tag:blogger.com,1999:blog-331449022024-02-28T07:38:26.354-08:00Comments on Security and Other Topics by Craig KensekPostings on network security, Silicon Valley, technology, wine, infrastructure, that ubiquitous cloud, SaAS, web 2.0, marketing, management, strategy, Companies that may be mentioned include the usual security suspects. To name a few, in no particular order - Panda, Trend Micro, ESET, Avast, Symantec, BitDefender, Kaspersky, McAfee, Sophos. All of whom market their products as providing much above average security ;) .Unknownnoreply@blogger.comBlogger328125tag:blogger.com,1999:blog-33144902.post-25265718903386053942015-12-17T14:18:00.001-08:002015-12-17T14:19:44.161-08:00AV-Comparatives Real World Protection Test – August to November 2015<div class="MsoNormal">
Kaspersky and BitDefender topped twenty companies in
AV-Comparatives Real World Protection Test, August to November 2015. These
companies finished in the top two, receiving three stars. Both had only one
compromised file. Six other companies
received three stars over the test period.
Eight of the twenty companies in the test received two stars. Default settings were used for all products.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Trivia question – which North America based malware company
received three stars?</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Four companies merit the Hall of Shame award for the period,
garnering one or zero stars. From the bottom up, ThreatTrack Vipre, Lavasoft,
Quick Heat and BullGuard. Banished to a
timeout corner for being in triple
digits for wrongly blocked files – Mcafee, ThreatTrack, and Lavasoft. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
An informative graphic in the report depicts the range of
protection over the four-month period for each product. The top products were
extremely consistent, which is what you would want in a security solution. The bottom products, less so. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Not all results are being provided because there is no
charge for the report. It can be downloaded at <a href="http://www.av-comparatives.org/dynamic-tests/">http://www.av-comparatives.org/dynamic-tests/</a>. You can also learn more about the test methodology in the fourteen-page
report. The products tested ranged from
free antivirus to internet security suites.
Kudos to AV-Comparatives for detailing some of the statistics
methodologies used in compiling their report. Your eyes won’t glaze over as you
read about this. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
As always, the top products may not be top in terms of
number of “likes” they’ve received on their respective Facebook pages. In the
denouement, should one give more weight to independent third party testing, or
a fan club? </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
An interesting article to read by Adam Winn at San
Francisco based OPSWAT, (<a href="http://www.opswat.com/">www.opswat.com</a>) <a href="https://www.opswat.com/blog/sorry-symantec-antivirus-not-dead">Sorry
Symantec - Antivirus is Not Dead</a> .
Today’s antivirus/malware protection utilizes more than just pattern
files and heuristics.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Hall of Shame and timeout corners are not part of
AV-Comparatives’ formal designations. You can learn about the organization at <a href="http://www.av-comparatives.org/">www.av-comparatives.org</a> </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The trivia question answer – none. McAfee and Fortinet received two stars.</div>
<div class="MsoNormal">
<br /></div>
<br />
<div class="MsoNormal">
<br /></div>
Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-33144902.post-80330443620467034022015-12-06T16:47:00.001-08:002015-12-06T17:57:31.113-08:00McAfee Going Away as a Brand?<br />
<div class="MsoNormal">
Will 2016 by the year that the McAfee brand will
disappear from the public consciousness, or as a SKU, anyway? If so, it will be the end of an era that
began with McAfee’s founding in 1987. <o:p></o:p></div>
<h2>
About McAfee</h2>
<div class="MsoNormal">
<o:p></o:p></div>
<div class="MsoNormal">
Wikipedia has published a history of McAfee. Some of the below has not made it into that history (or was edited out).</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
At one point in time, during its growth phase, McAfee actively
sold off firms that it did not see as being among the top three in their niche. One of their sales (when they had the Network
Associates name), was the data encryption company PGP (Pretty Good Privacy)
which they had originally acquired in 1997, to some of the founders of PGP. This was probably a whoops. In 2010, Symantec
purchased this company, the same year Intel acquired McAfee.</div>
<div class="MsoNormal">
<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
To encourage use of their desktop product, McAfee
aggressively gave away trial versions (remember CD’s?) of their endpoint
product, causing some of their competitors to refer to the company as
“McAfree”.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
In the late 1990's, Trend Micro sued McAfee (and ultimately
other, for patent infringement) "We are not just in it for the
royalty," said Trend Micro's general counsel Bob Lowe. "Our main goal
is having the products be prevented from being sold." Nonetheless, the suit ended with a
cross-licensing agreement.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The “rumor mill” had it that one McAfee executive used to
keep a firearm in his desk.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
In April 2003, after purchasing Intrusion Prevention company
Intruvert for $100M, the company’s repositioned itself on its website as an
intrusion prevention company. In fact, Barron’s in 2005 referred to McAfee as a
leader in intrusion prevention <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
On January 4, 2006, the Securities and Exchange Commission
filed suit against McAfee for overstating its 1998–2000 net revenue by $622
million. Without admitting any wrongdoing, McAfee simultaneously settled the
complaint, and agreed to pay a $50 million penalty and rework its accounting
practices. <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Several executives left McAfee in the mid 2000’s in part because
of an investigation related to back dating of options. The execs were exonerated. The CEO
resigned at this time, for other reasons, and, went outside the company for a
new CEO.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
On August 19, 2010, Intel announced that it would buy McAfee
for $48 a share in a deal valued at $7.68 billion. There was some push back from
the European Union as they felt this deal would give Intel an unfair advantage
in desktop security, but the deal did go through.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
On January 6, 2014, Intel CEO Brian Krzanich announced
during the Consumer Electronics Show the name change from McAfee Security to
Intel Security. He stated that the
McAfee red shield logo would remain and the firm would continue to operate as a
wholly owned Intel subsidiary. <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
On the consumer side over the years, McAfee has been battling Symantec on the paid front. Market share? Around 12th in the October OPSWAT market share report. Mixed results in AV-Comparatives testing. They haven't been tested by Virus Bulletin in several years. </div>
<h2>
Jumping Forward to 2015<o:p></o:p></h2>
<div class="MsoNormal">
October 28, 1915- Search Cloud Security - Intel Pulls Plug on McAfee SaaS Security Products</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Intel Security will stop selling McAfee SaaS Endpoint and SaaS Email Protection
and Archiving. Although new sales will stop in 2016. Existing customers can
continue renewing their subscription and receiving support until Jan. 11, 2019,
Intel Security said in its notices. Depending on certain subscription types,
limited support will be available for some services until 2021.<o:p></o:p></div>
<div class="MsoNormal">
<a href="http://searchcloudsecurity.techtarget.com/news/4500256341/Intel-pulls-the-plug-on-McAfee-SaaS-security-products">Search
Cloud Security Article</a><o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
October 29 - 2015 Channelnomics - McAfee Brand Will Stay
for Now<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
McAfee as a brand still holds a lot of equity for Intel
Security, Lisa Matherly, and Intel VP of worldwide partner programs, marketing
& operations, told Channelnomics at Intel Security's Focus 15 event in Las
Vegas. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
"There is a lot of equity in the McAfee brand and there
is some association with security with the Intel brand, but not as strong as
the McAfee brand," Matherly pointed out. "So that's really what we're
trying to do - bridge that and introduce the Intel security brand, start
associating the security there, but also leverage what we have in the McAfee
brand for the product portfolio. She added that the future of the McAfee brand
is uncertain now and will be driven by the market.<o:p></o:p></div>
<div class="MsoNormal">
<a href="http://www.channelnomics.com/channelnomics-us/news/2432502/mcafee-brand-here-to-stay-for-now-at-least">McAfee
Brand to Stay, for Now at Least?</a><o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
November 5, 2015 - Intel Security Confirms Divestiture of
McAfee NGFW, Firewall Enterprise Businesses in Memo to Partners <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
In a memo to partners, Intel Security confirmed its divestiture of its McAfee Next-Generation Firewall and McAfee
Firewall Enterprise businesses to Raytheon/Websense<o:p></o:p></div>
<div class="MsoNormal">
<a href="http://www.crn.com/news/security/300078725/intel-security-confirms-divestiture-of-mcafee-ngfw-firewall-enterprise-businesses-in-memo-to-partners.htm">From
CRN</a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
So, pieces are being sold. Other pieces are being end of lifed. Other pieces are being retained though the word "McAfee" appears to be going away. </div>
<h2>
Other Firms to the Rescue<o:p></o:p></h2>
<div class="MsoNormal">
<o:p> </o:p>Since these announcements, Mimecast and Sophos have leapt to the rescue,
offering special pricing for users of some McAfee products.</div>
<br />
<div class="MsoNormal">
Mimecast - You need a new solution offering both similar
features and a smooth migration path – without worrying about a financial
burden.<o:p></o:p></div>
<div class="MsoNormal">
<a href="http://info.mimecast.com/mx-logic-migration-offer.html?utm_medium=SEMPPC&utm_source=GooglePPC&utm_campaign=31789917&gclid=CMv27-vxw8kCFU9hfgod_MYMxw">Mimecast
Promo</a><o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Sophos Promo - We Can Help Today. McAfee retired its email security and archiving products,
and now you are scrambling to find an alternative. However, we have good news.
Sophos’ solutions will help you turn an annoying replacement project into an
upgrade opportunity. And we can do it right now.</div>
<div class="MsoNormal">
<o:p></o:p></div>
<div class="MsoNormal">
<a href="https://www.sophos.com/en-us/lp/mcafee-migration.aspx?cmp=701j000000090y9AAA&utm_source=google&utm_medium=google&utm_campaign=NA-McAfee-Search">Sophos
Promo</a><o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Hold, hold onto those McAfee CD’s, tee shirts, and trade show
giveaways. It may be the end of an era but they may be worth something on eBay.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
One question (beyond the scope of this piece), is whether
Intel should have even purchased McAfee in 2010 years ago? They are keeping some of the
components. At the time (and even currently) large companies are purchasing
jumping onto the security bandwagon to strengthen their security offerings or
get into the business.</div>
<div class="MsoNormal">
<o:p></o:p></div>
<div class="MsoNormal">
Also beyond the scope of this piece is any discussion of
John McAfee, McAfee’s founder, who filed
to run for president in early September!<o:p></o:p></div>
<div class="MsoNormal">
<a href="http://www.nbcnews.com/politics/2016-election/ex-fugitive-anti-virus-creator-john-mcafee-running-president-n423881">NBC
News - John McAfee to Run for President?</a> <o:p></o:p></div>
<br />
<div class="MsoNormal">
Another discussion - worthy of it's own post, will be the future of desktop/endpoint security since pundits' views on this cross the spectrum as to the solution's viability.</div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-33144902.post-74232401883856565222015-11-10T07:26:00.000-08:002015-11-10T07:26:38.684-08:00AV Comparatives Performance Test – Impact of Security Software on System Performance Report October 2015<div class="MsoNormal">
AV Comparatives has released their <i>Performance Test – Impact of Security Software on System Performance
Report</i>. Nineteen products were tested. Eleven products received three
stars. The top three products were in
order, Avira, Avast, and Kaspersky. Congrats to
these three! Products tested were a
combination of free and paid, antivirus, and internet security suites. The hall of shame award for this test goes to Fortinet and ThreatTrack; both
received one star. Windows 10 systems were used during the test.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Note that this test doesn’t test an ability to protect against malware. For
that, you would have to look at other tests by AV-Comparatives. In a tie-breaking
situation between a few products that performed equally well at stopping and
removing malware, the performance test could be a tiebreaker. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
To access the and download the report: <a href="http://www.av-comparatives.org/performance-tests/">http://www.av-comparatives.org/performance-tests/</a> </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<a href="http://www.av-comparatives.org/">www.AV-Comparatives.org</a> used the performance testing suite PC Mark 8 Professional, to measure system impact for the test.</div>
<div class="MsoNormal">
<br /></div>
<br />
<div class="MsoNormal">
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-33144902.post-69207970223207393252015-11-09T11:00:00.000-08:002015-11-09T20:24:41.778-08:00Security Predictions for 2016 or “Let the internet security prognostication begin”<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";">It’s that
time of the year, when security pundits make their security predictions and comment on
trends for 2016. Of course, it would be great if the pundits who came out with
predictions for 2015 came out with a report card in early 2016. </span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<a href="https://www.blogger.com/null" name="_GoBack"></a><i><span style="font-family: "arial" , "sans-serif";">Trying to predict the future is like
trying to drive down a country road at night with no lights while looking out the
back window - Peter Drucker<o:p></o:p></span></i></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b><span style="font-family: "arial" , "sans-serif";">Consolidation in the Security Sector<o:p></o:p></span></b></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";">Look for continued
security consolidation as some of the larger vendors utilize the strategy that it
is quicker and easier to buy a technology to broaden their security portfolio
than to develop the technology internally. At the same time, some larger
companies will sell off their (incomplete) portfolio of security products to
focus on other sectors. There are rumors, for example, about SonicWall being
put on the market by Dell. Of course, FireEye rumors are making the rounds after their Q3 results.<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";">Look for
other vendors to analyze the market, do a make/buy analysis and then license
missing technology from smaller, more agile, companies. <o:p></o:p></span></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";"><br /></span></div>
<div class="MsoNormal">
<i><span style="font-family: "arial" , "sans-serif";">“If you think technology can solve
your security problems, then you don’t understand the problems and you don’t
understand the technology.” – Bruce Schneier<o:p></o:p></span></i></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b><span style="font-family: "arial" , "sans-serif";">Bubble Will Burst on Some Newly Public
Security Vendors<o:p></o:p></span></b></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";">At some point
in time, companies have to generate cash and after working through the wonders
and options of tax accounting, companies have to show a bottom line
profit. Look for investors getting tired
of “but we’re going after market share” and selling their stock. For others,
shorting activity will increase. An offshoot
of this is that these companies will become less expensive to acquire. Happiness
is positive cash flow. <o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b><span style="font-family: "arial" , "sans-serif";">Splitting (breaking?) of Humpty Dumpty.
