Welcome!

iPhone Authors: Elizabeth White, Natalie Lerner, Gilad Parann-Nissany, Carmen Gonzalez, David H Deans

News Feed Item

NSS Labs Announces Analyst Coverage and New Group Test for Breach Detection Systems

NSS Labs Predicts the BDS Market to Reach $1 Billion by 2018

AUSTIN, TX -- (Marketwire) -- 11/08/12 -- NSS Labs today announced initiation of coverage and the launch of a new group test for breach detection systems (BDS). BDS is an emerging group of security solutions focused on detecting of intrusions caused by targeted persistent attacks (TPAs) and other particularly sophisticated threats designed to harvest information from compromised systems. Fueled by the frequency and severity of data breaches and their associated costs, the BDS market will have a compound annual growth rate (CAGR) greater than 25 percent, reaching $1 billion by 2018, according to NSS Labs' forecasts.

"Although you could think of this class of product as 'next-generation intrusion detection systems (NGIDS),' we at NSS Labs feel that the 'next generation' tag has been over-used by security vendors," says Bob Walder, Chief Research Officer at NSS Labs. "These products are designed to analyze complex attacks out-of-band, detecting, rather than preventing, network breaches. Because they are not expected to operate in-line at wire speeds, they can perform much more extensive analysis of inbound and outbound traffic to detect complex threats. This means they can only alert us to network breaches that have already occurred. For this reason, we coined the term 'breach detection systems (BDS).' Rather than use different vendors' lexicons based on preferred marketing descriptions, BDS precisely defines the role these solutions are meant to perform, apart from other technologies."

View the new NSS Labs Analysis Brief - Breach Detection: Don't Fall Prey to Targeted Attacks.

Will Breach Detection Systems become the latest security "silver bullet" -- or "white elephant?"
As the attack surface broadens and highly motivated cybercriminals use increasingly innovative and dynamic approaches to deploy sophisticated crimeware, enterprises must assume that they will be (or have already been) breached. Through constant analysis of suspicious code and identification of communications with malicious hosts, breach detection systems can provide enhanced detection of advanced malware, zero-day and targeted attacks, acting as an "early warning" system for exploits that have bypassed other network security defenses. Key trends driving the demand for breach detection systems include:

  • Attack frequency and sophistication at the device level: Client-side attacks represent the fastest growing and most serious group of threats today: These attacks often install malicious code "silently" and many users don't know that they've been infected until after the fact. Breach detection systems that constantly analyze suspicious code and identify communication back to malicious hosts can provide enhanced detection of advanced malware, zero-day and targeted attacks.

  • Browsers and endpoint security products struggle to block attacks: Many traditional endpoint security solutions and browsers lack adequate exploit and evasion protection: In recent NSS Labs tests, only 2 of 13 endpoint products tested blocked more than 80% of exploits and over 60% (8 of 13) failed to block attacks where obfuscation methods for compressing and packing payloads were used. In recent browser testing, only Microsoft Internet Explorer blocked 99% of malicious downloads -- Google Chrome, Apple Safari and Mozilla Firefox lagged behind blocking only 70%, 4.3% and 4.2% respectively.

  • Awareness and safe surfing are not enough: It's not necessary to visit the "dark corners" of the Internet to be at risk: Spear-phishing and drive-by exploits are served up in employee inboxes and often incorporate the legitimate web sites of trusted brand names in their attacks. Breach detection systems recognize that many responsible, well-meaning users will inevitably still be exploited and jeopardize enterprise systems.

  • Breach detection needs to take mobile devices, other shifts into account: The growth of BYOD opens otherwise secured networks up to significant risk: The increasing number of personal mobile devices and the virtualization of offices expose the corporate network to any number of malware variants from untrusted networks that may lack the protection and capabilities of the corporate infrastructure. These mobile devices also often bypass perimeter filtering and security appliances.

Commentary: NSS Labs Research Director Francisco Artes
"Breach detection systems claim to improve the recognition of the most severe types of intrusions -- such as those with the most severe consequences if electronic health records, intellectual property or other sensitive materials are stolen -- but it remains to be seen whether vendors in this emerging segment can provide value that is not offset by new products' overhead and complexity," said Francisco Artes, Research Director at NSS Labs. "Effective BDS tools need to complement existing security investments but risk being simply another console to watch; we look forward to ongoing research and testing as these solutions mature and face real-world threats."

