New Report: On-Premises Security Products Cannot Stop 100% of Infections

As reported by SecurityWeek.com, a new report by NSS Labs Research entitled Correlation of Detection Failures is warning enterprises that using several different on-premises security products –  such as  next generation firewalls, IPSs, and endpoint protection products – cannot detect and block 100% of exploits.

The experts at NSS Labs tested 1,711 exploits against 37 security products, and found that none of them could single-handedly detect all exploits – a result that the report’s principal author Stefan Frei said posed a “serious challenge to the security industry, as they allow an attacker to bypass several layers of defense using only a small set of exploits.”

Frei further warned that “security professionals run the risk of overestimating the security benefits of deploying multiple protection technologies,” especially since it doesn’t appear to matter whether the deployment involves several security products from a single category (e.g. several IPSs), or several products spread out over multiple categories (e.g. IPSs + next generation firewall). “Either deployment method does not always provide the ‘defense in depth’ that we are led to believe exists,” concluded Frei.

Ultimately, this means that there is no way to prevent an infection, even with the use of several on-premises products, and that adding yet another box will not solve this. This is no doubt the reason we are seeing a growing trend of enterprises embracing malware presence detection.