Next-gen end-point upstarts: one will make it; the rest will get bought or vanish - Trend Micro
Security stalwart issues challenge to its resellers: test our technology alongside Cylance, SentinelOne and Crowdstrike, and see who comes out top
Next-generation end-point security outfits such as Cylance, Crowdstrike and SentinelOne may be hoovering up VC cash, but only one among this new breed will make it, two will be bought and the rest will vanish into oblivion, a Trend Micro executive has predicted as he launched a stinging counter-attack against them.
A new category of end-point security start-ups employing AI and machine-learning techniques has taken the market by storm, chief among them Cylance, which is on a European growth push after bagging $100m in Series D funding, its brand and messaging recently adorning giant billboards at Waterloo Station (pictured).
Crowdstrike and SentinelOne are also making a big din in the market, having bagged $100m and $25m of funding last year, respectively.
Trend Micro is one of the so-called 'old guard' under attack from these newcomers, who argue that the signature-based techniques they peddle are no longer fit for purpose.
But in an interview with CRN, Trend Micro UK and Ireland sales director Ross Baker dismissed AI and machine-learning techniques as no more than a feature, in the same way that encryption and DLP have become.
He claimed that Trend Micro has effectively been using AI-based methods since 2005 and urged channel partners not to be "seduced" by new market entrants, predicting that most will disappear into obscurity.
"Just as we did with FireEye, our prediction for the SentinelOnes and Cylances and Crowdstrikes is that these guys won't all be here in a few years' time," he said.
"As is typical, one will make it, two will be acquired, and the majority will disappear without a trace, and Trend will still be here with that stability and financial security that a lot of these VC-backed companies don't have."
Baker admitted that many of Trend Micro's partners' heads have been turned by the new breed of challengers but urged resellers to compare their technology with Trend's in an independent test. Recent Cylance partner signings in the UK include SecureData and Armadillo.
"We bigger guys need to defend our position, but more importantly, set the record straight for the channel, who are maybe thinking Cylance or the SentinelOne guys look really cool," he said.
"The presumption is that Trend or the other established vendors can't touch them. What I would say to the channel is: have a look at what we are doing. We would stand side by side with any of these vendors in a bake off. If you look at the only independent test out there, avtest.org, Cylance came out awfully, with massive amounts of false positives. There aren't many independent tests but I would say to any one of our partners: why don't you do the independent test yourself - that's what the channel is for; put in a long-established technology like ours against one of these newcomers and decide for yourselves."
Today marks the release of Trend Micro's XGen end-point security offering, which the vendor claims sees it become the first to "infuse 'high-fidelity' machine learning into its approach".
But Baker played down the significance of its release, stressing that as far back as 2010, Trend employed machine-learning techniques to find malicious content on Twitter.
"I totally get why [partners'] heads have been turned but look at what we do and seefor yourselves," he said. "This is just a feature in addition to the 20, 30, 40 other features we already have in our suite and don't forget, if you're an existing customer of Trend today on the end-point the migration to this version is free. This is just an upgrade, whereas if you look at some of the prices I'm seeing quoted from some of these newcomers, that's a lot of budget that could be spent in other areas. If there is budget to be spent, let's tackle the ransomware challenge and the challenge of the ongoing cyberthreat because, for me, this AI story has really been overhyped - for us it's just business as usual."
However, Etienne Greeff, chief executive of SecureData, argued that the new machine- learning technologies being employed by the likes of Cylance shouldn't be dismissed as just a feature.
Greeff asserted that the incumbent end-point solutions "simply don't work" and that SecureData's ethical hacking arm, SensePost, cuts through traditional defences "like a knife through butter".
"There is no question that a new approach is needed and people like Cylance are the disrupters in the market," he said. "To say it's just a feature is a bold statement. We evaluated their technology and we believe their approach is sound."
Responding to Baker's claims that Trend Micro would match the likes of Cylance in a bake off, Greeff said: "Possibly, but certainly the market isn't talking about their proposition. There's only one thing worse than being stupid, and that's being clever without anyone knowing about it."
Baker (pictured) claimed that Trend Micro has been just as aggressive as the likes of Cylance, pointing out that its UK&I sales headcount has risen from seven to 28 since he joined in 2014.
"Maybe you'll see us on a billboard too," he said. "There's definitely a lot of interest in the security space. It's not that niche, must-get-around-to-the-security-side-of-this-project-soon anymore - we are seeing a lot of customers now building their entire IT project with security as the first thing they do."
Updated: since this story was published, we have received the following statement from Stuart McClure, president and CEO of Cylance:
"Cylance has grown faster than any cybersecurity company in history because the legacy vendors aren't preventing attacks. That is the bottom line truth. Most of today's security 'suites' are collections of cobbled together tools intended to aid in the fire-rescue operations instead of preventing the fire in the first place. When customers and channel partners test brand-new malware for themselves on a level playing field, the truth becomes self-evident: Cylance prevents attacks better than anyone. Until the testing houses update their methodologies to reflect the real world, so that apples aren't being tested for how much they taste like oranges, we will always recommend testing for yourself. Thousands of our customers have done their own testing and know the truth."