NSS Labs report "Cybercrime Kill Chain vs. Defense Effectiveness: Subversion of ..."

From https://www.nsslabs.com/reports/cybercrime-kill-chain-vs-defense-effectiveness:

 

Thanks, MrBrian.

I find it interesting how the report describes vendor performance claims to be "grossly overstated." That's some pretty strong language there.

Also interesting how Sourcefire's IPS products did relatively well - I'll admit that surprised me.

Too bad there are no tests of less orthodox enterprise products (e.g. Bromium).

 

Some vendors claim 100% detection ratings. It's hilarious that anyone can still take those tests seriously when they see *anyone* getting 100%.

I'll have to give the above paper a read, although I'm not sure I have any respect left in me for NSS labs' work.

 

I haven't seen that yet, but then I (thankfully) haven't yet dealt with proprietary FW/AV/IPS solutions in the corporate arena... Though that may change shortly. I'll cross that bridge when I come to it, I guess.

... Care to clarify the reason for said lack of respect?

 

I've never read anything by them that didn't read like inaccurate bias trash. Not that I comb through their work, but based on what I've read it's all either been bland (common, most places just push out things everyone should already know, and they're as guilty as the rest) or just bad.