If you spend a lot of time with security vendors and testing their products, you are likely bombarded with sales pitches touting “next generation” of X, “real-time prevention” of Y, or “advanced” Z. These are all good things but studies suggest (PDF) security professionals are in short supply, and they are busy fighting fires caused by current products and lack the time to evaluate new ones. Our intent is to provide a five-point guide for security professionals looking to embark on the path of security enlightenment.
In our experience through meeting with more than 1,000 organizations evaluating security products and services, the following considerations resonate:
No one gets excited about buying point products. An all too common customer pain point is the lack of context associated with a partial view of a security event. A full picture and visibility into what’s happening at the network and endpoint and with the user and device is needed. This includes an understanding of what’s happening on cloud networks not fully owned or controlled by the organization. Correlation of netflow, full packet capture and logs in a comprehensive platform is needed to illuminate the full picture.