Name: CAWS Brings Continuous Live Exploit Testing to Product Testing
Start: 2016-02-23T19:00:00Z
End: 2016-02-23T19:27:33.000Z
Location: BrightTALK
Rating: 3.86

NSS Labs, Inc. is recognized globally as the most trusted source for independent, fact-based cybersecurity guidance.

Representatives from NSS Labs will discuss the results of the 2019 Advanced Endpoint Protection (AEP 3.0) Group Test. In this year's test, 19 comparable products were presented in the Security Value Map™ (SVM) out of 21 tested products from market-leading vendors. Fourteen products achieved a Recommended rating.

An AEP product is one that provides automatic threat prevention and threat event reporting capabilities for every endpoint system it protects. NSS Labs research shows that enterprises evaluating endpoint security products face a wide range of functionalities and often downselect products based on their advanced threat protection capabilities.

Visit our website to download a free copy of the 2019 AEP SVM.

AEP 3.0 Group Test Results

On October 11th, we released the results of our Breach Detection System 5.0 Group Test. All three of the vendors that participated in this test achieved the coveted NSS Labs Recommended rating: Lastline, Fortinet, and Trend Micro.

The test provides enterprises with valuable insights into the security effectiveness, performance, and total cost of ownership (TCO) of the tested products.

•Time-to-Detect: The time it takes for attempted or successful breaches to be detected can influence an attack’s overall impact. The more time an adversary has to operate after breaching a network, the greater the possible damage. For a BDS product, rapid detection and analysis of both successful and attempted breaches is critical in halting the damage caused by breaches. 

•Evasions: Providing results for a product’s detection capabilities without fully factoring in evasions can be highly misleading in terms of understanding security efficacy; therefore, the security effectiveness score includes evasion techniques. In this test, products were tested against 374 evasions. 

•Resiliency: The resiliency of BDS products was measured by introducing a vulnerability along with its triggers and then asking the products to detect it. By testing resilience, NSS Labs shows enterprises which BDS products detect different variations of an exploit. One product demonstrated full resilience against tested attack variants.

Attend our BDS 5.0 Group Test webinar on Tuesday, November 6 at 1:00 p.m. CST to find out how each product scored! Our BDS experts will be available during the webinar to address questions about the test and the products tested.

Breach Detection System (BDS) 5.0 Group Test Results

On September 20th, we released the results of our Next Generation Intrusion Prevention System 4.0 Group Test. The test included products from six of the industry’s leading NGIPS vendors: Forcepoint, Fortinet, IBM, Juniper Networks, Palo Alto Networks, and Trend Micro. This fourth iteration of our NGIPS group test measured:

•Security effectiveness – A security product that fails to protect what’s important to you can lead to catastrophic consequences for your organization. Understanding a product’s capability to provide protection against exploits including evasion techniques will help you evaluate which NGIPS product is the best fit for your organization.

•Performance – Thanks to the rapid adoption of social media, streaming video, teleconferencing, and other bandwidth-intensive technologies, network behavior is changing rapidly. Which NGIPS products have adapted, and what should you consider when you are designing your next-generation network?

•Total cost of ownership (TCO) – Your expenses don’t end when you purchase a product. Installation costs (people), software maintenance, and ongoing policy and log maintenance are some of the expenses you should plan for. Which products have the lowest TCO over a multi-year period?

Next Generation Intrusion Prevention System 4.0 Group Test Results

The software-defined wide area network (SD-WAN) has gained wide adoption in the past few years. In a recent NSS Labs survey, 82.2% of the survey respondents indicated that their organization has already adopted SD-WAN technology. These products provide robust control, and optimization which makes them a compelling alternative to traditional WAN products.

In this groundbreaking inaugural test, nine of the industry’s leading SD-WAN products were examined to help enterprises understand the merits of products in the market and identify the capabilities best suited to meet their use case requirements.

Software-Defined Wide Area Network (SD-WAN) 1.0 Group Test Results webinar

Firewall technology is one of the largest and most mature security markets, and the next generation firewall (NGFW) is a prime example of how cybersecurity controls continue to evolve in the face of a constantly changing attack surface. These network security products combine firewall capabilities with intrusion prevention system (IPS) functionality, application control, user awareness, and the capability to integrate threat intelligence feeds. 

