NSS Labs report "Cybercrime Kill Chain vs. Defense Effectiveness: Subversion of ..."

Discussion in 'other security issues & news' started by MrBrian, Jan 18, 2014.

Thread Status:
Not open for further replies.
  1. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    From https://www.nsslabs.com/reports/cybercrime-kill-chain-vs-defense-effectiveness:
     
  2. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,459
    Thanks, MrBrian.

    I find it interesting how the report describes vendor performance claims to be "grossly overstated." That's some pretty strong language there.

    Also interesting how Sourcefire's IPS products did relatively well - I'll admit that surprised me.

    Too bad there are no tests of less orthodox enterprise products (e.g. Bromium).
     
  3. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Some vendors claim 100% detection ratings. It's hilarious that anyone can still take those tests seriously when they see *anyone* getting 100%.

    I'll have to give the above paper a read, although I'm not sure I have any respect left in me for NSS labs' work.
     
  4. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,459
    I haven't seen that yet, but then I (thankfully) haven't yet dealt with proprietary FW/AV/IPS solutions in the corporate arena... Though that may change shortly. I'll cross that bridge when I come to it, I guess.

    ... Care to clarify the reason for said lack of respect?
     
  5. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I've never read anything by them that didn't read like inaccurate bias trash. Not that I comb through their work, but based on what I've read it's all either been bland (common, most places just push out things everyone should already know, and they're as guilty as the rest) or just bad.
     
Loading...
Thread Status:
Not open for further replies.