Most security products fail to perform

"The "ICSA Labs Product Assurance Report" - co-authored by the Verizon Business Data Breach Investigations Report research team - details lessons gleaned from testing thousands of security products over 20 years.

"The report found the number one reason why a product fails during initial testing is that it doesn't adequately perform as intended. Across seven product categories core product functionality accounted for 78 percent of initial test failures. For example, an anti-virus product failing to prevent infection and for firewalls or an IPS product not filtering malicious traffic.

"The failure of a product to completely and accurately log data was the second most common reason. Incomplete or inaccurate logging of who did what and when accounted for 58 percent of initial failures.

"The report findings suggest that logging is often considered a nuisance and undervalued."

Complete Story

Related Stories:

• Oops, e-mail security vendor McAfee spills 1400 private names(Jul 31, 2009)
• Kaspersky confirms hack with fingers firmly in ears(Feb 09, 2009)
• Kaspersky database exposed(Feb 09, 2009)
• Trend Micro: Antivirus Industry Lied for 20 Years(Jul 16, 2008)
• Torvalds bashes vendor-sec private Linux security list(Aug 17, 2009)
• BIND 9 DNS under attack - time to update(Jul 29, 2009)
• Software liability law could divide open source(Jun 11, 2009)
• Government Users Start Looking Under Linux Hood(May 26, 2009)
• Should Software Developers Be Liable for their Code?(May 11, 2009)