Symantec and Hewlett Packard<o:p></o:p></span></b></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";">Symantec has
retired their vision (several years old) of becoming a widely diversified
company (begun by John Thompson) and is splitting/divesting into security
focused Symantec, and back up and recovery, SDN, and governance focused Veritas.
Hewlett Packard has split into two companies. HP Inc.</span> <span style="font-family: "arial" , "sans-serif";"> holds the printing and personal systems side
of the business, selling printers, scanners, displays, personal computers
(laptop, desktop, and tablets), and the supplies and services
associated with them. Hewlett-Packard
Enterprise will handle the hybrid cloud, servers, storage, converged systems,
networking, management software, and the services necessary to run an
enterprise. They are both Fortune 100 companies, the latter
led by Meg Whitman, and the former by</span> <span style="font-family: "arial" , "sans-serif";">Dion
Weisler. Not bad for a company that
began in a garage in Palo Alto, selling to Disney. <o:p></o:p></span></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";">One of these
splits will work out much better than the other one. That
one being….Symantec. HP Enterprises, and HP, Inc. are still battleships. <o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b><span style="font-family: "arial" , "sans-serif";">Life is a Breach<o:p></o:p></span></b></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";">There will be
at least one major security breach, for a number of reasons. Some companies have still not gotten the memo
about cybercriminals, thinking, “It can’t happen to us” and are being slow in
their investments. There are a number of
bright cybercriminals out there. They design their own methods of attack. They may rent use of a botnet as part of
their attack strategy. If the CIO/CEO want
to maintain their title, look for full transparency, accepting the blame,
laying out the groundwork to prevent this from happening again (hopefully), and
protecting their customers. Classic disaster recovery procedure, often not
followed. <o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b><span style="font-family: "arial" , "sans-serif";">Cybercriminals Will Broaden Their
Target Base<o:p></o:p></span></b></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";">Cybercriminals
will increase the number of vertical markets they go after and the size of the
typical breach will be smaller. The number of breaches (reported anyway) will
decrease. From a CSO Online article - Jody Westby, CEO of Global Cyber Risk, “it
is the data that makes a business attractive, not the size – especially if it
is delicious data, such as lots of customer contact info, credit card data,
health data, or valuable intellectual property.” </span><span style="font-family: "arial" , "sans-serif";"><a href="http://bit.ly/1BcYw8W">http://bit.ly/1BcYw8W</a></span><span style="font-family: "arial" , "sans-serif";"> <o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";">The Identity
Theft Resource Center (ITRC) reported in October that there has been 606 data
breaches recorded through October 13, 2015, and that more than 175 million
records have been exposed. The top 4
sectors with respects to incidents, business (39%), health care (36%), banking
(10%), and government (8%) 68% of the records exposed were in the health care sector.
There were over 780 data breaches in 2013.<o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b><span style="font-family: "arial" , "sans-serif";">We Will Continue to be Our Own Worst
Enemy<o:p></o:p></span></b></div>
<div class="MsoNormal">
<i><span style="font-family: "arial" , "sans-serif";">“Companies spend millions of dollars
on firewalls, encryption and secure access devices, and it’s money wasted,
because none of these measures address the weakest link in the security
chain.”- Kevin Mitnick<o:p></o:p></span></i></div>
<div class="MsoNormal">
<i><span style="font-family: "arial" , "sans-serif";"><br /></span></i></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";"> A warning from your browser not to visit that
site? A found thumb drive? New pictures of (fill in the name of your
favorite celebrity) on the web or as an attachment to your email. These are the internet equivalent of wet
paint signs. Some people just have to check for themselves. More security aware
companies will do more than have people look at a slide presentation on
security and take a quiz once a year. They’ll send their own employees phishing
emails, among other tactics. <o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b><span style="font-family: "arial" , "sans-serif";">The Wisdom of Crowds<o:p></o:p></span></b></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";">James Surowiecki,
in the book “The Wisdom of Crowds”, speculated that large groups of people are
smarter than an elite few, no matter how brilliant–better at solving problems,
fostering innovation, and coming to wise decisions. In 2016, market share of
consumer AV/Malware purchases will probably still continue to be more a
reflection of how many “likes” a product receives, rather than how they are
reviewed by a PC Publication, or test organizations
AV-Comparatives, or AV-Test. Scary. Whom are you going to trust? Your doctor or
your Facebook friends?<o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b><span style="font-family: "arial" , "sans-serif";">A Growing use of Something Other Than Passwords <o:p></o:p></span></b></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";">The top 20
list of passwords for 2016 may not vary greatly from 2015, look for more people
to use some sort of biometrics or Multi-factor Authentication (MFA), to enhance
the security of their devices. This will occur in businesses more quickly than
in the consumer marketplace. According to an article in CNET at the beginning
of the year, the top 10 passwords of 2014 were 123456, password, 12345,
12345678, QWERTY, 1234567890, 1234, baseball, dragon, and football. If your
password looks anything like this, or is your pet’s name, change it
immediately. There are a number of articles on creative ways of making up
passwords or using different figures you can draw on your keyboard. At minimum,
consider reading a few articles and select a method that works for you. <o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";">“<b>Showtime” - The Government or a Large Security
Vendor will take the Offensive </b><o:p></o:p></span></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";">At some point
in time, negotiations just aren’t cutting it.
Look for a concerted attack against some cybercriminals, whether they’re
independent, being treated with benign neglect in their native country, or
being subsidized. This is despite any
negotiations taking place with some countries on an international level.
Sometimes the best defense is a good offense.
“The Darknet: Is the Government Destroying 'the Wild West of the
Internet?” is a November Newsweek article that’s an interesting read. </span><a href="http://bit.ly/1MR5kAX"><span style="font-family: "arial" , "sans-serif";">http://bit.ly/1MR5kAX</span></a><span style="font-family: "arial" , "sans-serif";"> <o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b><span style="font-family: "arial" , "sans-serif";">Government Takes the Lead in Sharing
of Information between Security Vendors<o:p></o:p></span></b></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";">The bragging
right for many security companies is how quickly they identify and react to
threats, and update their existing customers almost immediately. They are not going to want to share this
information with competitors as quickly.
Look for the government to be the driver in information sharing. One
question that arises – how open will this table be for all security vendors or
will it be a selective group? <b><span style="color: #2a2a2a;"> “</span></b><span style="color: #2a2a2a; mso-bidi-font-weight: bold;">Senate passes cybersecurity information sharing bill
despite privacy fears.” Washington Post, October 27. </span></span><a href="http://wapo.st/1KFbFIc"><span style="font-family: "arial" , "sans-serif"; mso-bidi-font-weight: bold;">http://wapo.st/1KFbFIc</span></a><span style="color: #2a2a2a; font-family: "arial" , "sans-serif"; mso-bidi-font-weight: bold;"> </span><span style="color: #2a2a2a; font-family: "arial" , "sans-serif"; font-size: 29.0pt; line-height: 107%;"><o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b><span style="font-family: "arial" , "sans-serif";">The News of the Death of Endpoint
Security Has Been Greatly Exaggerated<o:p></o:p></span></b></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";">To paraphrase
a quotation by American humorist Mark Twain.
The reliance of AV/malware products on signature files to detect threats
has been declining for years. The endpoint is the
last line of defense. Technologies relying on heuristics are not the whole
solution. Look for endpoints to use such techniques as artificial intelligence
and machine learning, whether powered at the endpoint or in the cloud to lead
the way. Despite statements by Symantec and others, do not look for AV/malware
protection provided at the endpoint either installed their or involving
technology in the cloud to disappear anytime soon. <o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b><span style="font-family: "arial" , "sans-serif";">Who will be Among the Top New Innovative
Security Companies in 2016?<o:p></o:p></span></b></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";">Good question.<span class="MsoHyperlink"><o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";">On November
3, SINET announced their top 16 innovators (revenues under $15 million) for
2015. These companies were: Bayshore
Networks, Inc., BehavioSec, Gurucul Solutions, Lastline, Netskope, Onapsis,
Inc., Palerra, Inc., PFP Cybersecurity, Pindrop Security, QuintessenceLabs, RedOwl Analytics, Secure
Islands, SecurityScorecard, Sqrrl Data,
Inc., TaaSera, Inc., Vectra Networks, Inc., You may be hearing from these
companies over the course of 2016. Gartner and others will be coming out with
their lists.<o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<br />
<div class="MsoNormal">
<span style="font-family: "arial" , "sans-serif";">A mantra for 2016,
“Friends don’t let their friends be mindless about security.”</span></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-33144902.post-72992277221796225882015-10-26T20:33:00.000-07:002015-10-26T20:33:51.273-07:00CompTia Survey - 17% of people would put a found USB stick in their laptop. Ouch or fantastic?<div class="MsoNormal">
In a CompTia survey written about by Softpedia in “One of the
Biggest Security Risks: Naive People Connecting Lost USBs to Their PCs”, an interesting statistic came up. As part of the study, 200 USB sticks were left
in high traffic locations in US cities.
