Real-World Testing Cuts Through Marketing Hype

Last week at the BlackHat convention in Las Vegas, Lidia Giuliano and Mike Spaulding gave a presentation entitled, “Lies, and Damn Lies: Getting Past the Hype of Endpoint Security Solutions.” Upon starting the presentation, Mike joked that they could have renamed it “Lawsuits, and Damn Lawsuits” for reasons that I’ll explain below.

With a combined 35 years in Information Security between them, Mike and Lidia have seen their share of infosec marketing hype. However, to effectively deal with rampant ransomware in their environment, they wanted to cut through all the hype.

Just like all security teams, they knew they needed to focus on protecting themselves, rather than buying into all the marketing buzzwords of the day. In their case, their business-centric goals were to reduce incidents, reduce people costs, keep the reputation of the firm, and keep the business running.

Testing Real-World Scenarios

As they began talking to vendors about potential solutions, they quickly realized that they would need to create their own test framework to effectively test their own real-world scenarios. They initially selected eight vendors, but once Mike and Lidia explained that they would essentially be doing a bakeoff, three vendors quickly dropped out.

Vendors dropping out of their test framework project speaks volumes – many vendors must realize that their products perform in the subpar range during real-world testing.

Throughout the course of the project, vendors gave Lidia and Mike varying kinds of bad advice:

  • Some vendors tried to seduce them into testing only within the vendor’s own cloud-based environment. Mike and Lidia saw right through this sham – the vendor controls the entire environment, which, of course, makes their product look superior and more effective than the competition.
  • Some vendors told them to only protect critical servers. Yet, in their environment, file shares were (Read more...)

*** This is a Security Bloggers Network syndicated blog from Cylance Blog authored by Alan Krassowski. Read the original post at: