Cybereason Blog | Cybersecurity News and Analysis

Unpacking the Gartner Critical Capabilities Research

Written by JJ Cranford | May 18, 2021 12:46:12 PM

The importance of third-party research and testing cannot be overstated in the current security marketscape. Important details for consideration when evaluating a solution to onboard for detection and response can be obscure and difficult to clearly understand. Vendors will always position themselves in as positive of a light as possible, which can lead to frustration and head-scratching during the evaluation process.

Enter the increasingly important industry of third-party research and validation. EDR buyers can consult with expert organizations like Gartner for clear analysis of a vendor's ability to deliver a quality partnership, secure outcomes and effective product performance. 

In addition to research organizations, groups like MITRE via their ATT&CK framework evaluate security products in real-world scenarios involving advanced threats. Considering product performance in unbiased testing scenarios offers an important companion view to research provided by reputable firms, and in tandem paints a clear picture into contributions a solution or vendor can bring to the table.

Poised for Disruption and Market Leadership

With much fanfare, Gartner announced their latest Magic Quadrant for Endpoint Protection Platforms for 2021 - with Cybereason being a new entrant to the report and named the visionary with the most complete vision. Visionaries deliver leading-edge features that will be vital to shaping the industry and the next generation of products.

The Gartner Critical Capabilities Report is companion research to the Gartner Magic Quadrant, and is a view of product capabilities that influences standing in the Magic Quadrant. This report breaks down product capabilities by types of customer and the vendors most suitable by customer use case and need. Cybereason was consistently a top performer in Gartner Critical Capabilities rankings and the only Magic Quadrant visionary to be side by side with leaders in terms of technological prowess.

Gartner Critical Capabilities: Category and Research Breakdown

Gartner separates customer categories by type depending on technology adoption, use case and constraints on resources:

Type A

Gartner defines “Type A organizations as lean forward, and these teams readily leverage new tech early in the adoption cycle.” Type A organizations represent the smallest group of organizations. They have the budgeting and staffing resources to configure and implement new technologies and solutions rapidly within their environment.

For Type A organizations, we provide:

  • Best of breed technology and a  partnership with a world class support team to product industry standard results
  • Leadership in XDR - the next evolution and expansion of EDR
  • Unparalleled ransomware detection, investigation and remediation capabilities
  • Deep-dive and DFIR options as needed for more complex incidents

 

Type B

Gartner, says, “Type B organizations aim to stay relatively current on technology without getting too far ahead or behind their competition.” We believe these teams adopt technology as it becomes mainstream and its use is proven effective first by early adopters and Type A teams.

They typically experience budgeting and staffing resource constraints and, as a result, focus on overall value by weighing the risks of the early use of new technology against the benefits. Their focus is on technology deployments that improve their organization’s productivity, product quality, customer service and security. Benchmarking is of supreme importance in order to increase the likelihood of performance and ROI.

For Type B teams, Cybereason delivers superior detection and response results, as demonstrated by our performance in the MITRE ATT&CK evaluation. Some key highlights include:

  • 100% prevention
  • 100% Linux detection
  • 98% coverage of ATT&CK techniques
  • Out-of-the-box performance

 

Type C

In Gartner's view of Gartner, “Type C organizations typically view technology as an expense or operational necessity and use it as a means to reduce costs.”

Security is quickly making its way to the forefront of board-level conversations and business continuity planning.  Breaches can have devastating impacts both financial and other on a government agency or enterprise, and risk mitigation, prevention and response is crucial to avoiding a paralyzing breach or ransomware attack. 

Security Solutions for Unique Environments and Ese Cases

EDR feature sets have grown substantially in recent years and teams that self-identify as less mature or underdeveloped can take advantage of next-generation capabilities with Cybereason. We implement a high degree of automation and prevention efficacy that takes the place of lacking human security personnel, and the technology does the “heavy lifting” of prevention, detection and response - taking a legacy organization to a security posture that is future ready. 

A partnership with Cybereason also enables both maturing and developed teams with a product with enough horsepower for their robust needs and processes. Leverage industry standard frameworks like MITRE ATT&CK, bring DFIR into deep-dive investigations, build custom policies and controls, and streamline response and recovery at scale. Our technology is validated and stress-tested and ultimately delivers secure outcomes that surpass the abilities of other providers.

You can download a complimentary copy of the Gartner Critical Capabilities Report here, and talk to a Cybereason Defender to learn more about our innovative solutions, or schedule a demo today to learn how your organization can benefit from an operation-centric approach to security.