by Mike Spanbauer | Nov 28, 2018 | Blog
Those of you in the trenches of cybersecurity likely share a perspective held by many of us at NSS Labs: “the only constant is change.” In other words, as threats continue to evolve, so must the employees who use the data and the products deployed to...
by Mike Spanbauer | May 29, 2018 | Blog
NSS Labs released the results of its Advanced Endpoint Protection (AEP) v2.0 Group Test last month, providing insight into the security efficacy, visibility, and value of 20 endpoint product vendors. Endpoint security technology remains a focal point for most...
by Mike Spanbauer | Dec 6, 2017 | Blog
The only constant in security is change. Over the last few years, we have witnessed a growing consensus among security practitioners that everyone is at risk of a breach, and that it is hard to do security well all the time. At NSS Labs, we spend our days helping...
by Mike Spanbauer | Jul 6, 2016 | Blog
On March 1, 2016, six vendors submitted their Data Center Intrusion Prevention (DCIPS) products to be tested for Security Effectiveness and Performance. Security effectiveness ranged from 23.2% to 99.9%. NSS Labs identified a number of security issues with the Hewlett...
by Mike Spanbauer | Feb 29, 2016 | Blog
NSS Labs is excited to share the results of our latest next generation firewall (NGFW) group test. Twelve vendors brought a total of thirteen products to the test, which were tested against the most robust NGFW test methodology to date (v6.0). In addition to the...
by Mike Spanbauer | Aug 5, 2015 | Blog
It is difficult to go a week without reading about a major enterprise being breached. And it is because of this that the Breach Detection Systems (BDS) market is growing at an incredible pace that is expected to continue well into the future (32% CAGR, source: NSS...
by Mike Spanbauer | May 20, 2015 | Blog
How quickly could you solve a crime if you had at your fingertips a comprehensive index of all activities occurring at a crime scene before, during, and after the crime? Security professionals have spent considerable amounts of time determining the sequence and timing...
by Mike Spanbauer | Apr 14, 2015 | Blog
When I am asked by friends to discuss the security breaches that feature ever more frequently in the news, I use a music analogy. Why music? For one thing, I am a fan of traditional classical music; for another, this allows me to describe the roles of security teams...
by Mike Spanbauer | Mar 3, 2015 | Blog
Over the course of the last few years, the number of publicized breaches has risen dramatically, ultimately costing some CXOs their jobs. The irony is that in many cases, the breach itself is not the cause of their dismissal, but rather it is the handling of the...
by Mike Spanbauer | Feb 4, 2015 | Blog
You’ve probably heard the phrase “drinking from a fire hose,” and in the security world, it has never been more applicable than it is today. Debate about how security is evolving within the software-defined world; concerns over when (not if) the next high-visibility...
by Mike Spanbauer | Jan 20, 2015 | Blog
Next generation firewalls (NGFWs) have become perimeter security “table stakes” for enterprise security. Potentially the most important network security investment an enterprise can make, NGFW technology is in high demand. There is considerable differentiation within...
by Mike Spanbauer | Jan 5, 2015 | Blog
The past year has been rife with an alarming increase in grievous information security incidents. Breaches, widely distributed software critical vulnerabilities, and increasingly sophisticated attacks all appeared with frightening regularity. Everyone who works in...
by Mike Spanbauer | Oct 29, 2014 | Blog
“Assume you have been breached” has become standard advice from information security professionals today. As organizations continue to be breached, the conventional approach to information security – in which layers of best-of-breed security technologies are used to...
by Mike Spanbauer | Sep 30, 2014 | Blog
Unlike most security technologies that attempt to identify a broad range of bad traffic by means of traditional detection methods, a web application firewall (WAF) is like a finely honed sword designed for a singular purpose: monitoring HTTP traffic between clients...
by Mike Spanbauer | Sep 29, 2014 | Blog
It has been barely 6 months since the Heartbleed vulnerability was revealed, but just as the global security community has recovered from this vulnerability, one that is more prevalent – and potentially far more damaging – has emerged. The Shellshock vulnerability...
