It’s necessary to keep pace with the innovation in threats and countermeasures. The problem is it’s hard to keep track of which company is doing what because of the sheer volume.
For example, there were roughly 250 exhibitors at the 2019 Black Hat USA conference where at least 20 new products were launched. Similarly, this year’s RSA Conference was even larger, with some 600 exhibitors and about 30 new product launches.
There’s a lot of investment fueling security innovation as well. Venture capital firms invested some $5.3 billion in cybersecurity startups, over about 350 deals in 2018. “That’s up from 20 percent – $4.4 billion – from 2017, and up from close to double on 2016,” according to TechCrunch.
Clearly, there’s a lot going on. So, how can you keep track of the innovation in cybersecurity?
One technique is to turn to the technology analysts. They strive to document, categorize and otherwise, makes sense of what’s happening in the network security space.
We’ve recently been named in a hat trick of pieces by some of these researchers – and we thought it would be useful to share links to those references here.
1) The five components of modern network security
Jon Oltsik of Enterprise Strategy Group says networks have evolved and so network security must evolve too. He’s identified five aspects he thinks a modern network security program must support. Those include:
- “end-to-end coverage”;
- “encryption/decryption capabilities throughout”;
- “business-centric segmentation”;
- “central control plane and distributed enforcement”; and
- “comprehensive monitoring and analytics.”
Then he adds this about comprehensive monitoring and analytics:
“As the old security adage goes, ‘the network doesn’t lie.’ Since all cyber-attacks use network communications as part of their kill chain, security analysts must have access to end-to-end network traffic analysis up and down all layers of the OSI stack. The best NTA tools will supplement basic traffic monitoring with detection rules, heuristics, scripting languages, and machine learning that can help analysts detect unknown threats and map malicious activities into the MITRE ATT&CK framework.”
He suggests CISOs review both startups and incumbents alike and even calls out a few by name.
Read what this analyst has to say: Modern Network Security Transformation.
2) Intrusion Detection and Prevention Systems
We know the venerable intrusion detection and prevention systems (IDPS) is a widely used security tool and for good reasons. We’ve also noted modern systems can provide additional protections in the race against time between vulnerability and patch – and in network segmentation to mitigate laterally spreading malware.
Read what the analysts have to say: Bricata Included as a Representative Vendor in a new Market Guide for Intrusion Detection and Prevention Systems by Gartner, Inc.
3) Network Traffic Analysis
There are many new realities in network security and two we’ve discussed for a while now are a) the need analyze network traffic that flows east-and-west in addition to that which flows north-and-south; and b) it’s harder for threat actors to hide behavior. It’s a concept that seems to be catching on.
Read what the analysts have to say: Bricata Included as a Representative Vendor in the Inaugural Market Guide for Network Traffic Analysis by Gartner, Inc.
* * *
Bricata has simplified the four critical capabilities enterprises need for comprehensive network protection: visibility, threat detection, threat hunting, and post-detection actions. If you’d like to see our solution in action, you are welcome to schedule a live demonstration.
If you enjoyed this post, you might also like
Three Triggers Telling You It’s Time to Reconsider Your Network Security Strategy