20% (forty) were picked up and 17% were connected to people’s laptops. According to the article, The USB sticks used
in the experiment contained a text file, which included instructions asking the
user to send an email to a specific address, or to click through a trackable
URL. <a href="http://bit.ly/1Mo6L9N">http://bit.ly/1Mo6L9N</a>
</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The reporter found the 17% figure worrisome. I’ll take a contrarian view.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
At RSA San Francisco 2013, we conducted a security survey,
gathering 300 responses. 78% of those
responding said that they had once found a USB and plugged it into their
laptop! 68% of those surveyed had been
involved in a security breach, either at home, or in their office. <a href="http://reut.rs/1RaHiPh">http://reut.rs/1RaHiPh</a>
</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
While 17% is a frighteningly high number, that is a 61%%
drop from what I found just two and a half years earlier!</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
A found USB stick is an internet equivalent of coming across
a
“Wet Paint” sign. You just have to check it out yourself. We are our own worst
enemies. More training is need. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
For an interesting read on the use of infected USB sticks
for good, Google and read about Stuxnet, a 500-kilobyte computer worm that
infected the software of at least 14 industrial sites in Iran, including a
uranium-enrichment plant. </div>
<div class="MsoNormal">
<br /></div>
<br />
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-33144902.post-29729070161152377152015-10-18T20:01:00.002-07:002015-10-20T15:45:16.442-07:00The Pareto Principle and the Pursuit of Perfect Internet Security – a Parable<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">Not so long ago, a bright security professional and a firm
believer of the Pareto Principle, was tasked with designing and implementing an
impregnable security solution for his company’s internet. He did his research
and arrived at what he thought was an accurate total cost of $4M. Just prior
to striding into his manager’s office for approval, he had a quick discussion
about the project with a recent new hire reporting to him about the project.<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">“I’d be careful,” she advised. “At my last company, we found
that each major phase cost 50% more than the previous phase. We had several
discussions about ‘risk profiles’ and ‘perfect protection’ before getting
buy-in on deliverables and budget on a less ambitious result.”<span style="mso-spacerun: yes;"> </span><o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">The bright security professional thanked her and said, “I’m
quite confident in my projections and will stake my job on this project. In
fact, I will bring it in under budget.”<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">So, the bright security professional met with his somewhat
parsimonious manager, and guaranteed the results. “In fact,” he said, “the
first phase of the project will get us 80% there for only $800k." The manager
said, “Fine, but go over budget on this and your next position will have you
saying, ‘Would you prefer a grande or a venti latte?’” and with that, the
project was approved.<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">At the completion of the project, how much under budget was
the confident security professional?</span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">First, the Pareto Principle is named after economist
Vilfredo Pareto (1848-1923), From Investopedia, <i style="mso-bidi-font-style: normal;">“The principle states that, for many phenomena, 20% of invested input
is responsible for 80% of the results obtained. Put another way, 80% of
consequences stem from 20% of the causes. Also referred to as the "80/20
rule".”<o:p></o:p></i></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">The answer is – the individual left to “pursue other
opportunities” when he found himself having exhausted the budget, told his manager
<span style="mso-spacerun: yes;"> </span>that he now felt that 100% was unobtainable
and that <span style="mso-spacerun: yes;"> </span>it would cost an additional
$2.5M to get to 97.5% protection.<o:p></o:p></span></div>
<br />
<h2 style="margin: 2pt 0in 0pt;">
<span style="font-size: medium;"><span style="color: #2e74b5;"><span style="font-family: Calibri Light;">How did this happen?<o:p></o:p></span></span></span></h2>
<br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">Earlier, a factor (chosen by me) added by the wise new hire
was that each phase of the project was that each phase of the project was going
to cost 50% more than the previous phase.<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">Phase 1 - $800k spent (total $800K) to reach 80% of perfection<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">Phase 2 - $1.2M spend (total $2M) to reach 90% of perfection<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">Phase 3 - $1.8M spent (total $3.8M) to reach 95% of perfection<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">Phase 4 – Plug pulled on project. The estimate was $2.7M
(total $6.5M) to reach 97.5% of perfection and you never reach 100%<o:p></o:p></span></div>
<br />
<h2 style="margin: 2pt 0in 0pt;">
<span style="font-size: medium;"><span style="color: #2e74b5;"><span style="font-family: Calibri Light;">Some morals of this parable<o:p></o:p></span></span></span></h2>
<br />
<br />
<div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0pt 0.5in; mso-list: l0 level1 lfo1; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;"><span style="mso-list: Ignore;">·<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";">
</span></span></span><!--[endif]--><span style="font-family: Calibri;">100% is tough, if not impossible, to achieve<o:p></o:p></span></div>
<br />
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0pt 0.5in; mso-list: l0 level1 lfo1; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;"><span style="mso-list: Ignore;">·<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";">
</span></span></span><!--[endif]--><span style="font-family: Calibri;">Know your risk profile and your company’s risk
profile when working on security projects<o:p></o:p></span></div>
<br />
<div class="MsoListParagraphCxSpLast" style="margin: 0in 0in 8pt 0.5in; mso-list: l0 level1 lfo1; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;"><span style="mso-list: Ignore;">·<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";">
</span></span></span><!--[endif]--><span style="font-family: Calibri;">Know how to make coffee drinks<o:p></o:p></span></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-33144902.post-7284620452639439752015-10-15T07:50:00.000-07:002015-10-15T12:31:17.458-07:00AV-Comparatives File Detection Test – September 2015<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTqxb01MmE3a8unxwFBspQt8QG8kieETZojqI3BgMWjTwT0-ed_sZA48gkQ-HdQeSOqql0BbNk0MBsTbxT872MwI7khfdscsvpWd8qvfMh4CeVDmej3715DfuGRy70gXrPsbZY/s1600/av-comp+banner.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="120" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTqxb01MmE3a8unxwFBspQt8QG8kieETZojqI3BgMWjTwT0-ed_sZA48gkQ-HdQeSOqql0BbNk0MBsTbxT872MwI7khfdscsvpWd8qvfMh4CeVDmej3715DfuGRy70gXrPsbZY/s400/av-comp+banner.png" width="400" /></a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Av-Comparatives prolific team of writers and testers has
released their File Detection Test – September 2015. Nine products received three
stars. Avira and BitDefender topped the 21 products in the test. Their false positive rate was only 0.2%. Other
companies receiving three stars, in alphabetical order, were Bullguard,
Emisoft, eScan, ESET, Kaspersky, Lavasoft, and Panda. You can download the report to see the actual order.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
ESET, Microsoft, and Panda had zero false positives The hall of shame award for this test goes to AVG Technologies
with a false positive rate 32 times larger Avira and Bitdefender, at 6.5%, (139 false positives).</div>
<h4>
About the AV-Comparatives File Detection Test</h4>
<div class="MsoNormal">
The awards for the
File Detection Test were based on a combination of detection rates and false
positives. The File Detection Test assesses the ability of
antivirus programs to detect malicious files on a system. It can identify
malware attacks from sources other than the Internet, and it can identify malicious files already present on the system.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
“With more than
130000 samples in the test, AV-Comparatives uses one of the largest sample
collection worldwide to provide statistically valid results”, according to AV-Comparatives’
Andreas Clementi.</div>
<h4>
ABC Award for the File
Detection Test</h4>
<div class="MsoNormal">
The ABC award (Avoids Being Compared) goes to Symantec. The File Detection Test is one of the core tests the organization performs. Companies cannot choose
which of these core tests to be in. It's all or none. The ABC award is not part of AV-Comparatives’ test program!</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The document can be downloaded at: </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<a href="http://www.av-comparatives.org/comparatives-reviews/">http://www.av-comparatives.org/comparatives-reviews/</a> </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The file detection rate of a product is only one aspect of a complete anti-virus product. AV-Comparatives also provides a whole-product dynamic “real-world” protection test, as well as other test reports that cover different aspects/features of the products. For those interested, you can easily do a deep dive into individual company’s historical performances on tests or sign up for the newsletter. Check them out. Other documents are available for download from the AV-comparatives website (<a href="http://www.av-comparatives.org/">www.av-comparatives.org</a>
) website.</div>
<br />
<div class="MsoNormal">
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-33144902.post-80370828922264419222015-10-08T08:04:00.000-07:002015-10-08T08:04:22.290-07:00Av-Comparatives – Review of IT Security Suites for Small Business – September 2015 <br />
<span style="font-family: Calibri;">Av-Comparatives has released their Review of IT Security
Suites for Small Business <span style="mso-spacerun: yes;"> </span>- September
2015.<span style="mso-spacerun: yes;"> </span>The review<span style="mso-spacerun: yes;"> </span><span style="mso-spacerun: yes;"> </span>examines
security suites suitable for a company running either the Foundation or the
Enterprise edition of Microsoft Windows Server 2012 R2. The Foundation version
is suitable for small companies with up to 15 users (from the Microsoft
website), while the Essentials version allows an additional ten users. The
report considers products for a network of up to 25 client PCs, with one file
server/domain controller.<o:p></o:p></span><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">AV-Comparatives’ review covered only the essential everyday
tasks needed in all networks. However some products have additional features
and could be used for significantly bigger networks reviewed. Products in the
Review of IT Security Suites are:</span></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">Bitdefender Endpoint GravityZone, ESET Remote Administrator,
F-Secure Protection Service For Business, G Data Antivirus Business, Kaspersky
Small Office Security, McAfee SaaS Endpoint Protection, Sophos Endpoint
Security and Control Cloud, Symantec Endpoint Protection, and Trend Micro Worry
Free Business Security Services. <span style="mso-spacerun: yes;"> </span>Symantec!
They’re here.<span style="mso-spacerun: yes;"> </span>They are not present on
many of AV-Comparatives’ reviews (companies cannot selectively opt out of a
subset of core reviews; it’s all or none).</span></div>
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">The document itself runs around 90 pages.<span style="mso-spacerun: yes;"> </span>Each product is given a comprehensive overview.
<span style="mso-spacerun: yes;"> </span>Major categories that AV-Comparatives
looked at include:<o:p></o:p></span></div>
<span style="font-family: Calibri;">Supported OS, Documentation, Management Console (cloud
based, server based, and virtual appliance) Respective endpoint protection
programs for Windows and Mac OS clients, Window Server Protection Software, and
Summary<o:p></o:p></span><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">All of the products received the AV-Comparatives’ Approved
Business Award. <o:p></o:p></span></div>
<span style="font-family: Calibri;">The advantages of a document like this include, the depth of
comparison, the same features/functionality are looked at for each product, and
the review was done by a known test organization. A company would not have the
time (and for a Small Business, the expertise) to go into this depth for nine
products. <span style="mso-spacerun: yes;"> </span>Companies looking to replace
their current product being used should find this report a valuable (at no
charge!) resource.<o:p></o:p></span><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">For those who like to compare products on a feature grid,
suffice it to say that AV-Comparatives provides a sizeable (Multiple fingers
and toes! Approximately 100 rows) grid as part of the document. This document is
more than adequate for you to select one product for your environment or select
a short list for evaluation. <o:p></o:p></span></div>
<span style="font-family: Calibri;">The document can be downloaded at:<span style="mso-spacerun: yes;"> </span></span><br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;"><span style="mso-spacerun: yes;"> </span><span style="mso-spacerun: yes;"> </span></span><a href="http://www.av-comparatives.org/corporate-reviews/"><span style="color: #0563c1; font-family: Calibri;">http://www.av-comparatives.org/corporate-reviews/</span></a><o:p></o:p></div>
<span style="font-family: Calibri;">The “Death of Antivirus Software is Greatly Exaggerated”, as
written in an article in CSO Online (and others).<span style="mso-spacerun: yes;"> </span>You still need protection from these threats,
whether the protection is provided from software on the device or from the
cloud. </span><a href="http://www.csoonline.com/article/2859123/data-protection/death-of-antivirus-software-greatly-exaggerated.html"><span style="color: #0563c1; font-family: Calibri;">Greatly
Exaggerated</span></a><o:p></o:p><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<o:p><span style="font-family: Calibri;"> </span></o:p><span style="font-family: Calibri;">Av-Comparatives has a fantastic library of test documents.
The site organization scores high on surveys.<span style="mso-spacerun: yes;">
</span>Check them out.<span style="mso-spacerun: yes;"> </span>Other documents
are available for download from the AV-comparatives website (</span><a href="http://www.av-comparatives.org/"><span style="color: #0563c1; font-family: Calibri;">www.av-comparatives.org</span></a><span style="font-family: Calibri;"> ) website.<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;"><span style="mso-spacerun: yes;"> </span></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<o:p><span style="font-family: Calibri;"> </span></o:p></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-33144902.post-9520989671791282612015-10-01T07:17:00.000-07:002015-10-01T23:47:02.227-07:00AV-Comparatives Malware Removal Test – September 2015<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiunmKZLPMthxNxNXdHa2ujDpDLMkKprAO1pIp6yPJ_ENOmEQGmEq9UOAUzXrF9QSbp8S0gRarJNLdon_rvK7sidL_t6vQEecZkCTSFqLj4rYsNXHL4BynjaRxwR0mdLUQBGvbK/s1600/av-comp+banner.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="120" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiunmKZLPMthxNxNXdHa2ujDpDLMkKprAO1pIp6yPJ_ENOmEQGmEq9UOAUzXrF9QSbp8S0gRarJNLdon_rvK7sidL_t6vQEecZkCTSFqLj4rYsNXHL4BynjaRxwR0mdLUQBGvbK/s400/av-comp+banner.png" width="400" /></a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
AV-Comparatives has released the results of their AV-Comparatives
Malware Removal Test for 2015. Products tested
were a combination of free and paid solutions. Sixteen products were tested. Five received
three stars or the Advanced Plus award. Kaspersky topped the list. BitDefender
was third and the three “A’s”, Avast, AVG Technologies and Avira, rounded out
the three star recipients.<br />
<h4>
AV-Comparatives Malware Removal Test</h4>
The Malware Removal Test focused only on the malware
removal/cleaning capabilities of the products. The report was written with home
users in mind and not administrators or advanced users. These individuals may have the knowledge and tools for removal of
malware on the system. To compare
products for their protection and detection capabilities, you may want to download
AV-Comparatives “Real World Protection Test” and “File Detection Test”.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>The ABC or “Avoids
Being Compared” Award<o:p></o:p></b></div>
<div class="MsoNormal">
<b><br /></b></div>
<div class="MsoNormal">
More data and testing by an unbiased test group help consumers make an informed decision when selecting
products to secure their devices. The
number of likes on a product’s web site doesn’t cut it for security when licensing
a product. Comparative testing also motivates companies
to improve their products. It’s
disappointing when companies decline to be tested.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
For the AV-Comparatives Malware Removal Test, the ABC Award or
“Avoids Being Compared” Award goes to Symantec, McAfee, and Trend Micro. All
three of these companies have solutions with sizeable share in the
antivirus/internet security consumer marketplace. Perhaps they will step up for the next test.
McAfee and Trend Micro are usually there. Symantec? Not so much.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The Malware Removal Test document is located at <a href="http://www.av-comparatives.org/removal-tests/">http://www.av-comparatives.org/removal-tests/</a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
All of AV-Comparatives’ tests can be found at <a href="http://www.av-comparatives.org/">www.av-comparatives.org</a> </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<br />
<div class="MsoNormal">
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-33144902.post-23100903359741424772015-09-27T19:04:00.001-07:002015-10-01T23:54:57.052-07:00Cyphort vs. FireEye – FireWhy? The Breach Detection, Advanced Persistent Threat Battle<div class="MsoNormal">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjFEdeQ-kziiCOq0RPCJJhfP_klaiNucolSwXe5Kl-zyQA-lwUwEBx8_jZpHj8uFR0GJD14XXl5orTq7p_rH9zJsNAoY-pmwqEPmDVvAF1raS-V9PGdwu7J5vWkfPEQQusZS-H/s1600/fred2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="140" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjFEdeQ-kziiCOq0RPCJJhfP_klaiNucolSwXe5Kl-zyQA-lwUwEBx8_jZpHj8uFR0GJD14XXl5orTq7p_rH9zJsNAoY-pmwqEPmDVvAF1raS-V9PGdwu7J5vWkfPEQQusZS-H/s400/fred2.png" width="400" /></a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Cyphort is taking a different tact versus the others in the
breach detection, Advanced Persistent Threat (APT) market with their Cyphort Advanced
Threat Protection solution (claim: complete 360º APT defense!) Cyphort positions the company as both
superior to FireEye and able to coexist with FireEye. Getting their nose
under the tent for when renewals coming up? Shortening the review cycle when
renewals come up? Coverage for areas of
a company where there aren’t FireEye appliances? Cyphort
didn’t participate in the NSS Labs Breach Detection study.</div>
<div class="MsoNormal">
</div>
<div class="MsoNormal">
FireEye is the 800-pound gorilla with respect
to market revenue and visibility. The
David vs. Goliath analogy won’t work since FireEye’s CEO’s first name is Dave! Cyphort’s
2014 revenue was around $14 million. FireEye’s was $426 million (this includes
revenue from the Mandiant acquisition).</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Cyphort claims that their solution delivers malware lateral
movement detection. They define this as "the ability to combine advanced
targeted attacks and Advanced Persistent Threats (APT) detection with lateral
movement." They say that their product provides a picture of the attack as it happens and the potential
spread within an organization, in real-time. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The Cyphort solution is delivered as software that can be
installed on general-purpose hardware, virtual machines and cloud environments.
