Gartner Blog Network

EPP Magic Quadrant FAQs: Volume 1

by Ian McShane  |  October 20, 2017  |  Submit a Comment

We’ve just kicked off the formal research aspect of the 2018 version of Gartner’s Magic Quadrant for Endpoint Protection Platforms.  This is one of the most popular research documents on, and with it comes all kinds of client questions.

FAQ: When is the EPP MQ going to publish?

The publication calendar for all upcoming Magic Quadrants is available online here in XLS form.

FAQ: How do you evaluate products in the MQ in such a short amount of time?

A: Notice that I say “formal research” in that opening sentence.  My colleagues and I don’t derive the MQ purely on the basis of spreadsheets, word documents, and videos provided by vendors.  We also don’t have time to road-test all of the products ourselves, either – bear in mind that there are close to 100 vendors who claim to be EPP vendors!

We talk to a lot of end-user clients throughout the year.  Between January and today, I have spent time with over 400 clients talking about EPP; either on phone/webex inquiries, or in-person at one of the Gartner conferences this year.  That works out to 12,000 minutes or 200 hours of on-going research.  And that’s just me.  There are five other analysts that directly cover EPP at Gartner, and many others that work in tangentially related markets.
So we get a lot of data and a lot of background before we even get to the formal research piece – where we work with vendors directly to validate our assumptions, takeaways, and analysis – which takes place from October through January.  It’s worth noting – because there is always great debate about it 🙂 – that vendors are not required to be Gartner clients to be included in the MQ.
The inclusion criteria is specified by the MQ lead author (i.e Me) and the co-authors on the document, and represents the needs of the market, and more importantly, the needs of a typical Gartner client.  Whether they are a Gartner client isn’t a consideration, however I will say that almost all  of the vendors(might even be all of them) in last years MQ are Gartner clients.
The sage advice I received when I worked on the MQ last year was “The Magic Quadrant is written to help Gartner clients understand a high-level view of this market.  It is not intended as a sales tool for vendors

FAQ: Why did VendorA move backwards this year?

A:  They didn’t.  The MQ isn’t a tracking document, and shouldn’t be compared directly to previous years.  Market requirements change fast, and this is especially true in the EPP and EDR spaces.  In fact, I recently published an updated definition for an Endpoint Protection Platform, and you should totally read it:  “Redefining Endpoint Protection for 2017 and 2018

So vendors do not move left or right, up or down.  The market changes.  Some vendors lead that change, some vendors react quick enough to participate in that change, some vendors don’t.

FAQ: Should I only select from vendors in the Leaders quadrant of the MQ?

A: Absolutely not.  The MQ Methodologies page explains it at a high-level:
“focusing on the leaders’ quadrant isn’t always the best course of action. There are good reasons to consider market challengers. And a niche player may support your needs better than a market leader. It all depends on how the provider aligns with your business goals”
I keep using the phrase “there is no one right answer for every organisation“.  I keep using it because organisations need to evaluate vendors and products against their specific requirements.  Choose an EPP that improves the workflow, efficiency, and effectiveness of the tools and humans you have today.

Additional Resources

Category: endpoint-protection  magic-quadrant  

Ian McShane
Research Director
1 years at Gartner
16 years IT Industry

Ian McShane is a Research Director/Analyst in Gartner Research, Security and Risk Management - Digital Workplace Security. Mr. McShane's area of expertise includes endpoint protection platforms (EPP), endpoint detection and response (EDR), and he assists organizations choosing strategic vendors, security products and services, and implementing best practices. Read Full Bio

Leave a Reply

Your email address will not be published. Required fields are marked *

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.