SMB Endpoint Security Vendor Scorecard 2021: Analysys Mason has identified five vendors as leaders

19 November 2021 | Research

Article | PDF (4 pages) | Cyber Security

"Analysys Mason has identified five vendors as leaders in its SMB Endpoint Security Vendor Scorecard 2021: CrowdStrike, ESET, Kaspersky, Microsoft and Sophos.”


Listen to or download the associated podcast

Analysys Mason has identified five vendors as ‘leaders’ in its SMB Endpoint Security Vendor Scorecard 2021: CrowdStrike, ESET, Kaspersky, Microsoft and Sophos. These vendors have different backgrounds, differentiators and strengths but they all have high customer and partner satisfaction ratings, as well as large channel partner bases. Importantly, they all offer products that can meet the specific needs of small and medium-sized businesses (SMBs).1

This article summarises the strengths and differentiators of the leaders. It is based on research and analysis conducted for Analysys Mason’s SMB Endpoint Security Vendor Scorecard 2021, in which we analysed the strategies and market positions of 19 security vendors worldwide.

Each of the vendors included in our scorecard offers a range of endpoint security and adjacent solutions. The featured vendors have varying levels of focus on the SMB market; for some, SMBs are the core target market, while for others, SMB customers account for a small share of revenue. Analysys Mason acknowledges that this positioning is often deliberate; vendors may choose not to focus on the SMB market based on factors such as their wider product portfolio, appetite for risk, geographical presence and current partner network make-up.

Figure 1: Results of Analysys Mason’s SMB Endpoint Security Vendor Scorecard 2021

Figure 1: Results of Analysys Mason’s SMB Endpoint Security Vendor Scorecard 2021

The key criteria used by Analysys Mason to evaluate vendors’ strategies, ambitions and execution in the SMB market were:

  • focus on the SMB market
  • strategy and vision
  • partner network
  • portfolio of solutions
  • operating scale and ambition
  • complementary capabilities
  • brand recognition.

The five leaders, CrowdStrike, ESET, Kaspersky, Microsoft and Sophos all demonstrated:

  • a clearly articulated strategy for the SMB market, which is supported by marketing activities and the appropriate level of investment/resource;
  • robust KPIs that show that their SMB strategies are resulting in revenue growth;
  • well-developed channel partner programmes for managed service providers (MSPs), value-added resellers (VARs) and resellers and a continual focus on their improvement;
  • an offering that caters to the specific requirements of SMBs.

The leaders have different backgrounds and strengths, but are all focused on expanding their channel partner networks

The following differentiators have enabled the leaders to be particularly successful in the SMB market.

CrowdStrike initially targeted very large organisations with its endpoint security platform. It is now increasingly concentrating on growing its SMB customer base, expanding its channel partner network and growing its footprint outside of the USA. Its key differentiators are its cloud-native architecture and a high level of customer satisfaction. It has an industry-leading revenue retention rate. CrowdStrike’s TTM dollar-based net revenue retention rate has consistently exceeded 120% for every quarter since 1Q FY2019 (it was 125% at the end of FY2021).2,3

ESET mainly focuses on serving SMBs, unlike CrowdStrike. Its revenue growth has been mostly organic (ESET’s revenue increased at a CAGR of 10% between 2012 and 2019, and by 1.4% year-on-year in 2020). It is in a particularly strong position in Europe and is a channel-centric business with more than 7000 MSP partners. ESET’s strong focus on the SMB market and its wide geographical presence are among its key differentiators. SMBs account for more than half of its revenue and the vendor has a notable presence across several continents, including underpenetrated markets such as Latin America and emerging Asia–Pacific.

Kaspersky has a strong reputation among its partners for ease of doing business with, and it is devoted to expanding its MSP partner network. It offers MSPs the endpoint, email, Office 365, web and workload protection tools needed to craft a complete SMB security suite. Kaspersky’s dedication to the SMB market is also demonstrated by its product tiering; for example, it started offering endpoint detection and response (EDR) and managed detection and response (MDR) solutions specifically tailored to the IT security maturity and needs of SMBs in 2021. The vendor has a particularly strong presence (compared to competitors) in Russia and Central Asia, the Middle East and Africa and Latin America.

Microsoft aims to set itself apart from other security vendors through its comprehensive approach to the security (and other IT) needs of SMBs. It is increasingly positioning itself as a security expert in marketing activities and is focused on developing its security channel partner ecosystem (its network of channel partners more generally is unparalleled). Microsoft provides SMB-market-specific partner playbooks, and places emphasis on tailored technical fundamentals and sales training. Ease of deployment, integration and use are qualities of its endpoint security solutions that are of particular value to SMBs. 

Sophos’s core B2B target market are organisations with fewer than 5000 employees. The vendor’s product portfolio encompasses endpoint, mobile, network, web and email security; it offers most of the security solutions that the majority of SMBs require. Its Sophos Central management console, remote monitoring and management and professional services automation (RMM/PSA) partner integrations and the breadth of its portfolio make it a particularly attractive partner for MSPs.

Vendors need to take a more-nuanced approach to differentiation in the SMB market 

Many endpoint security vendors highlight their efficacy ratings to persuade customers to choose their solutions.4 SMBs can be confused by the number and range of such ratings and may get the general impression that all vendors are the same (they all claim to offer the most-effective endpoint security solutions). A more-tailored approach to marketing for the SMB segment is needed. For example, vendors should highlight how they compare in terms of ease of deployment, integration and use because these are the factors that matter most to SMBs.

Endpoint security solutions that are natively integrated with network, mobile and email security products are in high demand by SMBs and the channel partners that serve them. To be successful in this market, vendors therefore need to provide well-designed management consoles for MSPs/VARs and should continually update them with new features.

1 For the purposes of this research, Analysys Mason defines SMBs as organisations with fewer than 1000 employees.

2 TTM, or the trailing 12 months, dollar-based net revenue retention rate compares a vendor’s annual recurring revenue from a set of subscription customers against the same figure for those subscription customers from the previous year. This metric reflects customer renewals, expansion, contraction and churn, and is usually reported quarterly.

3 CrowdStrike’s FY2021 ended on 31 January 2021.

4 By efficacy rating, we mean the effectiveness of an endpoint security solution in the detection and prevention of threats.

Article (PDF)