The solution consists of four core components:</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>Collector:</b> Software-based probes deployed at strategic
network locations (Internet egress points, data centers, etc.) to
collect suspect objects and communication.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>Core:</b> This is the centralized detection component
of Cyphort’s solution; Cyphort Core analyzes the collected suspicious network
objects and associated metadata from the Collectors </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>Manager:</b> This is
a web-based, administrative Interface. It enables someone to manage the distributed
deployment and provides access to reports </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>Threat Network</b>: This
cloud service feeds global threat intelligence to the Cyphort Core for enhanced
detection of current threats. It aggregates threat information across all
Cyphort installations</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
At RSA earlier this year,
Cyphort's co-founder and Chief Strategy Officer Fengmin Gong said, "Today, solutions must look at
every stage of the cyber kill chain." </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
It’s always good to have more competition. Based on press,
one would think that the APT market is the exclusive domain FireEye
and the other seven companies that are part of the most recent NSS Breach
Detection Systems (BDS) test! </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>Is FireEye Cyphort’s Friend or Foe?<o:p></o:p></b></div>
<div class="MsoNormal">
<b><br /></b></div>
<div class="MsoNormal">
On the Cyphort site at <a href="http://www.cyphort.com/products/firewhy/">http://www.cyphort.com/products/firewhy/</a> there
are pair of threads prospects can go down. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
For those who already have FireEye, Cyphort claims that
their Cyphort Advanced Threat Protection solution can be used to address gaps
in the FireEye solution. Their pitch is
that they enhance protection.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>Enterprise-wide
Coverage</b>: Unprotected sites and data centers can be covered with a single
global license</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>Enterprise-wide Deployment:</b>
Deployment in days using the virtual machine approach</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>No appliance
proliferation</b>: Cyphort claims that
they cover & correlate email/web/file traffic across multiple operating
systems, all in one solution</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The second thread is for those considering FireEye. Cyphort claims that they are “the clear alternative”. They have a nice (of course, it’s selective)
grid containing points of differentiation (FireEye in ( ) :</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>Detection:</b> Sandbox
evasion detection, Data exfiltration detection, Multi-part threat detection, Golden
image sandbox for contextual detection.
(no for all four )</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>Coverage:</b>
Distributed/Decoupled Design for Global Deployment using collectors
(Monolithic) , Hardware/Software/VM deployment
(hardware only), Integrated Web/Email threat detection for Windows and
Mac OSX threats (multiple appliances needed)</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>Action:</b>
Risk-based Threat Prioritization , Containment Using Existing Firewall, Web
Gateway and IPS Devices, Endpoint Infection Verification (no for all three)</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
</div>
<div class="MsoNormal">
<b>Scale and
Flexibility:</b> Scalability, clustered design to support any load (limited by
highest appliance capacity for FireEye ); IT ecosystem Integration, open API (limited);
Licensing is enterprise wide by bandwidth (per appliance for FireEye)</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The Radicati Group has a
APT market share and 2015-2019
APT forecast report available for
purchase ($3000) <a href="http://www.radicati.com/wp/wp-content/uploads/2015/04/APT-Protection-Market-2015-2019-Brochure.pdf">Radicati
APT-Protection-Market-2015-2019-Brochure.pdf</a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
For those wanting another company’s view of Cyphort’s and
FireEye’s offerings, LastLine has performed their own analyses:</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<a href="http://landing.lastline.com/compare-cyphort-vs-lastline-alternative">Lastline
vs. Cyphort</a></div>
<div class="MsoNormal">
</div>
<div class="MsoNormal">
<a href="http://landing.lastline.com/compare-fireeye-to-lastline%20">Lastline vs.
FireEye</a></div>
<div class="MsoNormal">
<b><br /></b></div>
<div class="MsoNormal">
<h4>
<b>Products in the
Breach Detection Systems (BDS) Security Value Map™ 2015</b></h4>
</div>
<div class="MsoNormal">
In the August NSS Breach Detection Systems Test, Cisco
had the highest detection rate, Blue Coat the lowest TCO. FireEye - lower left in the grid. As mentioned earlier, Cyphort was not in this
study.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Five of the eight received a recommended rating (Those on
the upper right corner of the value map). Some of the companies tested have the
individual reports available on their web site.
To purchase reports, see below.
For the BDS Security Value Map Graphic:</div>
<ul type="disc">
<li class="MsoNormal" style="background: white; color: #323232; line-height: 11.8pt; mso-list: l0 level1 lfo1; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;"><span style="color: windowtext;"><a href="https://www.nsslabs.com/bds-security-value-map-graphic">bds-security-value-map-graphic</a></span><o:p></o:p></li>
</ul>
<div class="MsoNormal">
Participants in the NSS Breach Detection Systems Study:</div>
<ul type="disc">
<li class="MsoNormal" style="background: white; color: #323232; line-height: 11.8pt; mso-list: l0 level1 lfo1; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;"><span style="color: windowtext;"><a href="https://www.nsslabs.com/reports/breach-detection-system-bds-test-report-blue-coat-security-analytics-and-blue-coat-malware"><span style="color: #00539f; mso-bidi-font-family: Helvetica; mso-fareast-font-family: "Times New Roman"; text-decoration: none; text-underline: none;">Blue Coat
Security Analytics and Blue Coat Malware Analysis Appliance</span></a></span><o:p></o:p></li>
<li class="MsoNormal" style="background: white; color: #323232; line-height: 11.8pt; mso-list: l0 level1 lfo1; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;"><span style="color: windowtext;"><a href="https://www.nsslabs.com/reports/breach-detection-system-bds-test-report-check-point-13500-generation-threat-prevention"><span style="color: #00539f; mso-bidi-font-family: Helvetica; mso-fareast-font-family: "Times New Roman"; text-decoration: none; text-underline: none;">CheckPoint
13500 Next Generation Threat Prevention Appliance with Threat Emulation
Cloud Service</span></a></span><o:p></o:p></li>
<li class="MsoNormal" style="background: white; color: #323232; line-height: 11.8pt; mso-list: l0 level1 lfo1; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;"><span style="color: windowtext;"><a href="https://www.nsslabs.com/reports/breach-detection-system-bds-test-report-cisco-advanced-malware-protection"><span style="color: #00539f; mso-bidi-font-family: Helvetica; mso-fareast-font-family: "Times New Roman"; text-decoration: none; text-underline: none;">Cisco
Advanced Malware Protection</span></a></span><o:p></o:p></li>
<li class="MsoNormal" style="background: white; color: #323232; line-height: 11.8pt; mso-list: l0 level1 lfo1; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;"><span style="color: windowtext;"><a href="https://www.nsslabs.com/reports/breach-detection-system-bds-test-report-fidelis-xps-direct-1000-fidelis-xps-internal-1000"><span style="color: #00539f; mso-bidi-font-family: Helvetica; mso-fareast-font-family: "Times New Roman"; text-decoration: none; text-underline: none;">Fidelis
XPS Direct 1000 & Fidelis XPS Internal 1000</span></a></span><o:p></o:p></li>
<li class="MsoNormal" style="background: white; color: #323232; line-height: 11.8pt; mso-list: l0 level1 lfo1; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;"><span style="color: windowtext;"><a href="https://www.nsslabs.com/reports/breach-detection-system-bds-test-report-fireeye-ex-3400-nx-4400"><span style="color: #00539f; mso-bidi-font-family: Helvetica; mso-fareast-font-family: "Times New Roman"; text-decoration: none; text-underline: none;">FireEye
EX-3400 & NX-4400</span></a></span><o:p></o:p></li>
<li class="MsoNormal" style="background: white; color: #323232; line-height: 11.8pt; mso-list: l0 level1 lfo1; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;"><span style="color: windowtext;"><a href="https://www.nsslabs.com/reports/breach-detection-system-bds-test-report-fortinet-fortisandbox-1000d"><span style="color: #00539f; mso-bidi-font-family: Helvetica; mso-fareast-font-family: "Times New Roman"; text-decoration: none; text-underline: none;">Fortinet
FortiSandbox-1000D</span></a></span><o:p></o:p></li>
<li class="MsoNormal" style="background: white; color: #323232; line-height: 11.8pt; mso-list: l0 level1 lfo1; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;"><span style="color: windowtext;"><a href="https://www.nsslabs.com/reports/breach-detection-system-bds-test-report-lastline-breach-detection-platform"><span style="color: #00539f; mso-bidi-font-family: Helvetica; mso-fareast-font-family: "Times New Roman"; text-decoration: none; text-underline: none;">Lastline
Breach Detection Platform</span></a></span><o:p></o:p></li>
<li class="MsoNormal" style="background: white; color: #323232; line-height: 11.8pt; mso-list: l0 level1 lfo1; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;"><span style="color: windowtext;"><a href="https://www.nsslabs.com/reports/breach-detection-system-bds-test-report-trend-micro-deep-discovery-inspector"><span style="color: #00539f; mso-bidi-font-family: Helvetica; mso-fareast-font-family: "Times New Roman"; text-decoration: none; text-underline: none;">Trend
Micro Deep Discovery Inspector </span></a></span><o:p></o:p></li>
</ul>
<div class="MsoNormal">
Studies are available on the NSS site. Some are available for free on the participant's site.</div>
Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-33144902.post-3562600423119415092015-09-18T15:42:00.000-07:002015-10-01T17:11:17.235-07:00Carly Fiorina and Her Record at HP<div class="MsoNormal">
Presidential candidate Carly Fiorina has been taking a lot
of heat and defending her record while at Hewlett-Packard ten years ago. Below are a couple
of charts summarizing HP’s stock performance during those years. You can draw
your own conclusions. Suffice it to say that many employees were glad that Carly
Fiorina was removed from Hewlett-Packard.
