NSS Labs today announced that it is expanding on its strong foundation of point-in-time testing and continuous security validation with the introduction of the Endpoint Detection and Response (EDR) Group Test. As part of today’s announcement, the company is also issuing a call for industry engagement for both enterprises and EDR vendors to help shape and evolve its upcoming EDR group test and accompanying methodology.
EDR products provide enhanced detection, response, and forensic capabilities, but they do not provide the automated blocking capabilities offered by advanced endpoint protection (AEP) products. EDR products detect known threats in real time and for unknown threats, they enable effective incident response based on correlated actions, intelligence, or analytics. Their continuous monitoring and analysis capabilities allow them to cross-correlate data within an environment and assist in post-incident remediation.
EDR products offer comprehensive end-to-end visibility into threats, allowing security professionals to discover, investigate, and respond to previously unidentified attacks across an enterprise. EDR products offer forensic insights that can accelerate incident response and address data gaps that often exist in endpoint protection technologies. For this reason, they focus less on how security controls were bypassed and more on a threat’s behavior and identification of potential data loss.
The EDR market is evolving quickly as vendors work to secure endpoints against an equally fast-moving threat landscape. Industry analysts predict that the EDR market will grow to $1.5 billion by 2020 with a CAGR of 45.3%.1 According to an NSS Labs study, 93.6% of US enterprises currently deploy endpoint security products; of those, 18.4% currently deploy stand-alone EDR products.
“Enterprises are increasingly seeking endpoint security tools that focus on identifying adversaries’ objectives, surfacing their tactics, techniques, and procedures, and ultimately containing or remediating adversaries,” said Jason Brvenik, Chief Technology Officer at NSS Labs. “We believe that our EDR group test will provide valuable insights regarding the overall effectiveness and capabilities of the EDR products in the market today. We encourage and invite enterprises and vendors to collaborate with us regarding the use cases for EDR products and our test methodology to help highlight the strengths and differentiation within the market.”
NSS Labs has a long history in testing enterprise-class security products. NSS Labs’ rigorous, independent group tests offer independent analysis of the top security technologies used today by Global 2000 companies. They provide the industry’s most comprehensive review of security effectiveness, performance, and total cost of ownership, which enterprises use to inform their decision-making. Enterprises rely on NSS Labs group tests for fact-based, empirical data which they can use to evolve their security architectures. Within the last 12 months, NSS Labs has released group test results for several categories of mature and evolving cybersecurity products.