In our testing of 10 endpoint security products, we found that no one product does everything. You will have to make compromises, depending on what other security tools you already have installed and the skill levels of your staff. While there is no single product that can suit all situations, endpoint configurations and IT requirements, there are a few key things to consider in your purchase:1. Going agent or agentless. A few of the products we tested don’t require endpoint agents, but the trade off is that you will need to setup LDAP or clean up your Active Directory domain and make use of network switch SNMP management and other connections to your network fabric.The upside of the agentless approach is that the product can track endpoints that might be used to compromise your network, such as IP cameras and other embedded devices that aren’t running traditional endpoint operating systems. Another upside is because there is no code installed on an endpoint nothing is exposed to a potential attacker. + MORE ENDPOINT SECURITY: 7 trends in advanced endpoint protection +A third advantage to going agentless is that some products with agents only have them for particular Windows versions and are still working on their Mac and Linux agents. Other products have begun to recognize the mobile universe and either integrate with mobile device management tools or (in the case of Comodo) have specific iOS and Android agents. 2. What does the endpoint user see on their desktop?Products that install endpoint agents vary widely in terms of what an end user can observe and how stealthy they operate: some obscure any listing in the Windows Control Panel Programs list or taskbar icons, others operate more like ordinary applications. And those that operate without agents are completely invisible, of course.3. How is the product configured and managed?Each product has a combination of web and native management consoles, and some (even the SaaS-based tools) have fairly complex installation routines. Many of them will require consulting contracts to get setup properly. Of the product we tested, Comodo, Outlier and CrowdStrike stood out as the easiest to set up.4. PricingPricing on endpoint security products is all over the map: most vendors charge between $15 to more than $50 per year per protected endpoint device or user, with some charging a fixed price per appliance. Prices quoted are really more starting points than a hard-and-fast list price: especially as the number of endpoints rises, these are more an upper bound than anything else as volume discounts are liberally available.5. Real-time or notSome products, such as Guidance Software and Outlier Security, aren’t designed for real-time or even near real-time analysis and are best used on longer time horizons to examine larger trends. Depending on the complexity of your network and the nature of your business, this may be important in your purchase decision.6. Better remediation through remote endpoint control. One feature finding its way into more products is the ability to disconnect an endpoint from the general network and have it only communicate back to the EDR server for eradication and remediation. Many of the products we tested, including Sentinel and CrowdStrike, offer this feature. Related content news analysis Thousands of servers hacked due to insecurely deployed Ray AI framework Ray deployments are not intended to connect to the internet, but AI developers are doing so anyway and leaving their servers vulnerable. By Lucian Constantin Mar 28, 2024 4 mins Vulnerabilities news Cisco: Security teams are ‘overconfident’ about handling next-gen threats Tooling complexity and generative AI may harm many companies’ security posture. By Jon Gold Mar 28, 2024 3 mins Security brandpost Sponsored by Microsoft Security Iran’s evolving influence operations and cyberattacks support Hamas Understanding how Iranian and Iran-affiliated threats traverse 3 distinct phases may help identify vulnerabilities and attack vectors. By Microsoft Security Mar 28, 2024 5 mins Security news Report suggests cybersecurity investment, board involvement linked to better shareholder returns The study by Diligent and Bitsight points to advanced security and strong risk or audit committees as good predictors of an enterprise’s financial success. By sascha _brodsky Mar 28, 2024 4 mins CSO and CISO Business Business IT Alignment PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe