Endpoint security

In a crowded field, take these three steps to choose the right endpoint protection vendor

Endpoint protection must evolve with your business. As threats increase, your endpoint security solution should be working as hard as your team.

Art by


Share article

choosing cybersecurity vendor

Stay focused. It’s the perennial advice you’ll hear as you strengthen and grow any small- to medium-sized business (SMB.) Avoid getting distracted. Keep things simple. Do less, but do it better.

What does this age-old wisdom mean for cybersecurity? With cyberattacks becoming more common and more costly, you might think you must give cybersecurity more of your time and effort.

The answer may be both yes, and no. Choosing the right endpoint protection supplier can make your business life easier now and in future, as cybercriminals gets more imaginative and your business develops and grows.

By endpoints, we mean any end of a digital communications connection, like servers, laptops and mobile devices. Endpoints need protecting with antivirus, anti-malware and a range of other protective solutions, but it needn’t be complex. Many endpoint products now let you control it all from one place. Bulletproof endpoint protection should save you time and money – not just in avoiding the cost of a breach, but in ease of updates and patching, reducing pressure on your IT security team.

Getting endpoint security that keeps its promises

Before things get easier, you’re faced with the choice of dozens of vendors.

Businesses large and small sometimes find they’ve paid for what turns out to be a costly circus of infuriating design and underperforming features. How do you make sure you don’t get seduced by empty promises?

Kaspersky’s Endpoint security vendor evaluation guide helps you get the right endpoint protection platform (EPP) for your business. The guide recommends a three-step approach to make sure you get the best solution for the type of business you run and your growth phase.

1.  Research market opinions and independent test results

Any vendor can claim their product does what you need and does it well, but you need to get evidence to back it up. Take a long, hard look at what independent experts and customers write about the vendor’s product and solutions. Rather than focusing on what the product can do, focus on how well those capacities perform.

If you’re interested in a vendor that performs poorly in some assessments, there may be a good reason. Look for information about why they might seem to underperform, including by asking the vendor or tester directly if needed.

Customer reviews

The gold standard of customer review evaluation is Gartner’s peer insights customers’ choice for endpoint protection platforms. It compiles and analyses user reviews to reach a rating for each vendor.

You should also check the vendor’s help forums where users describe product problems. Look out for how quickly the vendor resolves the bugs users report.

Independent testing and review

The most accurate way to verify the vendor’s capabilities against current cyber-threats is through independent tests and reviews by respected security industry experts. Look for evidence of solid performance across many tests.

Laboratories that test technology against known, unknown and advanced threats include SE Labs, AV-Test’s awards (especially AV-Test advanced endpoint protection test) and ICSA Labs.

Analytical agency conclusions

Leading analytical agencies also rate vendors and give reasons, compiled by experts who know the sector. Gartner magic quadrant for endpoint protection platforms, the Forrester Wave for endpoint security suites and Radicati market quadrant for endpoint security are all well respected.

2. Make a security criteria list

Defining your business’s essential security needs will give you a more critical lens to examine the tests and reviews.

When choosing a vendor, the most important thing is to judge the quality and capacity of their endpoint protection correctly. Global market intelligence provider IDC says 70 percent of cybersecurity breaches start at endpoints. IDC also concluded it’s something of a keystone in your cybersecurity arch: Related security products like threat intelligence and endpoint detection and response rely on effective endpoint protection.

Comprehensive endpoint protection needs sophisticated detection technologies to thwart multi-vector attacks, as well as evolving threats. But it must also be easy to set up and manage, and not impact on the end user.

See the Endpoint security vendor evaluation guide for a full checklist of what to look for in a vendor.

3. Get to know the vendor’s overall profile

Cybersecurity now affects many parts of your business – arguably all parts. Choosing a security vendor that has a wider range of security solutions available may give you a better return on investment as your needs change.

Research what’s noteworthy about the vendor. What’s their image and reputation? What do they specialize in? How transparent are they? How much of their work is investment in research and development?

This three-step approach will help you evaluate your endpoint security options with clarity in a confusing market. You’ll come to understand exactly what your organization needs, what the experts (and everyday users) say about the solutions and the potential of vendors to deliver overall value.

Your choice is important. At this stage in your business growth, effective cybersecurity will make all the difference to your ability to protect your customers and outshine the competition. Good luck.

Endpoint security vendor evaluation guide

Get the right endpoint protection for your business with a three-step approach.

About authors

Alexander Lebedev is a product lifecycle specialist, responsible for Kaspersky product launches, competitive differentiation and go-to-market strategies. He enjoys long-distance swimming, cycling and running.