TDA Represents an Evolution of the Original Breach Detection Systems Group Test
AUSTIN, Texas – April 3, 2019 – NSS Labs, Inc., a global leader and trusted source for independent, fact-based cybersecurity guidance, today announced that it is developing its Threat Detection and Analytics Systems (TDA) Group Test with results to be released in 2019. As part of today’s announcement, the company is also issuing a call for industry engagement from both enterprises and vendors that offer threat visibility and automation and response capabilities through the use of analytics to help shape and evolve the upcoming group test and accompanying methodology.
While enterprises aspire to attain a perfect security architecture, the reality is that weaknesses can stem from a number of factors. These can include configuration error, lapses in operational hygiene, user error, threat and evasion capabilities, and malicious insiders. Increasingly, enterprises are turning to threat detection analytics technology to address evolving use cases for analytic capabilities to identify, investigate, and respond to incidents before a major incident or breach occurs.
Threat detection and analytics products improve the incident responders’ ability to rapidly assess and identify threat activities that incorporate subtle and advanced attack techniques that can bypass individual security controls unless examined across the attack sequence. Through the application of analysis algorithms and both traffic and often endpoint technologies, TDA technologies help to accelerate the response workflow and improve incident outcomes by correlating data across many data surfaces. Incident responders are uniquely able to address attacks in progress and help organizations avoid serious data loss or damage if they learn of incidents early enough in the attack chain and have sufficient detail to prioritize and act on threats.
This forthcoming test will evaluate both traditional TDA products and new entrants striving to address evolving enterprise use case requirements for this technology. Some of the capabilities this test will examine include enhanced identification of false positive events, detection of malicious activity or content, and operational and workflow impacts such as a product’s ability to streamline enterprise operations by integrating with other security tools.
In 2018, NSS Labs performed the industry’s most comprehensive group test of leading breach detection system products. Three products from market-leading vendors were examined for security effectiveness, performance, and total cost of ownership. Of the products that participated in the group test, only one product demonstrated full resilience tested against attack variants.
“The TDA group test will help enterprises evaluate whether to replace or refresh existing BDS deployments with TDA products or investigate new approaches that incorporate analytics and advanced feature sets,” said Jason Brvenik, Chief Technology Officer at NSS Labs. “We encourage both enterprises and vendors to collaborate with us as we examine this evolving category.”
NSS Labs has a long history in testing enterprise-class security products. NSS Labs’ rigorous group tests offer independent analysis of the top security technologies used today by Global 2000 companies. The tests provide the industry’s most comprehensive review of security effectiveness, performance, and total cost of ownership. Enterprises rely on our tests for fact-based, empirical data that they can use to inform their decision making. Within the last 12 months, NSS Labs has released group test results for several categories of mature and evolving cybersecurity products. To learn more about our group tests, visit the NSS Labs website.
As with all NSS Labs group tests, there is no fee for participation, and the test methodology is available in the public domain to provide transparency and to help enterprises understand the factors behind test results.
Enterprises that wish to provide feedback regarding NSS Labs’ upcoming TDA Group Test and its associated test methodology can send feedback to firstname.lastname@example.org. Vendors can send feedback to email@example.com.