Network behavior anomaly detection collects flow-based information from networking devices to root out abnormal...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
behavior. NBAD demonstrates how a technology can gain traction when it is delivered as a key feature within a broader threat protection product rather than a standalone one. Sourcefire, for example, now includes NBA features in its 3D system. The Dragon Security Command Console from Enterasys Networks also combines IDS and IPS methodologies with NBA into a single product.
Overall, I think these mergers have improved many Web security product suites, which have quickly acquired additional functionality and sophistication. You can expect to see significant enhancements to many popular products, particularly when it comes to Web application vulnerability detection tools. We are also likely to see more integration in the area of security management consoles. System administrators' lives will be made easier when they can manage security settings from a single management dashboard.
Does all this present an opportunity for your company to get a good deal from a vendor? I definitely think so. Because attacks and defense technologies develop and change so quickly, no one security vendor has managed to become the clear market leader in its field. Plus the top risks are subject to change. For many years, for example, security tools emphasized perimeter defenses. Now, companies are shifting to internal network protection. Compliance requirements are also affecting purchase decisions. The variety of security risks prevent any vendor from charging a premium for its products. The volume of sales therefore is an important factor in any security company's success.
Before investing any of your hard-won security budget, I recommend testing and reviewing several possible Web security products and let the vendors know that you are testing their tool against possible alternatives. You will find that your bargaining position is quite strong, particularly if you include some of the excellent free, open source security products in your trials. Do remember, though, that your security policy – not a salesperson -- must dictate which features your Web security product should have. Also, you must be confident that you have the in-house skills to configure and manage the product that you finally choose.
Dig Deeper on Web application and API security best practices
Related Q&A from Michael Cobb
A technique known as the GhostHook attack can get around PatchGuard, but Microsoft hasn't patched the flaw. Expert Michael Cobb explains why, as well...continue reading
Software developed by the hacking group Platinum takes advantage of Intel AMT to bypass the built-in Windows firewall. Expert Michael Cobb explains ...continue reading
Tensions between the U.S. and Russia have led to source code reviews on security products, but the process isn't new. Expert Michael Cobb explains ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.