While endpoint agents have always tried to be the eyes and ears for security, an overabundance of them may be degrading security rather than improving it. A 2017 survey from Barkly and Ponemon Institute finds that companies have as many as seven different agents running on each endpoint, while at the same time, three out of four report still having difficulty managing endpoint risk. Other security solutions require agents for compliance, data leakage, vulnerability and patch management, network security solutions, systems management, and more. The industry has gone agent crazy, it seems, resulting in significant performance issues, escalating licensing costs, conflicts with other services running on the endpoints, maintenance headaches, difficulties for upgrades and certification issues, and more.
The problem of too many agents mirrors the problem of too many separate security solutions. This Cisco Newsroom article, summarizing their 2017 Annual Cybersecurity Report, states that 65 percent of organizations are using from six to more than 50 security products, increasing the potential for security effectiveness gaps. Individual security products have spread across the enterprise in the attempt of solving point problems or addressing specific security concerns or even requirements. The evolution of security as a perimeter to security everywhere has resulted in organizations having a broad portfolio of solutions. At the same time, evolution of computing environments to encompass on-premise, public cloud and private cloud with a range of physical and virtualized resources has expanded attack surfaces and complicated the task of security.