Recently, we hosted a webcast entitled “How ‘Next-Gen’ is your Endpoint Protection?” CrowdStrike CTO Dmitri Alperovitch was joined by Forrester Principal Analyst Jeff Pollard to help organizations demystify the hype around next-generation endpoint security solutions. You’re probably asking yourself, “How could there possibly be hype and confusion over such a mature and saturated market such as endpoint security?”
I’ll tell you why: At last count, I’m told that Forrester is considering more than 90 vendors for inclusion in their Wave report for endpoint security. Almost all of of these vendors are marketing themselves as “next-gen.” Why not? It worked for next-gen firewalls right? But what does it really mean in the endpoint space? Is this really something evolutionary or just clever marketing trying to sell the same old wine in a new bottle? I think our product team put it best in a recent blog titled What the !@#$ is next-generation?. Good reading if you have some time.
Back to the webcast. Jeff starts by laying the foundation of what’s driving the need for a new approach to endpoint security. He talks about the new normal of living in a “world of hyper-change.” For example, did you know that 72 hours of footage is uploaded to YouTube every minute? At first I was confused about what this has to do about endpoint security, until he connected the dots with the fact that 90% of the world’s data today was created in the last two years alone. Jeff makes the point that we have to modify the way we have adapted endpoint defenses to address a threat environment that is morphing at the same speed as the digital world. Protecting an endpoint has become increasingly complex, and legacy security solutions that only focused on delivery mechanisms of threat actors — such as web, email, and file-based exploits — are no longer effective. Jeff explains how today, from a security perspective, an attacker is only an attacker until they get in. Once they are in, they look like a user. The threat actors of today look like a trusted endpoint user and go virtually undetected by traditional endpoint security solutions.
Sound familiar? You are not alone. I recently interviewed a new customer who told me that CrowdStrike identified Russian hackers using an endpoint as a proxy to get to other companies. The customer had a well-known endpoint security solution installed on the machine for more that 2 years and it never detected a thing. Needless to say, that customer is no longer doing business with said vendor.
Forrester makes a strong case for next-gen endpoint solutions that give visibility into what an attacker looks like before, during, and after an attack. Our CTO couldn’t agree more. In the webcast, Dmitri builds off the foundation set by Jeff and discusses why endpoint solutions that focus only on malware are no longer sufficient. The adversaries of today look like insiders and often leverage non-malware based techniques to mask themselves as trusted users. The customer experience I mentioned above is a perfect example of this. The customer could have cared less if it was malware or non-malware attack. He wanted to stop the breach. Dmitri outlines CrowdStrike’s approach to continuous breach prevention, which leverages a combination of different techniques designed to stop breaches. He discusses in detail the key elements and capabilities shared by true next-generation architectures and approaches, and why they are critical to intercepting sophisticated attacks and stopping breaches targeting organizations.
Want to know more? I encourage you to read CrowdStrike’s white paper on essential elements of next-generation endpoint protection to help further sift through the hype and uncover the critical elements that a true next-generation endpoint security solution must include.