Lastline Ranks Highest in Security Effectiveness in NSS Labs Breach Detection Systems Group Test – Again
We’re proud that Lastline Enterprise has excelled again in the NSS Labs Breach Detection System (BDS) group test.
If you’re not familiar with NSS Labs, it is the world’s largest independent security testing and research organization, conducting challenging independent tests of security products for over 20 years. NSS Labs’ tests are rigorous and comprehensive, designed to provide the comparative testing that most organizations need but lack the time, funding, and staff. (NSS publishes the specific testing methodology it used in this round of tests, in case you’re curious).
The BDS group test looked at these three primary areas, and the bullets illustrate what the test measured in each of those areas:
- Detection rate
- Anti-evasion capabilities (resistance to common evasion techniques)
- Device stability and reliability
- Total Cost of Ownership (TCO)
- Acquisition costs for the BDS and a central management system (CMS)
- Fees paid for annual maintenance, support, and signature updates
- Labor costs for installation, maintenance, and upkeep
- Performance under a range of deployment options/traffic mixes
- Performance when security configurations/policies applied
Six vendors participated in the 2017 Breach Detection System test:
- Check Point
- Trend Micro
Lastline Enterprise earned 100% security effectiveness for 2nd consecutive year. In 2017, just like in 2016, Lastline detected everything NSS Labs could throw at it, including evasive threats that avoid detection by many of today’s “next-gen” firewalls, sandboxes, and IPS.
One of the reports NSS Labs generates is called the Security Value Map (SVM). It’s a useful chart because it combines the findings of the Security, TCO, and Performance tests. It shows Security Effectiveness on the vertical axis and TCO per Protected Mbps on the horizontal axis. We like it because it shows Lastline Enterprise in the upper right, showing 100% Security Effectiveness with a very low TCO.
Evasive Malware and Detection Rates
One more reason why we like the SVM so much is that it shows each product’s resistance to common evasion techniques. Evasion techniques, which enable malware to evade even most security tools including “Next-gen” firewalls, IPS, and sandboxes, are now commonplace—our own Lastline Labs has detected evasion techniques in over 70% of currently circulating malware.
The SVM shows the effect of the ability (or inability) to detect threats using evasive techniques:
- Products with green dots on the SVM are the ones that detected all evasion techniques
- Products with gradients that end in a blue dot show the effect of not detecting evasive malware on their detection capabilities
From the 2017 SVM report: “The highest point of the gradient line represents Security Effectiveness based solely on block rate. However, this is not the only measure of Security Effectiveness—NSS also factors in evasions. Incorporating this additional information allows NSS to calculate a second, lower score (represented by the blue dot), which more realistically depicts the actual Security Effectiveness of a product.”
NSS Labs explains in more detail why this metric is critical: “A product’s effectiveness is significantly handicapped if it fails to detect exploits and malware that employ obfuscation or evasion techniques, and the NSS product guidance is adjusted to reflect this.”
Breach Detection is at The Core of All Lastline Products
The technology that gives Lastline Enterprise its ability to detect threats that other vendors miss is Deep Content Inspection™. Deep Content Inspection is at the core of all Lastline products, and it is the only detection technology that interacts with every piece of malware to deconstruct all the malicious behavior engineered into the malware. Deep Content Inspection’s unsurpassed visibility gives you an inventory of every malicious behavior that you can use to instrument your network against the latest threats.
To Get Your Copy of the BDS Reports
Download the reports to learn more about the NSS Labs 2017 BDS Group Test results.
But Wait There’s More
We’ll also be hosting a webinar soon with a researcher from NSS Labs who will explain how an organization can use these reports to select the right breach detection product. After you download the reports we’ll automatically send you an invitation to the webinar when we schedule it.
Latest posts by Patrick Bedwell (see all)
- Lastline Ranks Highest in Security Effectiveness in NSS Labs Breach Detection Systems Group Test – Again - October 19, 2017
- A Deep Dive into the NotPetya Ransomware Attack - June 27, 2017
- WannaCry Ransomware – What We Know, and What You Can Do - May 15, 2017