NSS Labs recently announced the results of our Next Generation Firewall (NGFW) 8.0 Group Test. In this year’s test, products from 10 of the industry’s leading NGFW vendors were examined for security effectiveness, performance, and total cost of ownership (TCO). In this eighth iteration of the NGFW test, evasion testing was expanded to include resiliency against modified exploits, and the test also included secure sockets layer (SSL)/transport layer security (TLS) testing.

Tune into this webinar to learn how SonicWall performed in NSS Labs' NGFW 8.0 Group Test.

Next Generation Firewall (NGFW) 8.0 Group Test Results – SonicWall

Enterprises are projected to spend an estimated $96 billion on security products and services in 2018. But will they have the empirical data to know if those investments actually reduce their exposure to threats? In our discussions with chief information security officers (CISOs), within the financial services industry, this lack of information is a recurring topic of concern. 

Supporting this need for ongoing measurement, governments and regulators have produced a number of frameworks that apply to the financial services industry, including NIST, FFIEC, and GDPR (if conducting business in the European Union). All of these frameworks contain mandates for measuring and monitoring security controls. If you have not yet done so, now is the time to think about the resources you will need to implement a successful continuous monitoring program. 

Anil Nandigam, Senior Director of Product Marketing with NSS Labs, will conduct a live demonstration of the Continuous Security Validation Platform. This cloud-based customizable platform provides real-time empirical data regarding the effectiveness of enterprise security controls and also reveals the operating systems and applications most often targeted by today’s active threats. 

In this webcast, you will learn how NSS Labs’ Continuous Security Validation can help your organization:
•Gain visibility into the efficacy of security controls
•Improve internal processes and responses
•Justify existing security investments or budget requests for new solutions
•Demonstrate preparedness to management
•Advance compliance with industry frameworks

Continuous Security Validation for Banking, Financial Services and Insurance

Firewall technology is one of the largest and most mature security markets, and the next generation firewall (NGFW) is a prime example of how cybersecurity controls continue to evolve in the face of a constantly changing attack surface. These network security products combine firewall capabilities with intrusion prevention system (IPS) functionality, application control, user awareness, and the capability to integrate threat intelligence feeds. 

NSS Labs recently announced the results of our Next Generation Firewall (NGFW) 8.0 Group Test. In this year’s test, products from 10 of the industry’s leading NGFW vendors were examined for security effectiveness, performance, and total cost of ownership (TCO). In this eighth iteration of the NGFW test, evasion testing was expanded to include resiliency against modified exploits, and the test also included secure sockets layer (SSL)/transport layer security (TLS) testing.

Next Generation Firewall (NGFW) 8.0 Group Test Results

Despite extensive investment, achieving an effective cybersecurity strategy remains an elusive pursuit. Enterprises spent an estimated US$90 billion on cybersecurity products in 2017, and yet most remain uncertain about their level of protection. 

Anil Nandigam, Senior Director of Product Marketing, will use real-world customer examples to show how NSS Labs’ Continuous Security Validation provides visibility into the efficacy of security controls and delivers empirical data that can be used to rationalize new or existing security investments. 

Watch this informative webcast to learn more about how your organization can start taking a data-driven approach to cybersecurity.

Continuous Security Validation: Know Where You Stand

Whether we are talking about the traditional desktop, laptop, or mobile device, the endpoint is always the target of cybercriminal activity. Advanced endpoint protection (AEP) is a disruptive new technology that focuses on preventing cybercriminals from ever reaching or executing on the endpoint. AEP products employ sophisticated techniques such as machine learning, pattern recognition, or predictive algorithms to detect and block malware and to contain suspicious activities.

NSS Labs recently announced the results of the highly anticipated Advanced Endpoint Protection (AEP) 2.0 Group Test. This year’s test included 20 of the industry’s leading AEP vendors to measure how well each of their products could detect, prevent, and log threats accurately, while remaining resistant to false positives. In addition to security effectiveness, each product was scored according to its total cost of ownership so that enterprises can understand each AEP product's overall value. 

