Threat actors are demonstrating the capability to bypass protection offered by conventional endpoint and perimeter security solutions. Enterprises must in turn evolve their network defenses to incorporate a different kind of protection, one that NSS Labs defines as a breach detection system (BDS). Through constant analysis of suspicious code and identification of communications with malicious hosts, breach detection systems are capable of providing enhanced detection of threats ranging from commodity malware to targeted attacks from state-sponsored threat actors that could bypass defenses such as next generation firewalls (NGFWs), intrusion prevention systems (IPS), intrusion detection systems (IDS), antivirus/endpoint protection (including host IPS), and secure web gateways (SWGs). NSS test reports are designed to address the challenges faced by IT professionals in selecting and managing security products.
The scope of this particular methodology includes:
- Security effectiveness
- Stability and reliability
- Total cost of ownership (TCO)