1.
Teen solves centuries-old math problem
MECHANICSBURG, Pa., Nov. 18 (UPI) -- Nearly 80 percent of security products fail to perform as intended when they are first tested and often require two or more rounds of tests before they can secure certification, a new report warns.
The ICSA Labs Product Assurance Report, the first study of its kind co-authored by the Verizon Business Data Breach Investigations Report research team, lists lessons learned from testing thousands of security products over 20 years.
Analysts said the report's findings meant that product-development processes were taking longer to perfect and therefore were likely to cost more.
The United States marked October as cybersecurity month to highlight threats posed by cybercrime, identity theft and other computer-related criminal activities. Loopholes and faults in computer systems are seen behind most of the cybercrime, which costs governments and corporations tens of billions of dollars every year.
The report found that the main reason a product fails during initial testing is that it does not perform as intended.
The research looked at seven product categories and found that 78 percent of the products examined failed initial tests. Among examples cited in the report were an anti-virus product that failed to prevent infection of a computer and a system product that failed to filter out malicious traffic.
The failure of a product to completely and accurately log data was the second most common reason security products do not perform as intended, the report found.
Incomplete or inaccurate logging of who did what and when accounted for 58 percent of initial failures.
The report said that some vendors and enterprise users consider logging a nuisance and merely a "box to check." Logging is a particular challenge for firewalls. Almost every network firewall -- 97 percent -- or Web application firewall -- 80 percent -- tested experienced at least one logging problem.
The report found that 44 percent of security products had inherent security problems, including vulnerabilities that compromise the confidentiality or integrity of the system and random behavior.
The report advises procurement agencies to beware of outlandish performance claims, choose more established products over new ones and choose simplicity over complexity.
ICSA Labs is an independent division of Verizon Business, a unit of Verizon Communications, a leader in communications and information technology solutions.
|
|
|
|
|
|
| Additional Security Industry Stories | |
NICOSIA, Cyprus, May 25 (UPI) --
Turkey says waters off the coast of war-divided Cyprus where Greek Cypriots plan to explore for natural gas lie within its continental shelf, sharpening multi-sided disputes over major fields under the eastern Mediterranean.
|
NEWPORT NEWS, Va., May 25 (UPI) --
The U.S. Navy's 10th Virginia-class submarine has reached "pressure hull complete" status in its construction by Huntington Ingalls Industries.
|
First-time buyers are driving the expectations that a recovery has begun. Their numbers and market share are growing despite financing roadblocks and competition with investors for entry-level homes. ...
|
The photos are familiar, but the captions are not, as economic tension skips across the continent of Europe.
|
| Stories | Photos | People | Comments |
View Caption
