Most security products fail to performNovember 16, 2009 – 9:59 AM
Nearly 80 percent of security products fail to perform as intended when first tested and generally require two or more cycles of testing before achieving certification, according to a new ICSA Labs report. The “ICSA Labs Product Assurance Report” – co-authored by the Verizon Business Data Breach Investigations Report research team – details lessons gleaned from testing thousands of security products over 20 years.
The report found the number one reason why a product fails during initial testing is that it doesn’t adequately perform as intended. Across seven product categories core product functionality accounted for 78 percent of initial test failures. For example, an anti-virus product failing to prevent infection and for firewalls or an IPS product not filtering malicious traffic.
The failure of a product to completely and accurately log data was the second most common reason. Incomplete or inaccurate logging of who did what and when accounted for 58 percent of initial failures.
The report findings suggest that logging is often considered a nuisance and undervalued. According to the report, logging is a particular challenge for firewalls. Almost every network firewall (97 percent) or Web application firewall (80 percent) tested has experienced at least one logging problem.