Breach Security: BPS Product Classification

A datasheet from NSS Labs titled Breach Prevention Systems

Network breach detection with blocking. 

By constantly analyzing suspicious code and identifying communications with malicious hosts, breach detection systems (BDS) can provide enhanced detection of advanced malware, zero-day attacks, and targeted attacks that could bypass traditional defenses. 

A new technology is available that provides detection before a breach occurs, and NSS Labs is referring to these products as Breach Prevention Systems (BPS). A BPS uses data (evidence) that it gathers or that it is fed by a variety of sources, including endpoint agents, to determine whether an activity is malicious, and then, if it is found to be malicious, to yield a conviction event. 

BDS total market revenue was more than $1.5B in 2016, and NSS estimates this number will grow by approximately 32% in CY2017. The shift to BPS could accelerate that growth, however, as the capability to prevent attacks opens a much larger addressable market for the products. NSS believes the bulk of the BDS market will transition into a BPS market, though some use cases will remain for discrete BDS.

Click here to download as PDF