Endpoint Security Recomendation(2023)
TLDR
When not in a Defender 365 Enclave we use and recommend bitDefender. This has been the case for the past 6 years and we sincerely hope this continues far into the future as they have been a wonderful partner. If you need an Anti-Virus Product we will recommend bitDefender. If for some reason we have to provide a backup choice we recommend ESET.
Why publish this review?
How and what we tested
Down to two
The case for ESET
Why BitDefender?
We update and publish this review yearly for a number of reasons. The choice of Endpoint Provider (fancy name for Anti-Virus vendor) is critical and has long term ramifications for your security strategy. We wanted to be transparent with our existing and potential customers about our reasoning. Also, "Why not insert-other-vendor-name?" is a very common question.
This review is very biased. Its biased by years of experience. Its biased by different events through those years, like when AVG decided to stealth-install a browser toolbar addon that blocked files during tax season. Its biased by having to keep a list of uninstall procedures for a lifetime of McAfee products. Its biased by knowing where all the Kaspersky bodies are buried.
For certification and detailed test results we rely heavily on AV-Comparatives and AV-test.org, two independent organizations that regularly test and certify different vendors. Both publish detailed reports as well as complete test methodologies and we encourage everyone to browse their list of available results.
It should be noted that when this review was first done in 2019 we have not yet chosen a vendor to use as part of our customer offerings. Our overwriting concern was the level of protection offered, followed by features that we needed to integrate as part of our support pipeline(like patch-management and advanced e-mail security)
When comparing costs we faced the same difficulties we faced pricing cloud offerings. Its nearly impossible to compare apples-to-apples, but in the end everyone came out to be eerily similar.
We didn't review re-branded products, and we discarded vendors that couldn't show a reliable track for at least 3 years, we also discarded any that had any major incidents that we felt would were too egregious.
The products we ended up testing in our own labs were:
Avast,
BitDefender(GravitiZone),
CrowdStrike(Falcon),
ESET Protect,
Kaspersky Endpoint Security for business.
Our baseline case was using Microsoft Defender for Endpoint.
ESET, BitDefender and Kaspersky products were additionally tested in Customer-Mirrored environments as well as in a separate bare-metal lab where we tried some evil magic that AV-Comparatives maybe haven't.
Both Avast and CrowdStrike already had an MSP offering in 2019 but they were both in their early stages and it showed. There were a lot of promises of features to come but it felt like they were trying to funnel you into their direct-to-enterprise products. Both also had performance hick-ups and some very questionable false alarms. Both got better over the years, especially CrowdStrike who's detection engine is now competitive.
Kaspersky offered a compelling case on their detection level alone. Its hard to argue with their results which consistently hit the 99 percentile. It also had excellent performance and resource usage. Sadly even before Russia invading Ukraine they had a number of strikes against them. Their MSP offering was very bare and seemed like an afterthought. Partner onboarding support was also very bare, comparing with BitDefender and ESET they were almost hostile. Being based in Russia they could never be entirely trusted, not a great thing in this industry.
In the end we had to pick between ESET and BitDefender, a choice that was incredibly close. In fact on a technical level its impossible to recommend one over the other.
Its impossible not to praise the level of technical expertise that ESET assembled over the years. They have a very long history of investing in research and development and it shows is their detection rates. Performance was also excellent across the board with low resource usage throughout. Configuration options were extensive and even in our initial tests the options available to MSPs were excellent. All-in-All their engine is fantastic, and if it was on engine alone ESET would have been our #1 choice.
Their MSP Support was excellent as well, the few times we contacted them the response was near instant and problems were resolved immediately. Direct-to-customer support was also good, and in our test cases the problems were resolved quickly and efficiently. While we didn't complete their Partner Onboarding process we can report from other sources that its excellent and consistent with the Pre-Onboarding we received.
Delivery consistent results
No mater what matrix we use Bitdefender is an undisputed leader. No other company has shown such a solid track record across all the different testing criteria. Year in and year out they have shown the ability to deliver near 100% coverage. With over 50% of their workforce focused on R&D they offer the highest level of protection of out all the vendors we tested. Engine performance is also excellent (while admittedly behind ESET).
Built for MSPs
Their MSP offerings are by far the deepest and the level of flexibility they give us was good in 2019, great in '20 and really amazing with the latest GravitiZone updates in '22.
This is a prefect example of the "Early Entry" advantage. BitDefender started supporting MSPs early and it shows - Its hard to exaggerate the level of control we have over individual endpoints and how it completely they aligns with requirements of SMEs.
You can see this early advantage in such things are Disk Encryption Management, something they started early and have improved with each iteration. They were also early in integrating Patch Management, Application White-Listing and detailed Maintenance scheduling.
BitDefender allows us to deliver enterprise level service to SME customers without compromises.
