Choosing a security product is challenging no matter the technology or industry vertical. Many factors come into play, including price, security effectiveness, performance, management, workflow, deployment architecture, and interoperability. It can easily take months to gather this information, and implementing a proof of concept can take even longer. Most security veterans understand that there isn’t a one-size-fits-all “best product”—there are always trade-offs to be made.
The breach detection system (BDS) is an example of the security industry’s response to an ever-changing threat landscape. Not long ago, a BDS could be categorized relatively simply—for example, by operating system support, deployment mode, and form factor. The market has matured, however, and additional differentiators have emerged to make purchasing decisions more complex (e.g., interoperability, capture mechanisms, scanning differences, customization capabilities.)
The threat detection capabilities of BDS products provide solid value for enterprises: the BDS has become a layer in the traditional security stack, is treated more as a feature than a product, and has had solid success when implemented in the cloud. As a security layer, tied with API-based file analysis capabilities, the product remains flexible and useful to multiple teams within an organization.
Sometimes the product that is the best fit is not the most obvious choice. NSS Labs will soon be releasing a Product Selection Guide on BDS products, with in-depth analysis that will help enterprises narrow down their options.