Unfortunately, by the time she was gone, the “HP Way” had all but disappeared. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6KOdkqmnuqyrXjalIHYpo_ZpRtQGDpS2Zi79RX-mxrU6IGQgKpl4_j5DUmPH9j2YqyaBmHYqDQFwLcO15N4hvriWrjprfp0tRE8kclaobkgzrlMz-QzdcUjpicBPyWZexJAkq/s1600/carly2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="256" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6KOdkqmnuqyrXjalIHYpo_ZpRtQGDpS2Zi79RX-mxrU6IGQgKpl4_j5DUmPH9j2YqyaBmHYqDQFwLcO15N4hvriWrjprfp0tRE8kclaobkgzrlMz-QzdcUjpicBPyWZexJAkq/s400/carly2.png" width="400" /></a></div>
<br />
<div class="MsoNormal">
And in another chart:</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJtI4cnZgzqhb9Ht0cJeOkIkGQkPORZ5SKhCyEDwwzlDwfFQ-NhMvSyIu_thTAbpqaD9B4ZC58k7qK-bjT2MpNnEj_-TLp1r-PtA8rElGqeNg4i2R1trkN8PqGE0N2H1qU3y0h/s1600/carly3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="256" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJtI4cnZgzqhb9Ht0cJeOkIkGQkPORZ5SKhCyEDwwzlDwfFQ-NhMvSyIu_thTAbpqaD9B4ZC58k7qK-bjT2MpNnEj_-TLp1r-PtA8rElGqeNg4i2R1trkN8PqGE0N2H1qU3y0h/s400/carly3.png" width="400" /></a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<o:p> The sources and crisper images are below. You can also click on the images to expand them. The analyses point out that the economy was not great during those years. Neither article gives Fiorina an "A" for her performance, though. </o:p></div>
<div class="MsoNormal">
<o:p><br /></o:p></div>
<div class="MsoNormal">
<a href="http://www.marketwatch.com/story/carly-fiorina-failed-at-h-p-but-so-has-everyone-else-2015-09-18?siteid=yhoof2">http://www.marketwatch.com/story/carly-fiorina-failed-at-h-p-but-so-has-everyone-else-2015-09-18?siteid=yhoof2</a><br />
<br /></div>
<div class="MsoNormal">
<a href="http://www.bloombergview.com/articles/2015-09-18/carly-fiorina-s-hewlett-packard-record-in-one-chart?cmpid=yhoo">http://www.bloombergview.com/articles/2015-09-18/carly-fiorina-s-hewlett-packard-record-in-one-chart?cmpid=yhoo</a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
</div>
<div class="MsoNormal">
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-33144902.post-3545745463788065062015-09-16T07:09:00.000-07:002015-10-01T07:37:07.185-07:00AV-Comparatives Mobile Security Review – August 2015<div class="MsoNormal">
Austria based AV-Comparatives has released their Mobile
Security Review - August 2015. This is quite an extensive document,
providing a comprehensive review of sixteen security packages running on
Android. The document runs seventy
pages. Ten of the sixteen products are free. Almost 2400 malicious applications were used
in the test.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Mobile security is crucial for both home users (who are
constantly checking their mobile) as well as businesses. The BYOD camel has
entered its nose into the intranet tent and it’s not going to be removed. Mobile devices are a major weak spot for
network access, as well as a place where data can be accessed. Data stored on
the phone can be stolen, as well. The Global BYOD market is expected to grow at
a CAGR of 25.32% from 2014 to 2019 according to a new market
research report published on September 15. <a href="file:///C:/Users/Kensek/Documents/cdk%20-%200915/AV-Comparatives/%20%20https:/www.whatech.com/market-research/consumer/93151-global-byod-market-to-grow-at-a-cagr-of-25-32-from-2014-to-2019-examined-in-new-market-research-report"> whattech.com market research report</a> . These devices need to be protected. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
AV-Comparatives, while giving each of the products an
approved rating, nonetheless found that the there was overall a “significant
overall improvement” in the standard of the products. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Four of the products
provided 100% protection: Trend Micro with no false alarms, BitDefender,
G
Data (both with three false alarms) and
Antiy (with five) rounded out the top four. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
AVG Technologies offering trailed all products tested with 98.4%
protection and 4 false alarms. Just above AVG Technologies was Sophos with 99.2% protection and 0 false alarms. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
For those who are interested in a tabular deep dive comparison,
the first table compares which of 75 permissions are in each of the products.
No product had all of them.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The Feature List table compares the products on over forty attributes,
broken down into categories including Anti-Malware, Anti-Theft, Anti-Spam,
Parental Control, Authentication, Additional Features, and Support. McAfee
Mobile Security lacked the fewest, missing only three. This product drained the mobile battery a bit
more than the others did. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
A great deal of work went into this document. The Mobile
Security Review can be found free (!) at</div>
<div class="MsoNormal">
<a href="http://www.av-comparatives.org/mobile-security/">http:
//www.av-comparatives.org/mobile-security/</a> . Complete copyright and disclaimer information
is contained in the document and more information about test procedures is on
the website. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>AVC UnDroid Analyser<o:p></o:p></b></div>
<div class="MsoNormal">
<b><br /></b></div>
<div class="MsoNormal">
AV-Comparatives (<span style="font-family: "Calibri","sans-serif"; font-size: 11.0pt; line-height: 115%; mso-ansi-language: EN-US; mso-ascii-theme-font: minor-latin; mso-bidi-font-family: "Times New Roman"; mso-bidi-language: AR-SA; mso-bidi-theme-font: minor-bidi; mso-fareast-font-family: Calibri; mso-fareast-language: EN-US; mso-fareast-theme-font: minor-latin; mso-hansi-theme-font: minor-latin;"><a href="http://www.av-comparatives.com/">www.av-comparatives.com</a></span>) has also
introduced a slick malware analysis tool, the UnDroid Analyser that is free to
users. It’s a static system for detecting suspected Android malware and adware
and generating some statistics about it. Check it out at <a href="http://www.av-comparatives.org/avc-analyzer">http://www.av-comparatives.org/avc-analyzer</a> . </div>
<br />
<div class="MsoNormal">
<b>Addendum </b><br />
<br />
View AV-Comparatives September Malware Removal Test at<br />
<br />
<a href="http://kensek.blogspot.com/2015/10/av-comparatives-malware-removal-test.html">Malware Removal Test - September 2015</a><br />
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-33144902.post-90215245073769748242015-09-13T19:47:00.000-07:002015-09-16T22:52:18.714-07:00Black Eye for FireEye - Hitting Researchers with Injunctions<div class="MsoNormal">
Sometimes security companies can be a little too heavy
handed. Or their lawyers have too much time on their hands. FireEye cleared this hurdle, recently.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Felix Wilhelm, a security researcher working for Germany based ERNW, was going to present his
findings on some vulnerabilities he had found with FireEye’s software. He was going to present at the 44CON Cyber
Security Conference (<a href="http://www.44con.com/">www.44con.com</a> ) during
the week of September 9. The flaws had
been fixed, by the way.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The two parties had a series of discussions regarding what could
go into the report (FireEye was concerned about not exposing information on
their product’s IP). To be brief, the
parties supposedly agreed on a final report around August 5. FireEye then sent Wilhelm a cease and desist letter
on August 6, obtained a court injunction on August 13 and delivered it to
Wilhelm on September 2, a week before the 44Con conference. Ultimately, Wilhelm did present his findings
with some material redacted. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
FireEye has a procedure for <span style="background: white;">researchers to “disclose and inform us of potential
security issues”. In this case, FireEye was extremely heavy handed . Their
action does little to encourage researchers to share (stifle?) at
security conferences. This comes across
as “attacking the messenger”. They also attacked
the messenger with NSS Labs a couple of
years ago when FireEye e came in last in a multi-company Breach Detection Systems
Test. </span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<span style="background: white;">FireEye came in
last again in a NSS Break Detection Systems Test (BDS) earlier this year. Eight
companies were in the test: Blue Coat, Check Point, Cisco, Fidelis,
FireEye, Fortinet, Lastline, and Trend Micro. The test measured security
effectiveness, performance, and total cost of ownership.</span></div>
<div class="MsoNormal">
<span style="background: white;"><br /></span></div>
<div class="MsoNormal">
<span style="background: white;">To obtain a copy of
the Value Map: </span> <a href="https://www.nsslabs.com/bds-security-value-map-graphic">NSS Security
Value Map Graphic</a> </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
To read the complete Forbes article “FireEye Scolded For
Injunction Stopping Security Researcher Revealing Source Code”:<span style="background: white;"> </span><a href="http://www.forbes.com/sites/thomasbrewster/2015/09/10/fireeye-slammed-over-injunction/?utm_campaign=yahootix&partner=yahootix">Forbes
- FireEye Scolded</a> </div>
<div class="MsoNormal">
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-33144902.post-33618312420502911492015-08-16T12:43:00.001-07:002015-12-07T09:55:25.094-08:00Is FireEye Fireproof? <div class="MsoNormal">
<b>Addendum - December 7</b> : On 12/7 - FireEye reached a fifty two week low of $19.76 This is lower than their IPO opening bell price.<br />
<br />
To date, FireEye seems impervious to poor test results. The market has been more interested in revenue
growth. In the NSS Labs Breach Detection Systems Comparative Report issued in Augst, five of
the eight vendors tested received a Recommended rating. FireEye was not one of
them. </div>
<div class="MsoNormal">
</div>
<div class="MsoNormal">
FireEye did not test well in the NSS Labs
report, finishing last, with the lowest security effectiveness (in the 50’s,
with the next lowest vendor in the 80’s) and the highest TCO per protected Mbps.<br />
<br />
<b>September 28 Addendum</b> - FEYE closed at $31.51. Its opening day closing price was around $36.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Cisco had the highest effectiveness of the eight products tested and Blue coast the lowest TCO per protect Mbps. FireEye protested the testing methodology
when NSS first performed this test a couple of years ago. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
A Frost and Sullivan
report “Network Security Sandbox Market Analysis, APTs Create a “Must Have”
Security Technology”, gives FireEye 62% of the market.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
From a financial
perspective, FireEye sales and marketing expenses as a percent of revenue have
finally dropped below 100%. Operating cash flow is finally positive. The
company is still losing ”tons” of money. The market finally seems to be paying more attention
cash flow, margins, and future profitability. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The company as of mid August is trading in the low $40’s,
well off its peak of $97 in March 2014 (giving executives a chance to cash in for
a nice gain) and above the bottom of
$25 in October 2014. The $40’s
is in the area of the pop FireEye had when it first went public. The company CFO, Michael Sheridan, resigned shortly after the last earnings announcement to join DocuSign.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
A free copy the Breach Detection Systems Security Value Map can be obtained at <a href="https://www.nsslabs.com/bds-security-value-map-graphic">https://www.nsslabs.com/bds-security-value-map-graphic</a> The full report is available for purchase. A
number of the vendors in the report are making their individual vendor reports available.
</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Cyphort, one of the vendors tested, is aggressive on their
website explaining why they would make a great addition to companies already
using FireEye and why they feel they’re the “clear alternative” for companies
considering FireEye. People can learn about this at <a href="http://www.cyphort.com/products/firewhy/">http://www.cyphort.com/products/firewhy/</a> as well as view a (small) capabilities
comparison grid. </div>
<div class="MsoNormal">
<br /></div>
<br />
<div class="Default">
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-33144902.post-90020633438342735512015-07-25T22:19:00.000-07:002015-07-25T22:19:55.997-07:00AV-Comparatives Mac Security Test and Review – July 2015<div class="MsoNormal">
Austria-based AV-Comparatives has released the results of their Mac
Security Test and Review, July 2015. This report evaluates ten products users can license for
their Mac systems. Products tested were a combination of free and paid
solutions. Overall, nine of the products reviewed received AV-Comparative’s
Approved Security Product award. <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>Malware Tests<o:p></o:p></b></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Seven of the ten products scored 100% in the Mac Malware
Protection Test. None of the tested products scored lower than 98%.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Many Mac security vendors claim that their products detect
Windows malware as well as Mac malware. In the Windows Malware Detection Test,
seven of the ten products scored 100%. While Macs cannot be infected by these
files, the Macs can distribute them, hence the value of testing with Windows
malware.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>Mac Review and
Usability Test<o:p></o:p></b></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
AV-Comparatives used the following criteria in compiling
their 64-page review. The appendix provides a comparative checklist that
summarizes protection, features, and support for each product. For the test,
evaluators use the following as a guideline:<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
• Product version
reviewed<o:p></o:p></div>
<div class="MsoNormal">
• Operating systems
supported<o:p></o:p></div>
<div class="MsoNormal">
• Additional
features<o:p></o:p></div>
<div class="MsoNormal">
• Installation<o:p></o:p></div>
<div class="MsoNormal">
• Main window<o:p></o:p></div>
<div class="MsoNormal">
• Operating system
integration<o:p></o:p></div>
<div class="MsoNormal">
• Maintenance<o:p></o:p></div>
<div class="MsoNormal">
• Non-administrator
access<o:p></o:p></div>
<div class="MsoNormal">
• Scanning<o:p></o:p></div>
<div class="MsoNormal">
• Settings
quarantine and logs<o:p></o:p></div>
<div class="MsoNormal">
• Malware and
phishing alerts<o:p></o:p></div>
<div class="MsoNormal">
• Help<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
“Our Mac Security
Test and Review document comprises a comprehensive evaluation of the ten
products we tested,” said Andreas Clementi. “It’s a valuable document that
should help enable users to determine which product is the best for their
needs. Mac products are not immune from infection by malware, contrary to the
belief held by many individuals. Users
consider performing their own
examination of a few products, where 30-day evaluations are available. We don’t
recommend not using a security product!”</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
A more complete list of antivirus programs for the Mac is
available at:<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<a href="http://www.av-comparatives.org/av-vendors-mac">http://www.av-comparatives.org/av-vendors-mac</a>
<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
AV-Comparatives performs af number of tests over the course of the year. Reports can be downloaded
from the company website at: <a href="http://www.av-comparatives.org/">http://www.av-comparatives.org/</a> Their “Real World Protection Test March –
June 2015” can be found here. Products from Bitdefender, Kaspersky, and Avira
were the top three in this test. <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The Mac Security Test and Review can be found at:</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<a href="http://www.av-comparatives.org/mac-security-reviews/">http://www.av-comparatives.org/mac-security-reviews/</a><o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>About AV-Comparatives<o:p></o:p></b></div>
<div class="MsoNormal">
<b><br /></b></div>
<div class="MsoNormal">
AV-Comparatives is an independent organization offering
systematic testing that checks whether security software, such as PC/Mac-based
antivirus products and mobile security solutions, lives up to its promises. AV-Comparatives offers freely accessible
results to individuals, news organizations and scientific institutions.
