TECH BUYER Jan 2020 - IDC Perspective - Doc # US45794219

Endpoint Security 2020: The Resurgence of EPP and the Manifest Destiny of EDR

By: Frank DicksonProgram Vice President, Cybersecurity Products, Michael SubyResearch Vice President, Cybersecurity Products


This IDC Perspective discusses the role of EPP and EDR as endpoint protection techniques.

PC-era signature-based endpoint protection techniques were rendered helpless due to the "patient zero" effect. Ultimately, the reactive signature approach succumbed to an explosion of malware variants. EPP went from being signature centric to being behavioral centric. EDR armed security professionals with a new arsenal of forensics tools that were not of the historic log-based or alert-based SIEM-centric variety. Both EPP and EDR have very valuable but precisely defined roles. Knowing the role of each is essential.

"As we realized the value of EDR, we lost our way. Certainly, EDR has an important role, but making up for deficient EPP with EDR is a fool's errand. We should expect our EPP to protect our endpoint — period! EDR provides context-enhanced visibility for threats that cannot be detected from endpoint telemetry alone. Knowing the role of each is important as we move into the next decade." — Frank Dickson, program vice president, Security and Trust, IDC


Subscriptions Covered

Endpoint Security

Regions Covered

United States

Topics Covered

Endpoint security, Security management, Technology buyer


Get More

When you purchase this document, the purchase price can be applied to the cost of an annual subscription, giving you access to more research for your investment.

Related Links

Do you have questions about this document
or available subscriptions?

Contact Us