SANS Survey: App Control and EDR


The SANS 2018 Endpoint Security Survey, conducted by SANS in association with the SANS DFIR Summit, revists threats, protections, and response capabilities on the endpoint. For this report, SANS surveyed 277 IT security professionals in March and April 2018 using a 30-question survey to learn about their experiences and best practices. Security analysts & security administrators made up 29% of the survey base, while IT security and operations managers and executives constituted 29% of the sample.

What did the survey find? Automating endpoint detection and response solutions is the top priority for IT professionals trying to put actionable controls around their endpoints. There is also a big focus on predictive technologies that leverage machine learning to move away from known bad elements to focusing on identification of abnormal — and previously unknown — behavior.

Some other interesting findings in this report include:

  • Ease of use is a top success factor, with companies interested in tools that fit well together, and match the skill levels of their organizations
  • Security professionals value endpoint data and they are looking for the most complete prevention and detection information, gathered broadly and processed centrally for easy access
  • Endpoint detection and response does not sit in a vacuum — it requires strong integrations with network security platforms and other network security systems to give users a complete view of their environment and the threat landscape

Endpoint prevention, detection, and response are converging faster than ever. Read the survey results to learn more.

The views expressed in these reports are those of the author and do not reflect the views of VMware Carbon Black. Additionally, the information contained in these reports may not be correct or current. VMware Carbon Black disavows any obligation to correct or to update the information contained in these reports.

To view this report, complete the form below.