Certification by AV-Comparatives provides an official seal of approval for
software performance that is globally recognized. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<br />
<div class="MsoNormal">
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-33144902.post-8831170670678440322015-03-01T18:11:00.000-08:002015-03-01T20:04:49.648-08:00AVG Technologies Financial Results 2014 – An Alternative View (some quick thoughts on issues for 2015) and AVG ME<div class="MsoNormal">
AVG Technologies released their financial results in February. As usual, the focus was on revenue. Per their announcement, “Subscription revenue increased 12% to
$281.6 million from $250.8 million year over year. Our consumer subscription
business grew 11% to $223.1 million and our small business segment by 18.7% to
$58.5 million. For the fiscal year 2014, total revenue was $374.1 million”</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Looking at the
numbers versus fiscal 2013 and Q4 2013 versus 2014 is a little troubling, as a lot of red is
involved in the changes.</div>
<div class="MsoNormal">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgI8Yd_ns76GD_BXH2l0T-RD5RohZ9y35DPO-uHZg2lZJKP7ciD0_-xPhAEUuLfncqKm-4WlBKbosf3o4uY6cl-53qZ3_WKvdDz1T89o-YDTqr_G8d9NRw1XwqiRI3QL_qWLyu8/s1600/fred2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgI8Yd_ns76GD_BXH2l0T-RD5RohZ9y35DPO-uHZg2lZJKP7ciD0_-xPhAEUuLfncqKm-4WlBKbosf3o4uY6cl-53qZ3_WKvdDz1T89o-YDTqr_G8d9NRw1XwqiRI3QL_qWLyu8/s1600/fred2.png" height="222" width="400" /></a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br />
<!--[endif]--><!--[if gte mso 9]><xml>
<o:OLEObject Type="Embed" ProgID="Excel.Sheet.12" ShapeID="_x0000_i1025"
DrawAspect="Content" ObjectID="_1486736437">
</o:OLEObject>
</xml><![endif]--></div>
<div class="MsoNormal">
With the exception of Subscription Revenue, all other
figures above were lower in Q4 and for 2014 overall versus 2013. Much of the drop in platform derived revenue
was expected, however. The increase in
subscription revenue didn’t make up for the decline in platform derived
revenue. AVG’s focus is going to be on
subscription revenue. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
In the transcript to the press conference, CEO Kovacs
commented that, “We have also exceeded a very important user
count milestone, as we came in at over 101 million mobile users, to give a
total user count reached of 197 million. Both of these are well on our way to
the important milestones</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Two potential red flags with this. There may be double counting of users, if a
user has AVG product installed on both a smart phone and a laptop. Also, several years ago, AVG promoted that they had on the
order of 130 million users. This was before they acquired their way into the
mobile business (Israeli based company acquisition). Doing the math, they may have lost, market
share on the order of 34 million
desktop users. That’s quite a bit. How user is/was defined may have changed
over the years. 5 million of the
additional users were through the acquisition of Location Labs. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Paid user count for 2014 on the desktop was approximately 19
million. The means the majority of the
consumer base was free, which means zero switching costs and the possibility
for churn. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
2014 acquisitions by AVG included acquisitions of Locations
Labs, Norman Safeground and Winco. Revenue
from these were not broken out separately. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>Some Threats for 2015<o:p></o:p></b></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>SMB</b></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
In 2014, AVG’s SMB revenue grew by an impressive 18.7% to
$58.5 million. On February 24<sup>th</sup>, AVG competitor Avast announced
their free Avast for Business. This product
is designed to protect small and medium-sized businesses (SMBs) against viruses
and cyber attacks. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Avast pointed out as part of the introduction that it plans to introduce
programs for MSPs and resellers that enable them "to benefit from the
power of free." This could pose a risk to AVG’s growth with their SMB product. To build their presence in the business marketplace,
Avast recruited AVG’s VP of Sales and Operations in June, 2014. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>In the Desktop and
Android Market<o:p></o:p></b></div>
<div class="MsoNormal">
<b><br /></b></div>
<div class="MsoNormal">
</div>
<ul>
<li>AVG has not tested well in some product tests by well known
vendors. This could impact market share
growth.</li>
<li>AV-Test (<a href="http://www.av-test.org/">www.av-test.org</a>)
released a report in December on “The best antivirus software for Windows Home
Users”. AVG’s products tested came in 18 and 22 out of
the 27 tested.</li>
<li>AV-Comparatives (<a href="http://www.av-comparatives.org/">www.av-comparatives.org</a>
) - In AV-Comparatives’ September “File Detection Test”, AVG was awarded 1
star. 18 products were awarded 2 or 3 stars.</li>
<li>However, in the AV-Compararatives.org summary report for 2014, AVG was
one of nine vendors to receive a Top Rated designation. Bitdefender won Product
of the Year.</li>
<li>Av-Test (<a href="http://www.av-test.org/">www.av-test.org</a>
) released a report on “The Best Antivirus SW for Android”. 31 products are in the report. 28 products scored higher the free AVG
offering that was tested.</li>
<li>AVG was not part of the AV-Compasrative September “Mobile
Security Review”.</li>
</ul>
<div class="MsoNormal">
To jump start even further installations on mobiles, AVG may
need to do something like they did with Huawei and
give away paid AVG product. They did this with Huawei mobiles in the India market, and with Samsung
phones in the UK market. This was a couple of years ago. </div>
<div class="MsoNormal">
</div>
<div class="MsoNormal">
<b>AVG ME<o:p></o:p></b></div>
<div class="MsoNormal">
<b><br /></b></div>
<div class="MsoNormal">
The rumor mill has AVG Introducing “AVG ME” sometime in the first ½ of this year ,
potentially as soon as March. With this
product, AVG ME will be providing publishers and advertisers access to validated
user data (gathered with customer permission).
Revenue from this is TBD. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>The Usual Acquisition
Stories<o:p></o:p></b></div>
<div class="MsoNormal">
<b><br /></b></div>
<div class="MsoNormal">
In November, the Wall Street Journal reported that AVG Technologies
had been approached by potential buyers.
Nothing has really been in the press about this since then.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<a href="http://www.wsj.com/articles/avg-technologies-approached-by-potential-buyers-1415316140">http://www.wsj.com/articles/avg-technologies-approached-by-potential-buyers-1415316140</a></div>
<div class="MsoNormal">
<br /></div>
<br />
<div class="MsoNormal">
<br /></div>
Unknownnoreply@blogger.com2tag:blogger.com,1999:blog-33144902.post-44942445588123831922015-02-04T14:20:00.000-08:002015-02-04T14:20:21.114-08:00Av-Comparatives Summary Report – 2014<div class="MsoNormal">
For those who haven’t made a habit of downloading and
looking at the many test reports test
group AV-Comparatives publishes, their AV-Comparatives Summary Report of
anti-virus products has been released. Some of the products in the test were the
company’s internet security offerings. The report lists the winners in a number
of categories: </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
</div>
<ul>
<li>Overall winner</li>
<li>Top rated products</li>
<li>Real world protection test</li>
<li>File detection</li>
<li>False positives</li>
<li>Overall performance </li>
<li>Proactive (heuristic/behaviors)</li>
<li>Malware removal</li>
</ul>
<br />
<div>
<div class="MsoNormal">
Congratulations to BitDefender for being product of the year, receiving 3 stars in all the tests! Two other companies achieved this level with their products, Kaspersky, and Eset.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Most of the products tested were “paid” versions, products from Panda, LavaSoft, and Avast being the exceptions. Among these three, Panda was the “winner”, finishing twelfth overall. In alphabetical order, the bottom three companies were AhnLab, McAfee, and ThreatTrack Vipre.</div>
</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
This 151 page report also contains an extensive user
interface review section of almost two dozen products. One of the companies on the list even begins
with an S. Sorry. It’s not
Symantec. One of these days, they’ll
step up and be tested.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The demise of anti-virus products and companies offering them is vastly
pre-mature. The endpoint needs
protection. The level of protection provided by these products is superior to
that provided years ago, when heuristic technology wasn’t in many endpoint
solutions, and there were no cloud solutions for the endpoint. Leave your laptop or tablet unprotected at your own risk!</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
This report demonstrates quite clearly that the market share
leaders in the endpoint security space are not necessarily providing the best
security nor performance. Kaspersky, and
Eset, are known in the industry but not as much to the public. But you can buy them online and in some
stores. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
BitDefender has an active and successful
OEM program for their antimalware engine. Download and take a look at the AV-Comparatives Anti-Virus
Comparative Report. It’s free. And in
2015, do look at their other reports.
You can also go onto their site and view their results from their
dynamic Real World Test. <a href="http://www.av-comparatives.org/dynamic-tests/">http://www.av-comparatives.org/dynamic-tests/</a>
</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>About AV-Comparatives</b> (<a href="http://www.av-comparatives.org/">www.av-comparatives.org</a> )</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
AV-Comparatives is an independent organization offering
systematic testing that checks whether security software, such as PC/Mac-based
antivirus products and mobile security solutions, lives up to its promises.
Using one of the largest sample collections worldwide, it creates a real-world
environment for truly accurate testing.
AV-Comparatives offers freely accessible results to individuals, news
organizations and scientific institutions. Currently, the AV-Comparatives' Real-World
Protection Test is the most comprehensive and complex test available when it
comes to evaluating the real-life protection capabilities of antivirus software</div>
<div class="MsoNormal">
<br /></div>
<br />
<div class="MsoNormal">
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-33144902.post-88439106039055009032014-11-15T15:38:00.001-08:002014-11-16T11:02:51.487-08:00AVG Technologies in Play, an Alternative Look at Q3 Financial Results<div class="MsoNormal">
The San Francisco Giants win the World Series in even
numbered years. Rumors circulate about
AVG Technology being an acquisition candidate occurs in odd number years. Okay,
even numbered as well. Couple that with so-so financial results? You may want to
sell, as well. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Even before AVG went public, there were “always” rumors about
them being for sale as the right price.
Companies being mentioned usually included Hewlett Packard and Cisco. Earlier
this year, AVAST Software, an AVG competitor, signed a binding agreement with CVC Capital Partners for a major investment in the company. The
investment valued Avast at about $1 billion US.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Other than throwing
off cash for the investors, AVG has been something of a disappointment. The plan
was to go public in early 2012 at $16 to
$19. Instead, they opened and closed
around $13. AVG’s market cap, as of 11/15
is just under $1 B. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
From a technology
standpoint, AVG's growth has been through purchase rather than developing
things in house. In September, 2014 they purchased Location Labs, a provider of security for mobile technology. http://now.avg.com/avg-solidifies-leadership-in-growing-mobile-security-market-with-acquisition-of-location-labs/<br />
<br />
AVG entered the mobile
security market by purchasing the Israeli firm DroidSecurity in late 2010
DroidSecurity had both a free and paid prospect). They increased their share by quietly giving the
product away on certain Huawei mobile phones in India (That announcement appeared on the web and
disappeared quickly. Huawei was being
investigated in the 2012 time frame by
the US congress for potentially posing a security threat).</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
In product testing (ability to stop malware), AVG has failed to be one of the leaders. In AV-Comparatives October Real World Protection tests, AVG came in 10th out of 22. In the September, "File Detection Test of Malicious Software", AVG received on star,finishing 20th out of 22.</div>
<div class="MsoNormal">
(<a href="http://www.av-comparatives.org/">www.av-comparatives.org</a>) In the Virus Bulletin (<a href="http://www.virusbtn.com/">www.virusbtn.com</a> ) RAP (Reactive and
Proactive test), they weren’t in the top 20. ( <a href="https://www.virusbtn.com/vb100/rap-index.xml">https://www.virusbtn.com/vb100/rap-index.xml</a>)</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
On to the financials. AVG Technologies has their
headquarters in the Netherlands. They have an office in Ireland. Those interested can find multiple stories
on the “Double Irish” or “Double Irish Dutch Sandwich”, a technique to significantly g reduce US taxes. Just saying! Apple and a number of US companies are being creative in using this technique.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
For those focused only on revenue (hello analysts), AVG’s 9
months subscription revenue and SMB revenue (less than 15% of their business),
is up for the first 9 months of 2014 versus 2013. Trailing revenue, Consumer
and Total Revenue, and US Revenue, all down. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
For those focusing more on the bottom line, net income,
consumer income, Net Income, Consumer Income, SMB Income, and Operating Income are all down for the
first 9 months of 2014.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
For those focusing on cash, Net Cash provided by operations
is down 35% for the first nine months of this year. The data below is from their latest Form 6-K, available on AVG's web site. </div>
<div class="MsoNormal">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWOmfEXYNQY-0ca4MjMrOimSMdf6LhWUSfuCEzrn2Khvy8QhwrEsuO61N2KL_A1ZeXlRYmgCbqBab02UH1XzFjpEwtReaKX22IAiSV4-m8XORDZZ0PvKAx1-_9jPFzF63KyOli/s1600/Screen+Shot+11-15-14+at+03.14+PM.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWOmfEXYNQY-0ca4MjMrOimSMdf6LhWUSfuCEzrn2Khvy8QhwrEsuO61N2KL_A1ZeXlRYmgCbqBab02UH1XzFjpEwtReaKX22IAiSV4-m8XORDZZ0PvKAx1-_9jPFzF63KyOli/s1600/Screen+Shot+11-15-14+at+03.14+PM.PNG" height="400" width="312" /></a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
One would have thought that the positive vibes and karma
emanating from the SF Giants home ball park (ATT Park) would have rubbed
off on AVG Technologies, given AVG’s US headquarters near proximity to the park. Not the
case, however. </div>
<div class="MsoNormal">
<br /></div>
<br />
<div class="MsoNormal">
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-33144902.post-37542206808418055622014-08-03T13:54:00.000-07:002014-08-03T13:54:35.406-07:00AhnLab Faces Uphill Battle in US – An Addendum <div class="MsoNormal">
<o:p></o:p></div>
<div class="MsoNormal">
This is an addendum the February blog - “AhnLab Faces Uphill
Battle in US against FireEye with AhnLab Malware Defense System (MDS)” <a href="http://kensek.blogspot.com/2014/02/ahnlab-faces-uphill-battle-in-us.html">http://kensek.blogspot.com/2014/02/ahnlab-faces-uphill-battle-in-us.html</a>
<o:p></o:p></div>
<div class="MsoNormal">
If AhnLab is going to make a go of it with their Advanced
Persistent Threat product, Malware Defense System (MDS), they must be doing it
in incredible stealth mode. And they
must be trying to do it from Korea, where AhnLab is headquartered. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
</div>
<ul>
<li>Their top US technology person left for a start-up early
this year</li>
<li>There have been no press releases added to the US web site
since November 2013</li>
<li>The company did appear at the Gartner Risk Security &
Management Summit in June following up their appearance at RSA SF. At RSA, they re_announced AhnLab MDS</li>
<li>AhnLab had posted that they were going to appear at Black
Hat Las Vegasin August. This was removed from
their web site.</li>
<li>Both AhnLab and FireEye complained about an update NSS Labs
issued to their 2013 Breach Detection study.