The NSS Labs Live Testing™ harness for the BDS tests is designed to test the five main technologies that can be used as part of a BDS solution -- virtual machine (VM) sandboxes, browser emulation, domain reputation, AV signature, and traffic analysis. NSS Labs analysts will cover numerous vendors in the BDS market, including:

  • AhnLab
  • Damballa
  • FireEye
  • Lastline
  • McAfee
  • Palo Alto Networks
  • Symantec
  • Trend Micro

NSS Labs is currently in the process of confirming which vendors will be in the first Group Test for BDS and results will be available to NSS Labs' subscribers at www.nsslabs.com once complete.

NSS Labs does not receive any compensation in return for vendor participation; all testing and research is conducted free of charge.

About NSS Labs, Inc.
NSS Labs, Inc. is the world's leading information security research and advisory company. We deliver a unique mix of test-based research and expert analysis to provide our clients with the information they need to make good security decisions. CIOs, CISOs, and information security professionals from many of the largest and most demanding enterprises rely on NSS Labs' insight, every day. Founded in 1991, the company is located in Austin, Texas. For more information, visit www.nsslabs.com.

© 2012 NSS Labs, Inc. All rights reserved. All brand, product and service names are the trademarks, registered trademarks, or service marks of their respective owners.

Add to Digg Bookmark with del.icio.us Add to Newsvine

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

@ThingsExpo Stories
An entirely new security model is needed for the Internet of Things, or is it? Can we save some old and tested controls for this new and different environment? In his session at @ThingsExpo, New York's at the Javits Center, Davi Ottenheimer, EMC Senior Director of Trust, reviewed hands-on lessons with IoT devices and reveal a new risk balance you might not expect. Davi Ottenheimer, EMC Senior Director of Trust, has more than nineteen years' experience managing global security operations and assessments, including a decade of leading incident response and digital forensics. He is co-author of t...
The 3rd International Internet of @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that its Call for Papers is now open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
The Internet of Things will greatly expand the opportunities for data collection and new business models driven off of that data. In her session at @ThingsExpo, Esmeralda Swartz, CMO of MetraTech, discussed how for this to be effective you not only need to have infrastructure and operational models capable of utilizing this new phenomenon, but increasingly service providers will need to convince a skeptical public to participate. Get ready to show them the money!
The Internet of Things will put IT to its ultimate test by creating infinite new opportunities to digitize products and services, generate and analyze new data to improve customer satisfaction, and discover new ways to gain a competitive advantage across nearly every industry. In order to help corporate business units to capitalize on the rapidly evolving IoT opportunities, IT must stand up to a new set of challenges. In his session at @ThingsExpo, Jeff Kaplan, Managing Director of THINKstrategies, will examine why IT must finally fulfill its role in support of its SBUs or face a new round of...
One of the biggest challenges when developing connected devices is identifying user value and delivering it through successful user experiences. In his session at Internet of @ThingsExpo, Mike Kuniavsky, Principal Scientist, Innovation Services at PARC, described an IoT-specific approach to user experience design that combines approaches from interaction design, industrial design and service design to create experiences that go beyond simple connected gadgets to create lasting, multi-device experiences grounded in people's real needs and desires.
Enthusiasm for the Internet of Things has reached an all-time high. In 2013 alone, venture capitalists spent more than $1 billion dollars investing in the IoT space. With "smart" appliances and devices, IoT covers wearable smart devices, cloud services to hardware companies. Nest, a Google company, detects temperatures inside homes and automatically adjusts it by tracking its user's habit. These technologies are quickly developing and with it come challenges such as bridging infrastructure gaps, abiding by privacy concerns and making the concept a reality. These challenges can't be addressed w...
The Domain Name Service (DNS) is one of the most important components in networking infrastructure, enabling users and services to access applications by translating URLs (names) into IP addresses (numbers). Because every icon and URL and all embedded content on a website requires a DNS lookup loading complex sites necessitates hundreds of DNS queries. In addition, as more internet-enabled ‘Things' get connected, people will rely on DNS to name and find their fridges, toasters and toilets. According to a recent IDG Research Services Survey this rate of traffic will only grow. What's driving t...
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using the URL as a basic building block, we open this up and get the same resilience that the web enjoys.