Tune into this webinar to learn how Palo Alto Networks performed in NSS Labs' AEP 2.0 Group Test*.

*Registration information will be shared with both presenting parties (NSS Labs and Palo Alto Networks)

Advanced Endpoint Protection (AEP) 2.0 Group Test Results - Palo Alto Networks

Whether we are talking about the traditional desktop, laptop, or mobile device, the endpoint is always the target of cybercriminal activity. Advanced endpoint protection (AEP) is a disruptive new technology that focuses on preventing cybercriminals from ever reaching or executing on the endpoint. AEP products employ sophisticated techniques such as machine learning, pattern recognition, or predictive algorithms to detect and block malware and to contain suspicious activities.

NSS Labs recently announced the results of the highly anticipated Advanced Endpoint Protection (AEP) 2.0 Group Test. This year’s test included 20 of the industry’s leading AEP vendors to measure how well each of their products could detect, prevent, and log threats accurately, while remaining resistant to false positives. In addition to security effectiveness, each product was scored according to its total cost of ownership so that enterprises can understand each AEP product's overall value. 

Tune into this webinar to learn how Trend Micro performed in NSS Labs' AEP 2.0 Group Test.

Advanced Endpoint Protection (AEP) 2.0 Group Test Results - Trend Micro

NSS Labs recently announced the results of the highly anticipated Advanced Endpoint Protection (AEP) 2.0 Group Test. This year’s test included 20 of the industry’s leading AEP vendors to measure how well each of their products could detect, prevent, and log threats accurately, while remaining resistant to false positives. In addition to security effectiveness, each product was scored according to its total cost of ownership so that enterprises can understand each AEP product's overall value. 

Tune into this webinar to learn how SentinelOne performed in NSS Labs' AEP 2.0 Group Test.

Thursday May 24, 2018 @ 10:00 a.m. CST | 4:00 p.m. CET

Advanced Endpoint Protection (AEP) 2.0 Group Test Results - SentinelOne

Whether we are talking about the traditional desktop, laptop, or mobile device, the endpoint is always the target of cybercriminal activity. Advanced endpoint protection (AEP) is a disruptive new technology that focuses on preventing cybercriminals from ever reaching or executing on the endpoint. AEP products employ sophisticated techniques such as machine learning, pattern recognition, or predictive algorithms to detect and block malware and to contain suspicious activities.

NSS Labs recently announced the results of the highly anticipated Advanced Endpoint Protection (AEP) 2.0 Group Test. This year’s test included 20 of the industry’s leading AEP vendors to measure how well each of their products could detect, prevent, and log threats accurately, while remaining resistant to false positives. In addition to security effectiveness, each product was scored according to its total cost of ownership so that enterprises can understand which AEP products offer the best overall value. 

Attend this webinar to learn how each AEP product scored in this year’s group test!

Advanced Endpoint Protection (AEP) 2.0 Group Test Results

The great contradiction in cybersecurity today is that the more enterprises spend on security and risk controls, the less sure they are about their performance.  Despite extensive effort and investment, achieving an effective cybersecurity strategy remains an elusive pursuit. Enterprises spent an estimated US$90 billion on cybersecurity products in 2017, and yet a recent NSS Labs survey of CISOs in North America reveals that 52% of enterprises see no “value-add” from their currently deployed security products. Security teams are under more pressure than ever to justify budget allocation for security controls, but most of the time, measuring security effectiveness is a guessing game.

Anil Nandigam, Senior Director of Product Marketing with NSS Labs, will conduct a live demonstration of the Continuous Security Validation Platform. This cloud-based customizable platform provides real-time empirical data regarding the effectiveness of enterprise security controls and also reveals the operating systems and applications most often targeted by today’s active threats. Anil will also discuss how an international bank and a top-five management consulting firm are using this platform to make data-driven cybersecurity decisions.  
Register for this informative webcast to learn more about how your organization can work toward eliminating the fear, uncertainty, and doubt associated with cybersecurity.