In the original, AhnLab and FireEye finished second and third
respectively. <a href="http://kensek.blogspot.com/2014/04/ahnlab-raises-issues-with-recent-nss.html">http://kensek.blogspot.com/2014/04/ahnlab-raises-issues-with-recent-nss.html</a> In the original update, they finished fifth
and sixth respectively. In the post
complaints update, AhnLab MDS ranked sixth and FireEye fifth. Both were far below the other four companies,
SourceFire, Trend Micro, Fortinet, and Fidelis. The updated value map is available at <a href="http://www.fortinet.com/sites/default/files/whitepapers/NSS-Labs-2014-BDS-SVM_0.pdf">http://www.fortinet.com/sites/default/files/whitepapers/NSS-Labs-2014-BDS-SVM_0.pdf</a></li>
<li>If you try to reach AhnLab at their 800 number,
800.511.Ahnlab (2465), you will receive a “you’ve reached a number that has
been disconnected or is no longer in service” message.</li>
</ul>
<br />
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Perhaps AhnLab is still trying to break into the US licensing
Malware Defense System. If so, they are being
incredibly quiet about
it. </div>
<br />
<div class="MsoNormal">
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-33144902.post-13067762799040623942014-08-02T20:14:00.000-07:002014-08-02T20:14:55.740-07:00An Alternative Look at AVG Technologies’ Q2 Earnings Report<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
AVG Technologies accounted their Q2 earnings report on July
30. The stock fell about 13% as the
company missed the Q2 revenue consensus of $91 M with revenues of $88 million. The stock proceeded to drop from $19.65 to $17.10
and they closed the week at $17.05. To
put a long-term perspective on this, AVG went public at around $16 in February
2002, and had a pop. A negative pop. Closing the day at just over $13.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Nonetheless, CEO Gary Kovacs stated, "I am pleased with our continued
execution against our long term strategy toward becoming the online security
company.”</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
One problem with the press is that they
will often only look at the company’s most recent earnings report and compare
revenue figures to target and nothing else.
Some will do a comparison to the most current quarter versus the same quarter last
quarter. What they should do is a deeper
dive into income, cash flow, margins, etc.
The table below compares the first six-month’s figures for AVG, versus the same time frame last year. They should also look at test results from firm's like AV-Comparatives.org av-test.org and Virus Bulletin. But that's potential material for another blog.</div>
<div class="MsoNormal">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiS5-g6_M8_26Rdpvj6av1h3F9tWIjvWUYyhuzNXi2WkH3Zf1j-vvKx93ycJR7SzwJDK40eJtGliB2M2wSuBChBmpWirR-hXGmUCdftAgfvHtHJ25Km5Vxmd65s_uHjT-73bTem/s1600/avg2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiS5-g6_M8_26Rdpvj6av1h3F9tWIjvWUYyhuzNXi2WkH3Zf1j-vvKx93ycJR7SzwJDK40eJtGliB2M2wSuBChBmpWirR-hXGmUCdftAgfvHtHJ25Km5Vxmd65s_uHjT-73bTem/s1600/avg2.jpg" height="640" width="406" /></a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Subscription revenue and SMB revenue for AVG Technologies is
up over that period. Everything else is
down. Even though SMB revenue increased,
income decreased. Revenue decreased
across all regions of the world. Revenue
from Google dropped precipitously. That
may be why on August 1, AVG announced that they were extending their
partnership with Yahoo.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
For those who want to look at cash flow to do their
analysis - net cash provided by
operations dropped by 37%. </div>
<div class="MsoNormal">
There is a lot of red in financial trends for AVG year over
year. Pdf’s of AVG Technologies
financial results are available at <a href="http://www.investors.avg.com/">www.investors.avg.com</a>
</div>
<div class="MsoNormal">
<br /></div>
<br />
<div class="MsoNormal">
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-33144902.post-59005143064263066392014-06-14T16:09:00.001-07:002014-06-15T16:31:06.328-07:00AV-Comparatives Releases Results of May Real World Protection Test. Testing Firm Now ISO 9001 Certified<div class="MsoNormal">
Austria based AV-Comparatives has released the results of
their May “Real World Protection Test”.
Bitdefender, the best anti-malware company you may have never heard of
topped all companies, with a 100% score and zero false positives. Only Panda also blocked 100%. This was with their free product! Avira had the top score among the largest
freemium vendors (with their internet security suite), blocking 99.5%.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
At the other end of the spectrum, Korea based AhnLab ranked
at the bottom of products tested, blocking only 87.5% of the threats (ouch),
the only company tested at less than 90%.
McAfee had the most false positives, with 16. The trend of market share leaders not being market
performance leaders continued, as both McAfee, and Trend Micro finished in the
bottom 1/3 of companies tested. Symantec
has opted out of being tested by AV-Comparatives (a disservice to customers,
IMHO). Man-up, SYMC. </div>
<div class="MsoNormal">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi-1QAlNSbTzXf4w_bPWjnVsE6b1-QcKWD6CyQf81P3wrCEjG67kA83fDtrjznKj7S7a61leJPpOpBfEjO8V2gMly_pnMaM0uB8u6Nkw1-VZqOpF20ZPK3GUGYGemY6nFH7ocTA/s1600/av-comp+may.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi-1QAlNSbTzXf4w_bPWjnVsE6b1-QcKWD6CyQf81P3wrCEjG67kA83fDtrjznKj7S7a61leJPpOpBfEjO8V2gMly_pnMaM0uB8u6Nkw1-VZqOpF20ZPK3GUGYGemY6nFH7ocTA/s1600/av-comp+may.jpg" height="338" width="400" /></a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The products included in the test were a mix of anti-virus,
internet security suites, paid, and free products. The exact versions used are listed in the report
and on the website.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The Real World Protection Test is just one of a number of
tests AV-Comparatives performs over the course of the year. They can be downloaded from the company
web-site <a href="http://www.av-comparatives.org/">http://www.av-comparatives.org/</a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
AV-Comparatives’ Real-World Protection Test framework has
been recognized by the “Standortagentur Tirol” with the 2012 “Cluster Award for
innovation in computer science” and by the “Austrian Government” with the 2013
“Constantinus Award.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>AV-Comparatives Receives ISO 9001 Certification</b></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
AV-Comparatives is now an ISO 9001 certified
organization. AV-Comparatives received
the certificate from TÜV Austria for their management system for the scope:
“Independent Tests of Anti-Virus Software” in early June.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<i>"ISO 9001:2008 specifies requirements for a quality
management system where an organization needs to demonstrate its ability to
consistently provide product that meets customer and applicable statutory and
regulatory requirements. The
organization has to enhance customer satisfaction through the effective
application of the system, including processes for continual improvement of the
system and the assurance of conformity to customer and applicable statutory and
regulatory requirements."</i> ISO 9001 is
currently under revision with the final release of the new standards due by the
end of 2015.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>About AV-Comparatives</b></div>
<div class="MsoNormal">
<b><br /></b></div>
<div class="MsoNormal">
AV-Comparatives is an independent not-for-profit
organization offering systematic testing that checks whether security software,
such as PC/Mac-based antivirus products and mobile security solutions, lives up
to its promises. Using one of the
largest sample collections worldwide, it creates a real-world environment for
truly accurate testing. AV-Comparatives
offers freely accessible results to individuals, news organizations, and
scientific institutions. Certification
by AV-Comparatives provides an official seal of approval for software
performance. </div>
<div class="MsoNormal">
<br /></div>
<br />Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-33144902.post-65902987237822621492014-05-01T17:46:00.000-07:002014-05-02T08:06:55.476-07:00Palo Alto Networks, Check Point top Products in Gartner Magic Quadrant for Enterprise Network Firewalls - 2014<br />
<div class="MsoNormal">
As is probably no big surprise to those in the industry and those purchasing network security products,
Palo Alto Networks (PAN) and Check Point had the top rated products in the 2014
Gartner Magic Quadrant for Enterprise Network Firewalls. The report came out in April. These are the only two companies in the
Leaders Quadrant, with Palo Alto Networks leading on Completeness of Vision and
Check Point for Ability to Execute. Fortinet and Cisco were the closest to the
in the Challengers quadrant. The report,
ID:G00258296 is available on the PAN web site for those who register. <a href="http://connect.paloaltonetworks.com/gartner-mq-2014">http://connect.paloaltonetworks.com/gartner-mq-2014</a><o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Palo Alto Networks pretty much was the originator of the
acronym NGFW or Next Generation Firewall, and PAN and Check Point Software Technologies
companies compete for many of the same customers. Last year, PAN introduced
their Wildfire infrastructure, enabling the PAN firewall to detect and stop
Advanced Persistent Threats (APTs) This is offered to customers via the public
cloud or can be deployed as a private cloud. Gartner also wrote that PAN was
consistently on most NGFW competitive shortlists. PANS Advanced Persistent Threat Solution was not
among those recently tested by NSS Labs in their April Breach Detection Study. <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Check Point was cited by Gartner as being the market share
leader in firewall installed base. They offer an extensive line of security
appliances and were also delivered the industry’s first flexible, extensible
security architecture, the Check Point Software Blade Architecture. Check Point’s
Anti-Bot Software Blade detects bot-infected machines, prevents bot damages by
blocking bot C&C communications. This isn’t a comprehensive Advanced
Persistent Threat Solution, but it helps protect the network. <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
PAN’s product portfolio isn’t quite as extensive Check Point’s,
they do offer a virtualized firewall platform
in addition to the more traditional appliance offering, threat subscriptions
for URL filtering, and a management platform. <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Fortinet was rated a Challenger by Gartner. They stated
Fortinet was “not often beating Leaders in mainstream enterprise selections
based on features and vision, nor causing Leaders to react to Fortinet.” <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Cisco was rated a Challenger as well. Gartner didn’t seem them displacing PAN nor
Check Point on the basis of visions or features. They saw Cisco winning firewall business through
channel “execution and “aggressive discounting”.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Juniper Networks completed the trio of companies in the
Challenger quadrant. McAfee was a leader
in the Niche quadrant. <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Offerings from F5, Arkoon-Netasq, and AhnLab were the
furthest down and to the left in the Magic Quadrant. <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Check out the complete report. For an assessment of all sixteen vendors in
the report. Some names you’re familiar with may be missing due to
consolidation. Gartner also has some brief information on why virtualized
firewall penetration is a less than two percent. “Security-minded enterprises are also rightly
skeptical of running firewalls within a hypervisor that is between the threat and
the firewall,” according to Gartner. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Regarding the Leaders
quadrant from the Gartner Magic Quadrant Endpoint report - “A leading vendor
isn't a default choice for every buyer, and clients should not assume that they
must buy only from vendors in the Leaders quadrant. Some clients believe that Leaders are
spreading their efforts too thinly and aren't pursuing clients' special needs.”<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
For more details on the Magic Quadrant and how it is
created, read “Magic Quadrants and MarketScopes: How Gartner Evaluates Vendors
within a Market”. Sometimes a leader is
not the best solution for a particular customer. Despite that, you will see many presentations where the vendor uses being in
the Leaders quadrant as a reason to buy
from that particular vendor. Who would
have thought that they would do that? <a href="http://www.gartner.com/">www.gartner.com</a> <o:p></o:p><br />
<br />
Some of NSS Labs reports are available at no charge. <a href="http://www.nsslabs.com/">www.nsslabs.com</a><br />
<br />
craig kensek</div>
<br />Unknownnoreply@blogger.com2tag:blogger.com,1999:blog-33144902.post-19035903374596704402014-04-30T20:25:00.000-07:002014-05-01T13:56:39.686-07:00AhnLab Raises Issues with Recent NSS Labs Breach Detection Study<div>
FireEye isn’t the only vendor displeased with their results
and NSS Labs' methodology for their latest Security Value Map.
