UK IT Channel News | IT Channel Oxygen
  • News
  • Topics
    • Vendor
    • Distributor
    • Partner
    • Indepth
    • Sustainability
    • M&A
    • People Moves
    • AI
    • Tech trends
  • About Us
  • Partner with us
Members
Must-Know Distributors
Oxygen 250
No Result
View All Result
  • News
  • Topics
    • Vendor
    • Distributor
    • Partner
    • Indepth
    • Sustainability
    • M&A
    • People Moves
    • AI
    • Tech trends
  • About Us
  • Partner with us
No Result
View All Result
UK IT Channel News | IT Channel Oxygen
No Result
View All Result
Home Cybersecurity

Gartner names 6 ‘leaders’ in $18bn endpoint protection market. Who are they?

The lowdown on the leaders in Gartner’s latest Magic Quadrant for Endpoint Security

Oxygen staff by Oxygen staff
1 June 2026
in Cybersecurity, News, Vendor
Gartner names 6 ‘leaders’ in $18bn endpoint protection market. Who are they?
Share on LinkedinShare on Twitter

Endpoint protection sales will continue to see double-digit growth, Gartner predicted as it named the same six vendors as ‘Leaders’ in its Magic Quadrant for the sector for a fourth year running.

The $18bn endpoint protection market is set for a shake up in the coming years as “rapid AI adoption” and “emerging supplier sovereignty requirements” reshape buyer priorities, the analyst said.

Currently growing at around 14% annually, endpoint protection sales will swell by a CAGR of around 11% through 2028 to hit $26bn, Gartner predicted.

Leaders lowdown

CrowdStrike and Microsoft hold an estimated 40% share of the spoils between them, it noted.

And it was this duo whose dots were also positioned furthest to the right and top of Gartner’s research this time around (with CrowdStrike seemingly extending its margin over the latter compared with 2025).

The achievement was immediately flagged up by CrowdStrike CEO George Kurtz, who described endpoint as “the decisive battleground in security”.

They were joined in the Leaders’ box by Palo Alto Networks, SentinelOne, TrendAI and Sophos in a line-up that has remained identical since 2023.

Leaders “consistently demonstrate progress across all criteria” related to the two axes of ‘Ability to Execute’ and ‘Completeness of Vision’. They hold “significant mind and market share”.

ESET was named as a ‘Challenger’ (mature product but “often late in addressing emerging needs”), while Bitdefender and Check Point were given the status of ‘Visionaries’ (deliver new and emerging capabilities ahead of competitors but may lack track record or market share).

Fortinet, Trellix, WithSecure and Broadcom also made the cut as ‘Niche Players’ (offer solid products, but rarely lead the way in introducing new capabilities or marketshare). Cisco and Cybereason were dropped from the quadrant altogether.

Rationalisation, sovereignty and AI

Turning to market trends, Gartner noted that some established endpoint protection vendors are responding to efforts among cybersecurity leaders to rationalise their cybersecurity vendors by incrementally expanding their product footprint.

Over the last 12 months, CrowdStrike has acquired SGNL, Seraphic Security, Onum and Pangea, it noted.

“There were 400 reported mergers of cybersecurity companies in 2025, and the top 10 cybersecurity enterprise software security vendors continue to grow their revenue,” Gartner said.

Heightened geopolitical instability is also driving stronger technological sovereignty requirements, Gartner added.

This was one area in which market leader CrowdStrike was marked down, with Gartner complaining its customers “still have limited choices for cloud-hosting points of presence outside Germany and the US”.

The rapid adoption of various forms of AI by organisations is outpacing the speed of cybersecurity control planning, deployment and fine tuning, the analyst also noted.

But although vendors are increasingly investing in generative and agentic AI to improve product usability, adoption by security teams remains limited, Gartner said.

“Today’s generative AI features primarily focus on administrative assistance, such as incident summarisation and documentation discovery,” it said.

Tags: CrowdstrikefeaturedFortinetMicrosoftPalo Alto NetworksSentinelOneSophosTrellixWithSecure
Previous Post

Two brothers’ solution to the hardware bubble, skyrocketing tech prices

Next Post

Nebula hires Lynn for global services win

Related Posts

Luke Nicolaou, Eduthing
Public sector

Eduthing CEO reassures schools customers as it performs pre-pack administration

10 July 2026
Meet the new channel bosses at Veeam, Commvault and Sophos
People Moves

Meet the new channel bosses at Veeam, Commvault and Sophos

10 July 2026
Holly Wade, Peak Sales Performance
Careers & Skills

Ex Softcat sales trainer reveals trait of best salespeople as she launches own venture

9 July 2026
Mike Norris Group Sales kick off Berlin 2024 (1)
AI

Computacenter seeing double on profits amid hyperscaler delight

9 July 2026
Onyx founders
Tech trends

Onyx founder sounds CSP warning as it bags ‘one-and-done’ funding

7 July 2026
IT Channel Oxygen top dog for IT distribution buyer prompts – research
Marketing

IT Channel Oxygen top dog for IT distribution buyer prompts – research

7 July 2026
Carl Henriksen, OryxAlign
M&A

Palatine reveals ‘defining factor’ as it invests in £20m-revenue MSP OryxAlign

6 July 2026
Ian Hudson, Hudson Hill Consulting
Big Interview

‘Having come close to death, I’m more carefree’ – meet the MSP MD gunning for £100m

6 July 2026
Next Post
Scott Lynn, Nebula Global Services

Nebula hires Lynn for global services win

IT Channel Oxygen keeps you informed on the UK IT channel and its sustainable transformation. Learn more

  • About
  • Our Team
  • Partner with us
  • Privacy Policy
  • Terms & Conditions
  • News
  • Cookie Policy (UK)

© 2026 IT Channel Oxygen

Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behaviour or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Oxygen 250
  • Must-Know Distributors
  • Member area
  • Big Interview
  • News
  • Indepth
  • About
  • Partner with us

© 2026 IT Channel Oxygen