away from the client browser, where it is processed and cleansed of any possible threats”

Broadgate View – “We see this type of technology as another key component in the prevent category, which will compliment new generation endpoints in the coming years.

 

Of course, there are a whole raft of others out there, Carbon Black, FireEye HX, SentinelOne, Tanium etc… to name a few.

Whatever your flavour, we’ve reached the tipping point. You might need to say it quietly, but AV is officially now on the endangered species list.