AhnLab, whose Malware Defense System (MDS) product finished near the
bottom of the Breach Detection Systems Security Value Map adjacent to FireEye, has
posted their displeasure with the testing on their home page. </div>
<div>
<br /></div>
<div>
AhnLab declined
to participate in the 2014 public test. AhnLab, Fidelis, and FireEye had participated
in the 2013 private test. Ultimately, Fidelis made their results publicly
available on their website. Neither FireEye nor AhnLab chose to do so, though AhnLab
did release some of the Malware Defense System results.</div>
<div>
<br /></div>
<div class="MsoNormal">
<o:p></o:p></div>
<div class="MsoNormal">
NSS Labs’ test
evaluated 6 products from leading BDS vendors.
Four of the six products received the "Recommended" rating from NSS, Sourcefire,
Trend Micro, Fortinet, and Fidelis. Neither
FireEye nor AhnLab didn’t. <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>AhnLab’s Main
Points<o:p></o:p></b></div>
<div class="MsoNormal">
<b><br /></b></div>
<div class="MsoNormal">
</div>
<ol>
<li>Two separate public tests, were consolidated into one report
without notice - AhnLab wrote that NSS never informed them the
results would be published regardless of participation. This may or may not be
true as many of the participants on the AhnLab side are no longer with the
organization.</li>
<li>Two separate tests from two different years require two
separate reports - If the same malware
sample set was used from 2013 for the 2014 test, AhnLab felt that it would be inaccurate to publish all of the
participants, from 2013 and 2014 together, because newcomers to the study may have (had)
a time advantage.</li>
</ol>
<br />
<div class="MsoNormal">
For complete details, go to <a href="http://us.ahnlab.com/html/notice/20140408.jsp">http://us.ahnlab.com/html/notice/20140408.jsp</a><o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
For a copy of the NSS Labs April Breach Detection Systems
Security Value Map (SVM) and Comparative Analysis Reports (CARs), go to <a href="https://www.nsslabs.com/breach-detection-systems-bds-security-value-map-download">https://www.nsslabs.com/breach-detection-systems-bds-security-value-map-download</a><o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Some of the above sounds like a failure to communicate on
both NSS Labs and AhnLab’s part. Neither side appears to have done due
diligence here.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Only three companies completed
participation in the 2013 test, not ten or more, as AhnLab writes in their
response. They may have a valid response
about products with several more months “experience” having their results
compared to products without that experience.
That notwithstanding, 3<sup>rd</sup> party test results is one aspect of
comparing products that companies need to utilize. The test results demonstrate
that there is more than just FireEye, Fidelis, and AhnLab that need to be
considered.<o:p></o:p></div>
<br />Unknownnoreply@blogger.com2tag:blogger.com,1999:blog-33144902.post-86347473649915050072014-04-20T15:58:00.000-07:002014-04-20T16:15:10.604-07:00When Being an “A” Company Rates a “D”. AV-Comparatives Releases “File Detection Test of Malicious Software” Report<div class="MsoNormal">
Not a stellar performance by three firms beginning with A in
AV-Comparatives March “File Detection Test of Malicious Software.” Avast – 20th, missing 2.3% of the samples. AVG Technologies – 21<sup>st</sup>, misses 2.5% of the
samples, and AhnLab 22<sup>nd</sup>, missing 11% of the samples. Baidu broke the A’s stranglehold on the bottom
by leading all companies with 111 false positives, followed by Avast with 95.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Sixteen products did receive AV-Comparatives’ three star
designation, led by Kaspersky, F-Secure, and eScan, respectively. Avira, another A company, also received three
stars. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
AV-Comparatives takes care to point out that for this test,
“Although very important, the file detection rate of a product is only one
aspect of a complete anti-virus product.
AV-Comparatives also provides a
whole-product dynamic “real-world” protection test, as well as other test
reports that cover different aspects/features of the products”.</div>
<div class="MsoNormal">
</div>
<div class="MsoNormal">
The “Whole Product Dynamic Real World Detection" and “File
Detection Test of Malicious Software” tests are both available on the AV-Comparatives web site, <a href="http://www.av-comparatives.org/">www.av-comparatives.org</a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
One interesting thing about the products tested in this
report is that nine of the engines under the hood in testing were licensed from
two companies, BitDefender and Avira. Details
are available in the report. BitDefender has an overall detection rate of 99.5%.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>About AV-Comparatives<o:p></o:p></b></div>
<div class="MsoNormal">
<b><br /></b></div>
<div class="MsoNormal">
AV-Comparatives is an independent not-for-profit
organization offering systematic testing that checks whether security software,
such as PC/Mac-based antivirus products and mobile security solutions, lives up
to its promises. Using one of the
largest sample collections worldwide, it creates a real-world environment for
truly accurate testing. </div>
<br />
<div class="MsoNormal">
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-33144902.post-54533509943533496892014-04-13T18:56:00.000-07:002014-04-13T19:03:14.302-07:00Fire in FireEye Valuation Gets Doused (slightly) With Release of NSS Breach Study Report – He Said, She Said Begins<div class="MsoNormal">
NSS Labs issued their Breach Detection Security Value Map on
April 2 Neither FireEye nor AhnLab can be pleased. In brief, the Value Map measures security
effectiveness on the Y-axis and Total Cost of Ownership (TCO) per protected
MbPS on the X-axis. AhnLab and FireEye finished in the
dreaded lower left hand corner with FireEye coming in last in security
effectiveness (AhnLab was close). AhnLab had the highest TCO per
Protected MBPS. The other four company’s products were in the upper right hand
quadrant (Quadrant 1), Fidelis, Fortinet, Trend Micro, and SourceFire. They were all around 98% to 99% effective in
NSS testing. SourceFire was the winner, overall. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
From NSS, “Quadrant 1 contains those products
that are recommended for both security effectiveness/management and value. These devices provide a very high level of protection,
manageability, and value for money.”
This document is publicly available from Fortinet as is a detailed
report for their FortiSandbox 200D appliance. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<a href="http://www.fortinet.com/resource_center/whitepapers/breach-detection-systems-beyond-hype.html">http://www.fortinet.com/resource_center/whitepapers/breach-detection-systems-beyond-hype.html</a>
</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Key findings mentioned in the press release - “Four of Six
Leading Vendors Receive Coveted NSS ‘Recommended Rating’”</div>
<div class="MsoNormal">
</div>
<ul>
<li>Four of six products tested achieved over 95% in overall
security effectiveness: five of the six also received a 0% false
positive rate. AhnLab was the sixth with
a 7% false positive rate. FireEye had
the lowest security effectiveness, around 94.5%. </li>
<li>Money Doesn’t Always Buy the Best Security: Total Cost of
Ownership per Protected-Mbps ranged from $231 to $468 with the highest priced
solution, Conversely, Sourcefire (Cisco) had the lowest
TCO and also received one of the highest security effectiveness ratings.</li>
<li>All BDS Solutions Performed At or Above Vendor Throughput
Claims</li>
</ul>
<br />
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<a href="https://www.nsslabs.com/news/press-releases/nss-labs-reveals-first-security-value-map%E2%84%A2-breach-detection-systems">https://www.nsslabs.com/news/press-releases/nss-labs-reveals-first-security-value-map%E2%84%A2-breach-detection-systems</a>
</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
NSS Labs did not receive any compensation in return for
vendor participation; All testing and research was conducted free of charge.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>FireEye Stock Price (FEYE)</b></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
FireEye stock has dropped 49% percent from its March high of $97.35 to closing at $47.33 on April 11. 52-week range - $33.30 - $97.35. It will be interesting now to see how the stock performs. Q1 results won’t be announced until May 6. Note - The stock was at $61.49 on April 2 when the report was released. FireEye's Q1 results won’t be comparable to last year’s Q1 since revenue from their Mandiant acquisition after January 1 will be included. The stock is up about 15% since the beginning of the year. NASDAQ is down about 3% ovr the same period of time.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
When you’re the market share leader, finishing low in an
impartial test, one defense is to attack the attacker.</div>
<div class="MsoNormal">
</div>
<div class="MsoNormal">
<b>He Said - FireEye</b></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
"We are a vendor that specializes in advanced attack
detection, not in detecting known, stale samples,” Gupta, FireEye Vice
President of Products said. "We ran
their malware samples in our lab and detected every single one of them." A valid test would have used a zero-day exploit to evaluate
the detection capabilities of the appliances or, at a minimum, the testing
could have been done in a live, customer environment, Gupta added.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
FireEye was quick to reply in a blog “Real World vs. Lab
Testing: The FireEye Response to NSS Labs Breach Detection Systems Report” At a
high level: </div>
<div class="MsoNormal">
</div>
<ul>
<li>Issue
#1: Poor sample selection</li>
<li>Issue #2: Differing
definitions of advanced malware</li>
<li>Issue #3: Poor test
methodology. </li>
</ul>
<br />
<div class="MsoNormal">
FireEye offered several paragraphs of detail for each of the
above. It is worth reading the blog. </div>
<div class="MsoNormal">
<a href="http://www.fireeye.com/blog/corporate/2014/04/real-world-vs-lab-testing-the-fireeye-response-to-nss-labs-breach-detection-systems-report.html">http://www.fireeye.com/blog/corporate/2014/04/real-world-vs-lab-testing-the-fireeye-response-to-nss-labs-breach-detection-systems-report.html</a>
</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
“The best way to evaluate FireEye is for an organization to
deploy our technology in their own environment and they will understand why we
are the market leader in stopping advanced attacks, “said Dave Merkel, CTO in
an April 2 Network World article. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>She Said – NSS Labs</b></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
NSS Labs was also quick to replay in a blog “Don't Shoot the
Messenger”</div>
<div class="MsoNormal">
Their response is also good reading as most of the response
consists of a 20-bullet point “FireEye Claim” and “NSS
Response” table. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
“Not everyone can end up in the top right quadrant of the
NSS Labs Security Value Map™ (SVM), so it is not unusual for someone to be
unhappy. It is, however, unusual for
someone to behave the way FireEye did in this instance. Normally we would not respond to such
attacks, but there are a number of untruths and misdirection’s in their blog
post that we feel we must address”, stated Bob Walder, President, and Chief
Research Officer at NSS. “FireEye’s
results were not that bad. The real
issue here is that FireEye now has credible competition in the BDS market place
and the data from this NSS test shows it.”</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<a href="https://www.nsslabs.com/blog/dont-shoot-messenger">https://www.nsslabs.com/blog/dont-shoot-messenger</a>
</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>How Did This Begin</b></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Three companies were tested last summer by NSS Labs in their
initial breach study, AhnLab, FireEye, and Fidelis. Fidelis made their report publicly available
and challenged FireEye to do the same. AhnLab
issued a press release about their results, and in a blog went, “FireEye,
hello?” No press release by FireEye on
their results. Demerits to publications
not asking about this! With respect to
the three companies, NSS has a multi-page document letting the firms tested know
what they can do with the test results. One
thing they can’t do is start-doing comparisons with other companies, combining
charts, et cetera from the reports. The
reports were available for purchase. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>And What about NSS Labs’ Reputation?</b></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
In “IT Security Survey 2014” by test group AV-Comparatives (<a href="http://www.av-comparatves.org/">www.av-comparatves.org</a>), issued
in February, NSS Labs came in ninth out of 15 vendors. Over 5800 users responded to the survey. </div>
<div class="MsoNormal">
<a href="http://www.av-comparatives.org/security-usage-surveys/">http://www.av-comparatives.org/security-usage-surveys/</a>
</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>Timing Means Everything When Stock is Sold</b></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
On March 12, insider transactions of FireEye stock at $79.54
included: </div>
<div class="MsoNormal">
</div>
<ol>
<li>Norwest Venture Partners IX, LP sold 2 million shares,
grossing $160 million.</li>
<li>FireEye CTO Aziz Ashar sold 1.04 million shares, grossing
$83 million</li>
<li>FireEye CEO Dave DeWalt sold 486 thousand shares grossing
$38 million</li>
</ol>
<br />
<div class="MsoNormal">
Insiders can’t sell shares whenever they want. There are windows near the release of financial results that they can’t do anything. A more comprehensive list of insider transactions can be
viewed at</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<a href="http://finance.yahoo.com/q/it?s=FEYE+Insider+Transactions">http://finance.yahoo.com/q/it?s=FEYE+Insider+Transactions</a>
</div>
<div class="MsoNormal">
</div>
<div class="MsoNormal">
It’s difficult to test security products. Every environment is unique. The best way for companies to evaluate
products is to bring them in and to look at tests by reliable test groups. The report by NSS Labs probably means that
FireEye will face more testing in house by potential vendors rather than just be evaluated separately. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Twitter - ckensek</div>
<div class="MsoNormal">
<br /></div>
<br />
<div class="MsoNormal">
<br /></div>
Unknownnoreply@blogger.com0