Report

SANS Survey: App Control and EDR

The SANS 2018 Endpoint Security Survey, conducted by SANS in association with the SANS DFIR Summit, revists threats, protections, and response capabilities on the endpoint. For this report, SANS surveyed 277 IT security professionals in March and April 2018 using a 30-question survey to learn about their experiences and best practices. Security analysts & security administrators made up 29% of the survey base, while IT security and operations managers and executives constituted 29% of the sample.

What did the survey find? Automating endpoint detection and response solutions is the top priority for IT professionals trying to put actionable controls around their endpoints. There is also a big focus on predictive technologies that leverage machine learning to move away from known bad elements to focusing on identification of abnormal — and previously unknown — behavior.

Some other interesting findings in this report include:

Ease of use is a top success factor, with companies interested in tools that fit well together, and match the skill levels of their organizations
Security professionals value endpoint data and they are looking for the most complete prevention and detection information, gathered broadly and processed centrally for easy access
Endpoint detection and response does not sit in a vacuum — it requires strong integrations with network security platforms and other network security systems to give users a complete view of their environment and the threat landscape

Endpoint prevention, detection, and response are converging faster than ever. Read the survey results to learn more.

The views expressed in these reports are those of the author and do not reflect the views of VMware Carbon Black. Additionally, the information contained in these reports may not be correct or current. VMware Carbon Black disavows any obligation to correct or to update the information contained in these reports.

To view this report, complete the form below.

DOWNLOAD REPORT

Take Control of Your
Multi-Cloud Environment

73% of enterprises use two or more public clouds today. While multi-cloud accelerates digital transformation, it also introduces complexity and risk.

VMware Cross-Cloud™ services enable organizations to unlock the potential of multi-cloud with enterprise security and resiliency.

Build & Operate Cloud Native Apps
Give developers the flexibility to use any app framework and tooling for a secure, consistent and fast path to production on any cloud.

Connect & Secure Apps & Clouds
Deliver security and networking as a built-in distributed service across users, apps, devices, and workloads in any cloud.

Run Enterprise Apps Anywhere
Run enterprise apps and platform services at scale across public and telco clouds, data centers and edge environments.

Automate & Optimize Apps & Clouds
Operate apps and infrastructure consistently, with unified governance and visibility into performance and costs across clouds.

Access Any App on Any Device
Empower your employees to be productive from anywhere, with secure, frictionless access to enterprise apps from any device.

Anywhere Workspace

App Platform

Cloud & Edge Infrastructure

Cloud Management

Desktop Hypervisor

Security & Networking

Run VMware on any Cloud. Any Environment. Anywhere.

On Public & Hybrid Clouds

On Private Cloud & HCI

Solutions

Anywhere Workspace
Access Any App on Any Device Securely

App Platform
Build and Operate Cloud Native Apps

Cloud Infrastructure
Run Enterprise Apps Anywhere

Cloud Management
Automate and Optimize Apps and Clouds

Edge Infrastructure
Enable the Multi-Cloud Edge

Networking
Enable Connectivity for Apps and Clouds

Security
Secure Apps and Clouds

By Industry

Manage your Multi-Cloud Environment

For Customers

For Partners

Working Together with Partners for Customer Success

Tools & Training

Services

Support

Marketplace

Blogs & Communities

Customers

Events

SANS Survey: App Control and EDR