Forrester names Microsoft a Leader in 2022 Enterprise Detection and Response Wave™ report

We are excited to share that Microsoft has been named a leader in The Forrester Wave™: Enterprise Detection and Response, Q1 2022. Microsoft received one of the highest scores in the strategy category and strength of current offering category. In the Forrester Wave™ assessment, Microsoft Defender for Endpoint received the highest score possible in 15 separate criteria including endpoint telemetry, investigation capabilities, threat hunting capabilities, user experience, product vision, and innovation roadmap.

Forrester Wave Endpoint Detection and Response Providers, Q2 2022 chart showing Microsoft in the top right corner under Leaders.

“Microsoft has made itself a powerhouse in security innovation and EDR. Microsoft has a vision to protect all endpoints through a combination of prevention, detection, and auto-remediation,” writes analyst Allie Mellen in the report. “Its roadmap includes continued progress on Linux and Mac feature capabilities, IT and security collaboration, and XDR capabilities.”

This is the ninth Forrester™ Wave report that Microsoft Security is a Leader. Microsoft is the only vendor to be recognized as a Leader in the Forrester Wave™: Enterprise Detection and Response, Q1 2022, the Forrester New Wave™: for Extended Detection and Response, Q4 2021, and the Forrester Wave™: Security Analytics Platform Providers, Q4 2020. Microsoft attributes this success to our focus on empowering defenders through world-class threat intelligence and best-of-breed capabilities that break down boundaries between previously disparate security tools to deliver integrated security information and event management (SIEM) and extended detection and response (XDR).

Endpoints are frequent targets of new, sophisticated malware and ransomware attacks. Today’s organizations need a new approach for prevention and protection and Microsoft gives security operations teams full visibility of not just endpoint information but also signals from identity, cloud applications, and email in Microsoft Defender 365 to help security teams more rapidly detect and evict threats.

Microsoft has been investing heavily in multi-platform support for Microsoft Defender for Endpoint over the past three years and now offers comprehensive protection for the platforms you need including macOS, Linux, Android, and iOS while continuing to deliver differentiated protection for Windows.

The Forrester Wave™ report mentions several features of the Microsoft EDR offering in its report profile:

  • Auto-generated, human-readable detection names and a replay of the attack story to assist with the investigation, helping companies see exactly what happened in an attack and in what order.
  • Telemetry aligned to MITRE ATT&CK, with a native sandbox feature, response recommendations, remote shell capabilities, and custom scripting.
  • Ability to search telemetry by type or search raw telemetry for 30 days by default, as well as schedule queries.

Microsoft is dedicated to protecting companies from real cyberattacks and has committed USD20 billion over the next five years to deliver product excellence, innovation, and cutting-edge technology, according to the Forrester report. That’s an increase from the USD1 billion per year spent on cybersecurity since 2015. Microsoft’s endpoint security vision includes an end-to-end endpoint protection suite, reduced response time, coverage for all platforms, and a single, integrated solution across all assets. Reference customers interviewed by Forrester said Microsoft’s USD20 billion investment was a key reason why they chose to work with Microsoft.

Microsoft recognized as a Leader in XDR in Q4 2021

In Q4 of 2021, Microsoft was named a Leader in the Forrester New Wave™: for Extended Detection and Response (XDR) Providers, Q4 2021. Microsoft’s strategy for XDR is to create the most comprehensive solution—collecting signals from multi-platform sources, including Windows, Linux, iOS, Android, and macOS, and multicloud deployments like Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP) coupled with built-in AI, automation, and prevention capabilities.

“Customer references cite the united technology stack as Microsoft’s biggest strength,” writes Forrester in the Q4 report. “They especially highlight Microsoft’s detection engineering quality as adding consistent, cutting-edge value.”

The report cited Microsoft for:

  • Offering robust, native endpoint, identity, cloud, and Office 365 correlation with singular and cross-telemetry detection, investigation, and response for its native offerings in one platform.
  • Providing the best fit for companies moving to or already on an E5 license, stating “Clients get the most value by adopting the entire suite.”

Try Microsoft Defender for Endpoint

The success of customers is our highest priority, which is why we put such a strong emphasis on product excellence with our collaboration with more than 100 Microsoft Intelligent Security Association (MISA) partners and more than 8,500 security professionals that helps lead to real, cloud-delivered protection for our customers.

We’re honored by this latest Forrester recognition and believe it’s a testament to our research and product teams’ ongoing commitment to providing our customers with an effective and comprehensive security solution. It’s a proud milestone in our endpoint security journey with Microsoft Defender for Endpoint to build an industry-leading endpoint and XDR solution that customers love, and it demonstrates Microsoft’s commitment to delivering best-of-breed, multi-platform, and multicloud security for organizations across the globe.

Download the full report and read the analysis behind Microsoft’s positioning as a Leader.

Learn more information on our endpoint security platform, Microsoft Defender for Endpoint, and sign up to try it out for yourself.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

READ MORE HERE