Once More Unto The Breach (Detection Test)

It is difficult to go a week without reading about a major enterprise being breached. And it is because of this that the Breach Detection Systems (BDS) market is growing at an incredible pace that is expected to continue well into the future (32% CAGR, source: NSS Labs). 

This market demand has driven NSS to conduct the most complete test of this technology available today. A BDS is expected to detect malicious software traversing a network, either during the attack, or post infection during callbacks (also known as data exfiltration). A strongly marketed feature of this technology is that BDS detect attacks that have bypassed traditional security products, reflecting the growing sophistication of the attackers themselves.

In the test, vendors receive credit for timely detection whether during the download and installation of malware or for the detection of successful callbacks post infection and the subsequent generation of alerts severe enough to prompt an enterprise’s immediate action. For example an information alert that a malicious file is installed and calling doesn’t count; for the vendor to receive credit, the alert must be severe enough to warrant an immediate response). Without accurate classification of the malicious file or activity, an enterprise cannot respond effectively or appropriately.

Version 2.0 of our BDS test includes:

  • Well over 5 billion discrete data elements
  • Hundreds of victim machines
  • Collection and analysis of Terabytes of logs
  • Hundreds of discrete samples used in current campaigns, captured via the NSS Labs BaitNET™ technologies.
  • Exploits, malware, and evasion testing was performed using regularly abused compromise mediums such as web and email -  leveraging multiple common document types.
  • Over 100 unique evasion mechanics tested

Today’s security environment is challenging to say the least. Knowing which alerts to chase, which events matter, and which can be safely ignored can make the difference between catching a malicious attack or becoming tomorrow’s headlines. There are many BDS options on the market and the findings from NSS’ latest Breach Detection System Group Test can help you select a system that ensures you aren’t the next victim.

Follow me on Twitter (@mikespanbauer) to keep informed as new research is released. 

 

Follow us on Twitter (@NSSLabs) to keep informed as new research is released.

TAGS: BDS, Breach Detection Systems