Connected devices and the Internet of Things are getting significant momentum in 2014. In his session at Internet of @ThingsExpo, Jim Hunter, Chief Scientist & Technology Evangelist at Greenwave Systems, examined three key elements that together will drive mass adoption of the IoT before the end of 2015. The first element is the recent advent of robust open source protocols (like AllJoyn and WebRTC) that facilitate M2M communication. The second is broad availability of flexible, cost-effective storage designed to handle the massive surge in back-end data in a world where timely analytics is e...
We are reaching the end of the beginning with WebRTC, and real systems using this technology have begun to appear. One challenge that faces every WebRTC deployment (in some form or another) is identity management. For example, if you have an existing service – possibly built on a variety of different PaaS/SaaS offerings – and you want to add real-time communications you are faced with a challenge relating to user management, authentication, authorization, and validation. Service providers will want to use their existing identities, but these will have credentials already that are (hopefully) i...
"Matrix is an ambitious open standard and implementation that's set up to break down the fragmentation problems that exist in IP messaging and VoIP communication," explained John Woolf, Technical Evangelist at Matrix, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
How do APIs and IoT relate? The answer is not as simple as merely adding an API on top of a dumb device, but rather about understanding the architectural patterns for implementing an IoT fabric. There are typically two or three trends: Exposing the device to a management framework Exposing that management framework to a business centric logic Exposing that business layer and data to end users. This last trend is the IoT stack, which involves a new shift in the separation of what stuff happens, where data lives and where the interface lies. For instance, it's a mix of architectural styles ...
Cultural, regulatory, environmental, political and economic (CREPE) conditions over the past decade are creating cross-industry solution spaces that require processes and technologies from both the Internet of Things (IoT), and Data Management and Analytics (DMA). These solution spaces are evolving into Sensor Analytics Ecosystems (SAE) that represent significant new opportunities for organizations of all types. Public Utilities throughout the world, providing electricity, natural gas and water, are pursuing SmartGrid initiatives that represent one of the more mature examples of SAE. We have s...
P2P RTC will impact the landscape of communications, shifting from traditional telephony style communications models to OTT (Over-The-Top) cloud assisted & PaaS (Platform as a Service) communication services. The P2P shift will impact many areas of our lives, from mobile communication, human interactive web services, RTC and telephony infrastructure, user federation, security and privacy implications, business costs, and scalability. In his session at @ThingsExpo, Robin Raymond, Chief Architect at Hookflash, will walk through the shifting landscape of traditional telephone and voice services ...
The Internet of Things is tied together with a thin strand that is known as time. Coincidentally, at the core of nearly all data analytics is a timestamp. When working with time series data there are a few core principles that everyone should consider, especially across datasets where time is the common boundary. In his session at Internet of @ThingsExpo, Jim Scott, Director of Enterprise Strategy & Architecture at MapR Technologies, discussed single-value, geo-spatial, and log time series data. By focusing on enterprise applications and the data center, he will use OpenTSDB as an example t...
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at Internet of @ThingsExpo, James Kirkland, Chief Architect for the Internet of Things and Intelligent Systems at Red Hat, described how to revolutioniz...
Bit6 today issued a challenge to the technology community implementing Web Real Time Communication (WebRTC). To leap beyond WebRTC’s significant limitations and fully leverage its underlying value to accelerate innovation, application developers need to consider the entire communications ecosystem.
The definition of IoT is not new, in fact it’s been around for over a decade. What has changed is the public's awareness that the technology we use on a daily basis has caught up on the vision of an always on, always connected world. If you look into the details of what comprises the IoT, you’ll see that it includes everything from cloud computing, Big Data analytics, “Things,” Web communication, applications, network, storage, etc. It is essentially including everything connected online from hardware to software, or as we like to say, it’s an Internet of many different things. The difference ...
Cloud Expo 2014 TV commercials will feature @ThingsExpo, which was launched in June, 2014 at New York City's Javits Center as the largest 'Internet of Things' event in the world.
SYS-CON Events announced today that Windstream, a leading provider of advanced network and cloud communications, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Windstream (Nasdaq: WIN), a FORTUNE 500 and S&P 500 company, is a leading provider of advanced network communications, including cloud computing and managed services, to businesses nationwide. The company also offers broadband, phone and digital TV services to consumers primarily in rural areas.