You’ve probably heard the phrase “drinking from a fire hose,” and in the security world, it has never been more applicable than it is today. Debate about how security is evolving within the software-defined world; concerns over when (not if) the next high-visibility breach will occur; zero-day vulnerabilities; virtualization and micro-segmentation; and threat intelligence differentiation (according to a recent NSS Labs survey, this is one of the most requested research areas for 2015) all make it clear that although we are only a month into 2015, we already have information overload.
Even for the research team at NSS, i.e., analysts who are focused primarily on the security space, it requires considerable effort to stay on top of the latest technologies from hundreds of different security providers. For an enterprise, so many questions must be answered each time a product or technology selection is considered. In 2015, such questions may include:
Which 1, 3, and 5-year investments are right for me?
- Should we build out a security analysis team to sift through the malware that was discovered on a client and determine what damage may have been caused?
- Is it time to consider a new endpoint protection technology? (Is antivirus truly dead?)
- How should we be using our SIEM software? Should it be used only to support our security operations center, or should we be using it to assist with daily threat detection as well?
- What product technology integrations are benefiting others in the market/in our vertical?
- What supporting technologies should be considered when assessing the right breach detection solution for our company?
Over the past year, we’ve been working non-stop to build out a library of content that helps enterprise buyers answer questions such as these – and more. NSS market analysts track leaders and growth in key security technology segments; our company analysts remain in close contact with key vendors and innovative start-ups seeking to disrupt the status quo; and our test analysts comb through test data and correlate it with market insights to further drive value into the portfolio. Here at NSS, 2014 went by in a flash, but we accomplished a great deal; and in 2015, we will continue to build on these efforts.
This year, we’ve mapped out a suite of content that is designed to assist our customers with buying decisions and other security challenges. The suite will include best practice deployment guides – initially by technology and then by market vertical; packet forensics solutions that augment breach detection and awareness; and SIEM comparisons, gateway technologies, and more.
Next month: Continuous Forensic Analytics: “What’s inside that packet, and do I care?”