I often ask our team “what is the ideal amount of money that any organization wants to spend on cybersecurity?” The answer is, paradoxically, zero—owners and executives would much rather spend that money on practically anything else. And yet organizations will spend hundreds of billions this year on cybersecurity tools and services—and it compounds every year.
I think this is helpful framing for what drives behavior around how organizations decide what, and how much, to spend their cybersecurity budget on. What are the factors that cause that number to move away from the ideal? What causes change? Who causes change?
It’s also a useful way to ground ourselves in the bigger picture of what role cybersecurity plays for our customers. We don’t sell to security organizations, we sell to companies that produce pharmaceutical research, manufacture cars, drill for oil, help clients manage money, defend Western values, etc. Security is something that enables these things to happen, attached to the technology needed to accelerate productivity around their core mission.
One of the major categories each and every one of these organizations spend their cybersecurity budget on is endpoint security. Practically every customer we work with has purchased and managed two primary products—Antivirus (AV) and Endpoint Detection & Response (EDR). I think it’s worth walking through how organizations ended up with these two core products, which represent roughly $13 billion of spend last year.
Part 1: AV and EDR
Commercial Antivirus was invented in the late 1980s but really blossomed in the 1990s. Why? The internet connected millions of personal computers together, enabling things like email to exist en masse. What did people start sending each other over email? Files. Documents, photos, Excel workbooks, PowerPoint presentations, PDFs. Each of those files had to be downloaded to the operating system and double clicked to open—which spawned all sorts of combinations of code executing. Attackers figured out they could hide things in these files, or mask malicious files and “appear” normal, all to get an unsuspecting user to double click on something and get their code running.
AV responded by taking advantage of internet scale to build a global signaturing system—which matches the unique “signature” of each file with a “known bad” database to block it at execution (actual prevention!). This led to giant companies like Symantec and McAfee being built.
From the mid-90s to early 2010s, this approach worked exceedingly well at creating real overhead for adversaries developing attacks. If an organization had AV installed on their endpoints, adversaries would go somewhere else. Or, they would need to find a way to avoid the “known bad” database completely.
Attackers started to figure out that they may be able to leverage the operating system itself, and the tools running on the OS, to perform malicious actions without actually requiring a file to be downloaded and clicked on. By using tools like Powershell or WMI on Windows machines, they could blend in with normal network traffic and perform actions that led to code executing on the machine while completely avoiding AV detection.
This method, which is now popularized as “fileless” malware, started showing up in threat intelligence reports in the early 2010s. AV providers were slow and/or didn’t respond to this altogether, which opened up the market for a 2nd generation of endpoint security companies, EDR, though it wasn’t called that at first.
These companies built agents that hooked into the operating system kernel itself to monitor telemetry and apply signatures to behaviors that they deemed malicious. They also built cloud infrastructure that allowed data from one attack to be quickly signatured (“known bad”) and deployed into other customers—taking advantage of the rising trends of crowdsourcing and cloud computing. Giant companies like CrowdStrike, Microsoft (through their Defender product), and SentinelOne were developed off of this shift.
I think it’s important to point out that it took years for organizations to start to adopt EDR, even with threat intelligence clearly showing a new type of successful attack and with clear gaps in AV’s approach. Why? Installing new agents on endpoints is a pain, AV vendors were saying they covered these attacks with their approach, and the central premise of zero dollars of spend created inertia to overcome.
Part 2: Cracks and the innovation gap
This brings us roughly to today.
If AV really innovated and distributed between 1995 and 2010, EDR has done the same between 2010 and 2025. Both of those are roughly 15-year cycles of innovation, consolidation, and distribution. If you talk to many security practitioners and executives, I think the narrative has been “AV and EDR is more than enough, we are covered.” Yes, there are other endpoint security products like application allowlisting, sandboxing, and others, but none have had the same economic impact.
But things have started to change in the past year or two.
More and more CISOs are starting to say “AV and EDR isn’t enough anymore.” There's a new willingness to install an additional agent, despite the pain involved. Why is this?
I don’t think there’s any one definitive answer, but I think there are a few contributing factors:
- Ransomware, an attack type almost exclusive to the endpoint, has increased 104% in the past two years, despite widespread adoption of AV and EDR. Costs to organizations are now over $50 billion annually, and the number of attacks is increasing quarter-over-quarter. This is pretty incongruent with the level of protection that organizations assume they have with AV and EDR.
- Microsoft has started to shift endpoint security away from the kernel and towards user mode, requiring a new architecture for traditional endpoint security vendors.
- Internal and external red teams are leveraging techniques like in-memory execution to completely evade EDR’s behavioral signature detection methods. These teams are going to their security leaders and are alerting them about endpoint security shortcomings. We released a research preview in July that addresses this EDR shortcoming and highlights our approach.
I’d argue that the biggest reason may be the lack of bottom-up innovation in the endpoint security space over the last decade or so. After the initial burst of EDR vendors in the early 2010s, consolidation happened, and venture money to endpoint security startups effectively dried up. There’s incredible innovation that happens at large organizations—but the innovator’s dilemma is real for a reason. And usually it takes a technology shift (AV: internet -> EDR: cloud) to dislodge the current way of thinking.
Part 3: A new world
As a leading indicator—venture money is starting to flow back into endpoint security. We announced a $16 million dollar round last week focused on developing the next generation of endpoint security. And we aren’t the only ones who have raised money to tackle this space. What’s causing this movement?
First, I think it’s important to go back to the opening point around an ideal $0 spend and the inertia that comes from that. The requirements for an organization to pay attention to a vendor, despite the friction associated with testing, deployment, and integration, are high. So the conditions have to be right to cause some kind of change. So what’s changed?
What’s changed is what an endpoint is used for. An endpoint was initially vulnerable in the 1990s because it was a gateway to files being sent across the internet. Then the endpoint became vulnerable again in the 2010s because professionals started working from home, and installed a multitude of powerful applications that allowed attackers to hide in their benign processes. What is an endpoint used for in 2025? It’s used to host a new form of intelligence that accelerates productivity—an LLM.
The economic rewiring that is currently occurring because of accelerated computing has higher velocity and higher impact than what occurred with the rollout of the internet or cloud infrastructure. Organizations are adopting agents at a rate never before seen in enterprise software because of the promise of accelerated productivity. They are installing agents on endpoints to help developers automate code generation, researchers discover novel scientific insights sooner, designers render highly complex ideas, etc. These professionals do this accelerated productive work on an endpoint, with all of the security concerns we’ve laid out above.
These agents are able to generate novel code execution at a rate that would make adversaries in the 1990s or 2010s vibrate. This is already happening in primitive forms inside of organizations. Whatever cracks started to appear in the last year or two around AV and EDR’s completeness is going to become much more exposed. AI agents create a fundamental attribution problem—they execute code that is simultaneously novel (can't be signatured), autonomous (no human verification), and legitimate-looking (same behaviors as normal operations), at speeds that make human review impossible. This breaks the core assumptions of both AV (signature-based prevention) and EDR (behavioral signature detection).
When every legitimate user becomes a potential source of novel code execution indistinguishable from attack patterns, the entire foundation of 'known bad' detection collapses.
We’re proposing that we are right at the beginning of the next generation of endpoint security. And that the conditions are starting to form that will cause massive amounts of energy to occur in protecting our new version of endpoints. This version of endpoint security will require a new architecture, a new approach to detecting adversarial behavior (that doesn’t require millions of signatures), and a new way of working with organizations to enable their actual business to go faster—while comprehensively protecting their endpoints in this world.
If you’re interested in working with us on this vision, please consider joining us.
Join the team that's reimagining endpoint security
