Forrester Wave Report: Cylance Disrupts Market with AI-Driven Endpoint Protection

The recently released Forrester Wave report confirms what security industry insiders have been saying for some time now: Cylance continues to be a major market disruptor with its unparalleled signatureless malware prevention endpoint solution, CylancePROTECT®.

Out of the fifty-plus companies considered, Cylance was one of just fifteen vendors to make the final cut, going head-to-head with legacy antivirus tools that have come under sharp criticism in recent years for their lack of efficacy in the face of an onslaught of polymorphic malware and custom zero-days that readily evade traditional signature, heuristic, and behavioral approaches.

“As the numbers of new malware variants and methods of obfuscation rise, antivirus technologies have become less effective at protecting employee endpoints and servers,” the report states. “Numerous competing technology vendors have risen up to take aim at the stagnant antivirus market as a result.”

The Power of Machine Learning on the Endpoint

Leveraging complex mathematical algorithms, predictive artificial intelligence (AI) capabilities, and the power of machine learning techniques, CylancePROTECT has emerged as the most strategic new offering in the Forrester Wave report.

Combined with Cylance’s strong placement in the Gartner Magic Quadrant and a forthcoming IDC market analysis report, Cylance has garnered strong affirmation from analysts that the company’s overall vision and product direction are having significant impact.sample.jpeg

Figure 1: Gartner and Forrester Wave: Endpoint Security Suites

"Cylance is another young vendor that has enjoyed a high level of interest and growth over the past couple of years," the report notes. "The company offers one of the few endpoint security point products on the market today that showcases strong malware execution prevention capabilities without the need for an internet connection or frequent blacklist/whitelist updates. The product accomplishes this through an artificial intelligence engine that scans every executable launched on an endpoint in order to predict its behavior."

The Forrester Wave report also singled out Cylance for their exceptional pre-execution prevention approach to endpoint security by recognizing their distinction as the only signatureless offering examined. In addition, the report acknowledged Cylance as a pioneer in artificial intelligence and machine learning as applied to endpoint security after having been on the market for only two years.

A Paradigm Shift for Endpoint Security

Comparative analysis like that found in the Forrester Wave report, or from many of the industry’s leading AV testing firms, needs to be understood in the context of a rapidly shifting paradigm for addressing endpoint security.

The key factor: pre-execution solutions are difficult if not impossible to evaluate using outmoded post-execution solution criteria. It’s like judging oranges for how much they taste like apples – some continue to argue that’s how apples have always been assessed, so why not examine oranges the same way? It’s obvious there is a serious disconnect with this line of thought.

For those using the Forrester Wave report or AV comparative testing data in order to evaluate which is the right endpoint solution for their organization, it is important to note that in order to earn placement in the market leader area or to score well on a traditional AV test, solutions are required to have integrated features like DLP, encryption, URL filtering, EDR, and firewall capabilities.

These options, while important for archaic AV tools that first allow files to execute on a device prior to commencing with detection and remediation, are not considered to be of strategic importance to the Cylance model for endpoint protection.

Cylance’s proactive approach prevents the execution of malicious code/scripts/PUPs, and thus renders of little importance incident response tools like post-infection quarantining, configuration roll-backs, or the targeted blocking of malicious processes. Furthermore, it can perform without the need for an Internet connection or dependency on cloud-based lookups.

CylancePROTECT: Future-Ready

"Because of its signatureless approach, [CylancePROTECT] is capable of detecting both new threats and new variants of known threats that typically are missed by signature-based techniques," Gartner emphasized in the 2016 Magic Quadrant for Endpoint Protection Platforms. "Cylance's approach is also disruptive, because the company does not require legions of signature authors to analyze new threats and codify them in signature updates."

Through the proactive power of predictive artificial intelligence leveraging machine learning techniques that instantaneously evaluate a file against millions of known good and bad feature sets, CylancePROTECT prevents previously unidentified malware and custom zero-day attacks before they ever execute.

This frees organizations from the continuous updates, remediation efforts, and, most importantly, from ever being the first to be infected by a new variant. We invite you to Test for Yourself.

Learn More

Join Chris Sherman, author of the Forrester Wave report, and members of the Cylance team for an upcoming webcast on November 15, 2016, where they will discuss this innovative new strategy for endpoint security leveraging artificial intelligence and machine learning.