Sophos Leads Gartner Magic Quadrant for EPP

Sophos, a global leader in network and endpoint security, today announced that Gartner, has once again positioned Sophos as a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms (EPP). With the recently launched next-generation anti-exploit product Sophos Intercept X and the continued enhancement of the cloud-based management platform Sophos Central, Sophos offers a broad portfolio of endpoint security products that are proven to be effective against today’s sophisticated threats. Sophos has held a Leader position in this report since 2007.

Dan-Schiappa - Sophos“For the last several years Sophos has built products that integrate exploit prevention, behavior analytics and pre-execution heuristics. The launch of Intercept X added signatureless anti-exploit and anti-ransomware capabilities with root cause analysis to run along-side and complement existing endpoint protection products,” said Dan Schiappa, senior vice president and general manager of the endpoint and network security groups at Sophos.

According to the report, the next wave of cyber-threats will be fileless. “Advanced attackers have been exploiting script-based attacks for years. Common Windows utilities, such as the command line interface, PowerShell, Perl, Visual Basic, Nmap and Windows Credential Editor, can be exploited to compromise machines without dropping any executable files, evading all traditional forms of malicious file detection.”

In response to this, Gartner recommends that “EPP buyers should look for vendors that focus on memory exploit protection, script analysis and behavior indicators of compromise. Ultimately, we [Gartner] believe that vendors that focus on detecting behavior indicative of attacker tradecraft (that is, tools, tactics and techniques) will be the most effective.”

“Sophos believes that the only way to successfully protect against the growth of sophisticated threats is to use an ensemble of products that work together and share threat and security status for faster detection and more immediate response. Today we include network security, endpoint security and encryption products in this synchronized security strategy and we will continue to expand its capabilities,” explained Schiappa.