Security Transformation Endpoint Security
7 minute read

Cybereason Surpasses Some of the Biggest Names in Enterprise Endpoint Security

Cybereason’s defense technology underwent Advanced Endpoint Protection testing done by NSS Labs and received the “AA” product rating. The solution earned near-perfect ratings across critical categories such as management and ease of use. In addition, Cybereason dominated an area most EDR providers struggle with, the resistance of evasion.

In This Article

Gartner forecasted  that 5.8 billion enterprise and automotive IoT endpoints would be in use by the end of 2020, highlighting the significant role technology will continue to play in business and everyday life.

This volume of laptops, smartphones, tablets, servers and more creates a complex and interconnected web of endpoints distributed around the world. While these devices bring many benefits to businesses, the rapid growth has also increased entry options for cyber attackers looking to breach security.

copy link

The importance of endpoint security

From email and website attacks featuring advanced malware to “drive-by” and zero-day exploits taking entire business operations offline, attackers are taking advantage of the volume of vulnerable devices on the internet. To combat these risks, companies invest in tools used to monitor and secure endpoints, also termed endpoint detection and response (EDR). 

While there are quite a few solutions out in the market today, many are riddled with shortcomings such as excessive false positives, inability to address “unknown” risks and other challenges that make it hard for security professionals to do their jobs effectively. 

Good endpoint security technology empowers businesses to increase visibility, improve protection and simplify the management of endpoint ecosystems while securing data and enabling operational efficiencies. To make this happen at the speed and scale required in today’s operating environment, advanced analytical capabilities have become critical in EDR. 

Solutions that leverage AI-backed security analytics to learn and improve upon threat detection and response, automatically, are leading the pack. No matter how many devices are being added to the ecosystem on an ongoing basis, top solutions can adapt to the dynamic demands of enterprise endpoint security. 

Shining a light on the best endpoint security solutions 

All EDR providers are not created equal, and with so many security vendors joining the cyber tech scene, it can be hard to distinguish the truly valuable providers from the smoke blowers. To help, Forrester and NSS Labs each conduct assessments to research, analyze, score and report on how security providers stack up across key capabilities. 

These reports are leveraged by customers to drive their buying decisions. The latest results are in, and one promising solution outshined the rest.

Cybereason named “The Strongest Current Offering”

Cybereason is an enterprise detection and response provider built to defend against tomorrow’s threats, today. Designed with the end user in mind, the technology not only addresses the need to find threats but offers intuitive workflows and processes that help security teams take action. Here are highlights from the reports:

Forrester Wave: "Cybereason outperforms some of the biggest names in cyber tech."

Cybereason received perfect 5.0 scores across nearly all evaluated categories, including threat hunting, ATT&CK mapping, response capabilities, security analytics and more. With a final score of 4.3, Cybereason surpassed some of the biggest names in the industry, including Microsoft (4.1), CrowdStrike (3.9) and TrendMicro (3.6). 

The report also indicates that Cybereason is in it for the long haul. They are not only operating for today, but tomorrow, as they continually expand into the next-generation endpoint protection market (XDR).

The Forrester Wave™: Enterprise Detection And Response, Q1 2020
The Forrester Wave™: Enterprise Detection and Response, Q1 2020

NSS Labs: "A rare, perfect score on resisting the complex evasion tactics attackers use."

Cybereason’s defense technology underwent Advanced Endpoint Protection testing done by NSS Labs and received the “AA” product rating. The solution earned near-perfect ratings across critical categories such as management and ease of use.  

In addition, Cybereason dominated an area most EDR providers struggle with: the resistance of evasion. As cyber-attacks increase in sophistication, hackers are able to bypass traditional tools to avoid detection. This makes the tools’ capability to resist evasions a key decision driver for those looking to protect their endpoints. 

Cybereason received a perfect score of 100 percent on resistance to evasion, demolishing all competition. Lastly, with a 99.04 percent blocking rate against exploits and malware, and a 0.9 percent false-positive rate, the platform has proven its ability to deliver on accuracy. This level of precision leaves minimal clean-up work for analysts, in comparison to traditional tools plagued with false positives.

Cybereason achieves the rare AAA ("triple A") rating for Resistance to Evasion
Cybereason achieves the rare AAA ("triple A") rating for Resistance to Evasion

In summary, these reports praise Cybereason for its comprehensive and robust management, ease of use, low false-positive rate, excellent malware and exploit protection and unmatched resistance to evasion.

Additional traits that make Cybereason stand out

  • Comprehensive: EDR solutions are nothing without the ability to consider the latest attack techniques, and the best can handle advanced use cases for the MITRE ATT&CK framework. Companies should be able to carry out threat hunting activities leveraging the framework and link them to complex aggregate insights associated with behaviors over events. Cybereason shines in this area for having the highest coverage of MITRE ATT&CK techniques. Without complex configurations, the platform automatically gives defenders complete visibility into what attackers are doing on their network.
  • Analyst-friendly: The strongest EDR solutions empower security analysts with accurate and timely information they need to understand and respond to threats. Built with analysts in mind, Cybereason's user-friendly analytics capabilities support root-cause analysis of the events on a compromised device. Related alerts can then be associated with a single incident potentially across the entire environment, which reduces investigation time and alert volume.
  • Action-oriented: Managing endpoint security requires action. Effective EDR solutions provide a prescriptive remediation plan with execution support. Capabilities should not only focus on detection, but also on helping the security team understand and take the necessary actions to address and eliminate the threat. Cybereason’s intuitive built-in workflows make it easier to respond to incidents and manage the remediation process, tackling two birds with one stone.

copy link

How we can help

Navigating the EDR scene can get complicated. Companies face different challenges and have unique constraints making the quest for universal “one size fits all” solutions to endpoint security virtually impossible. Crafting the right strategy to endpoint security tailored to your company requires time and expertise. 

At World Wide Technology, we can help you understand how to address challenges unique to your company in order to achieve the business outcomes you need. No matter where you are in your endpoint protection journey, together, we can evaluate, design, implement and operate the best technology to secure your endpoint ecosystem. 

For more on endpoint security, we recommend scheduling an Endpoint Security Workshop, where we’ll facilitate a guided discussion to help you identify the endpoint solutions that align with your business objectives, technical requirements and cultural fit.

We also partnered with Cybereason to provide a Cyber Posture Assessment that offers actionable intelligence about your existing security ops programs, plus an in-depth assessment of your overall breach readiness. Whether you want to examine configured operating systems, assess password management policies or identify misconduct or the misconfiguration of services, browsing actions or applications—our Cyber Posture Assessment can arm your team with an organization-wide view.

For more information on how to optimize the security tools you already have, we recommend our Security Tools Rationalization Workshop. We’ll help you re-evaluated those tools against industry standards to ensure your financial investments produce the right outcomes: pervasive, real-time visibility, improved operational efficiency and a mature cybersecurity program.

Want to learn more?