Comparing Endpoint Technologies for Malware Protection

Archived Published: 04 March 2016 ID: G00296098


Not a Gartner Client?

Want more research like this?
Learn the benefits of becoming a Gartner client.

contact us online


Malware protection solutions bundle multiple technologies. Security professionals must understand these technologies to prevent and detect malware, and to balance the efficacy of new technologies against user impact. This assessment compares six malware protection technologies for client endpoints.

Table of Contents

  • Comparison
    • Technologies in Scope
    • A Comparison of Malware Protection Technologies for Client Endpoints
    • Assessment Criteria Used in the Comparison
  • Analysis
    • Assessment Scope
    • The Role of Endpoint Security Technologies in Malware Disruption
    • The Importance of Malware Protection on the Endpoint
      • The Endpoint Is the Focus, but the Network Remains an Important Ally
    • Malware Protection Requires an Understanding of Malware Tactics
      • Advanced Attacks and Zero-Day Exploits
      • Effective Blocking Focuses on Actual Attacks
      • Different Malware Requires Different Defense Techniques
    • Malware Protection in Modern Operating Systems
      • Security Features and Functions in Operating Systems and Client Applications
    • Exploit Technique Mitigation
    • Successes and Failures of Signatures and Heuristics
    • Suspicious-File Handling
    • Static Analysis Grounded in Machine Learning
    • Application Control and Whitelisting
    • Malware Behavior Analysis
    • Endpoint Detection and Response
    • Application Containment on the Endpoint
    • Market Trends
      • Technology Stacks That Challenge Traditional EPPs
  • Guidance
    • Don't Give Up on EPPs Yet; Rather, Look for Complements
    • Optimize and Integrate Before Expanding
    • Choose Endpoint Solutions Only If You Understand Their Efficacy
    • Categorize Your Endpoints
    • Select and Test for Interoperability
    • Choose Endpoint Technology Stacks Rather Than Individual Technologies
    • Avoid Agent Bloat
    • Plan for Monitoring, Analysis and Remediation Capacity, Expertise and Tools
  • The Details
    • A New Java Zero Day Through Internet Explorer
    • A New Kernel Zero Day
    • A User Installing a Malicious Program
  • Gartner Recommended Reading
© 2016 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartners research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.

Free Research

Discover what 12,000 CIOs and Senior IT leaders already know.

Free Access

Why Gartner

Gartner delivers the technology-related insight you need to make the right decisions, every day.

Find out more