After more than 20 years of underwhelming results, security leaders have accepted their intrusion detection system (IDS) programs as no more than a compliance checkoff. It’s no secret that IDS’s reliance on bi-modal signatures is brittle, easily evaded and often referred to as an “alert cannon.” Time has not been kind to IDS and has created wide security gaps. With low IT budgets and the rise of the cybersecurity jobs crisis, organizations are in need of a centralized way to optimize workflow by integrating detection, investigation and response into a single tool. And that’s not to mention the lack of coverage traditional IDS solutions provide. According to the Verizon 2020 Data Breach and Incident Response (DBIR) report, out of 3,000 investigated breaches, 97.5 percent were caused by attacks that IDS wasn’t designed to detect. To combat the outdated nature of IDS, organizations should adopt next-generation IDS (NG-IDS) to fulfill the defense-in-depth promise unmet by legacy IDS. NG-IDS is effective against more types of attacks and fills glaring decryption and cloud compliance gaps while improving security. IDS Erosion Over Time IDS boomed in the ’90s as security frameworks like the SANS 20 Critical Security Controls and mandates like PCI DSS called out IDS by name. But even after a quarter of a century of IDS innovation and adoption across many enterprises, the same challenges persist. NIST 800-94, written in 2007, calls out the top challenges of that time, including…
https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png 0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2021-09-17 09:20:002021-09-17 09:20:00Ditch the Alert Cannon: Modernizing IDS is a Security Must-Do
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email firstname.lastname@example.org