skip to main content
Close Icon

In order to deliver a personalized, responsive service and to improve the site, we remember and store information about how you use it. This is done using simple text files called cookies which sit on your computer. By continuing to use this site and access its features, you are consenting to our use of cookies. To find out more about the way Informa uses cookies please go to our Cookie Policy page.

Global Search Configuration

Ovum view

Summary

Security vendor Sophos has enhanced its offering in so-called next-gen endpoint protection (NGEP) with the acquisition of Invincea, which brings it a machine-learning capability. Ovum sees the “old guard” in endpoint security tooling up to outflank the NGEP newcomers.

NGEP should not be a standalone offering

Sophos is an established player in the security market. It is listed on the London Stock Exchange and has annual revenue in excess of $500m. Founded in 1985 as a developer of antivirus (AV) technology for business customers, it has expanded over the years to offer a broad portfolio that includes network security products and encryption.

Expansion and increased sophistication in the world of cybercrime over the last decade has led to AV signatures waning in their ability to protect endpoints, to the point where today they catch no more than 30% to 40% of malware. Invincea was founded 2009 and is one of a number of vendors created to address this situation with new approaches to endpoint security, as a result receiving the NGEP moniker.

In October 2016 Sophos launched an NGEP upgrade called Intercept X to its own and other vendors’ signatures-based endpoint security platforms, with capabilities such as root-cause analysis and signature-less threat and exploit detection. Now it has added machine learning to Intercept X with the acquisition of Invincea.

The NGEP vendors have grabbed mindshare by touting their capabilities as the sun sets on signatures, but over the last year the empire has struck back. Traditional players in endpoint from an AV background, from Trend Micro to Symantec and Intel Security/McAfee, have broadened their platforms to include NGEP functionality. They now champion signatures’ ability to block enough malware to reduce the “noise”, allowing the more compute-intensive NGEP to concentrate on advanced code. Sophos’s Invincea buy is the latest episode in this trend.

Appendix

Further reading

On the Radar: Sophos Intercept X adds NGEP to endpoint security, IT0022-000807 (October 2016)

On the Radar: Invincea offers next-generation endpoint security, IT0022-000651 (March 2016)

On the Radar: CylanceProtect provides a next-gen approach to endpoint security, IT0022-000617 (February 2016)

On the Radar: SentinelOne, IT0022-000523 (October 2015)

“VirusTotal sets old guard against newcomers in malware detection, but is it good for customers?” IT0022-000712 (June 2016)

Author

Rik Turner, Senior Analyst, Infrastructure Solutions

rik.turner@ovum.com

Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700


Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8878

+44 (0) 207 551 9047 - Operational from 09.00 - 17.00 UK time

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 7770704398 or email us at pr@ovum.com

Contact marketing - marketingdepartment@ovum.com

Already an Ovum client? Login to the Knowledge Center now