Enterprises operate in a world of ever-increasing cyber risk. Threat actors with various motivations and skill levels are constantly launching attacks, both targeted and opportunistic. To properly defend the enterprise, point products such as firewalls or endpoint products in and of themselves are insufficient. Enterprises require visibility, and the ability to interdict, during all phases of the Cyber Kill Chain. Enter the breach prevention system (BPS), an integrated solution that provides both comprehensive protection and alerting and reporting.

This Test Methodology describes a new approach to testing the efficacy of security solutions. The BPS will be assessed as an integrated system, rather than an aggregation of point products. Scenario-based, goals-oriented testing will be performed to determine the real-world effectiveness of the system under test in an environment that emulates an enterprise network.