Enabling data-driven cybersecurity decisions with continuous security validation

The great contradiction in cybersecurity today is that the more enterprises spend on security and risk controls, the less sure they are about their performance.  In this webinar, Anil Nandigam from NSS Labs will conduct a live demonstration of the Continuous Security Validation Platform. Anil will show how organizations can obtain real-time metrics about the effectiveness of their security controls and the unmitigated risks to their systems. He will also present real-world enterprise use cases.


Anil Nandigam is Senior Director of Product Marketing at NSS Labs. Anil has more than 17 years of experience driving products and go-to-market strategy in the computer networking and security industry. Prior to joining NSS Labs, Anil held various senior roles in product management and product marketing positions at FireEye, Cisco, and start-up companies. Anil is a frequent guest speaker at various security conferences such as CERT and has been a contributing member of several SANS Institute webinars and publications. Anil has a Master’s Degree in Computer Science (MS) from the University of Houston and a Masters in Business Administration (MBA) from Santa Clara University.

Eliminating Cybersecurity Obscurity Through Continuous Security Validation

Data center intrusion prevention systems (DCIPS) and data center security gateways (DCSGs) help enterprises protect their end users as well as the intellectual property and mission-critical applications that reside in their data centers. NSS Labs’ 2018 DCIPS and 2017 DCSG group tests include data center network security solutions from Cisco, Fortinet, Juniper Networks, McAfee, Palo Alto Networks, and Trend Micro and measure how effective they are at protecting against today’s exploits and evasions. In addition, performance is measured and total cost of ownership over a three-year-period calculated. Check out this webinar to find out which of these data center network security solutions offer the best protection and overall value.

Data Center Security - Group Test Results

Breach detection systems (BDS) and breach prevention systems (BPS) are capable of providing enhanced protection against advanced malware, zero-day attacks, and targeted attacks. NSS Labs’ 2017 BDS and BPS Group Tests measured the effectiveness of these solutions in real-world threat scenarios that included exploits, malware, offline infections, and evasions. Breach detection and breach prevention solutions from Check Point, Cisco, FireEye, Fortinet, Juniper Networks, Lastline, Palo Alto Networks, and Trend Micro are included in one or both of our breach security group tests. Sign up for our webinar to learn more about these test and to see which products received the coveted NSS Labs Recommended rating.

Breach Detection System and Breach Prevention System – 2017 Group Test Results

Next generation intrusion prevention systems (NGIPS) have been widely implemented by US enterprises to catch sophisticated attacks such as zero-day and advanced malware. In our most comprehensive test to date, nine NGIPS products were tested from eight vendors: Check Point, Cisco, Forcepoint, Fortinet, IBM McAfee, Palo Alto Networks, and Trend Micro. Only four of the nine products tested properly detected and blocked attacks when evasion techniques were applied. Tune in to our webinar to learn how these products scored in terms of security effectiveness and performance.

Next Generation Intrusion Prevention Systems (NGIPS) – 2017 Group Test Results

The threat landscape is constantly evolving—even as enterprises add new security controls, attackers are finding new ways to penetrate their defenses. Security products that blocked threats yesterday (or even a few hours ago) could today be bypassed by new threats, thereby putting organizations and their critical assets at risk. Now, more than ever, you need a way to continuously validate the security controls you have in place.

Continuous Security Validation: How effective is your security?

NSS Labs announces that it is integrating the Cyber Advanced Warning SystemTM (CAWS) into all live stack testing in security product group tests. CAWS is the world’s first and only security as a service (SaaS) solution that pinpoints active exploits, identifies targeted asset types, and measures security product effectiveness against exploits continuously. Given the highly dynamic nature of threats, continuous threat handling insight is a significant improvement in providing purchase and risk mitigation guidance to enterprise security teams. Sign up for the webinar to learn more.

CAWS Brings Continuous Live Exploit Testing to Product Testing

caws

nsslabs

exploits

cyber

threats

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Practicing business intelligence allows your company to transform raw data into sets of insights for targeted business growth. The business intelligence and analytics community on BrightTALK is made up of thousands of data scientists, database administrators, business analysts and other data professionals. Find relevant webinars and videos on business analytics, business intelligence, data analysis and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Business Intelligence and Analytics

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

CAWS Brings Continuous Live Exploit Testing to Product Testing

Presented by

About this talk

More from this channel