Written By Roark Pollock And Presented By Ziften CEO Chuck Leaver
Security practitioners are by nature a mindful bunch. Being cautious is a quality most folks likely have entering into this industry given its mission, however it’s also surely a quality that is picked up gradually. Paradoxically this is true even when it pertains to including additional security precautions into an already established security architecture. While one might presume that more security is better security, experience teaches us that’s not necessarily the case. There are actually various concerns related to deploying a new security product. One that almost always appears near the top of the list is how well a brand-new product integrates with other incumbent services.
Integration concerns can be found in a number of tastes. Primarily, a new security control should not break anything. However additionally, new security products have to gracefully share threat intelligence and act upon danger intelligence gathered throughout an organization’s whole security infrastructure. To put it simply, the new security tools should interact with the existing environment of tools in place such that “1 + 1 = 3”. The last thing that the majority of security and IT operations groups need is more siloed services/ tools.
At Ziften, this is why we’ve always focused on developing and delivering a completely open visibility architecture. We believe that any new systems and security operations tools need to be produced with improved visibility and information sharing as key product requirements. But this isn’t really a one-way street. Developing easy integrations requires innovation partnerships with market suppliers. We consider it our obligation to deal with other innovation companies to equally integrate our products, hence making it easy on customers. Sadly, numerous suppliers still believe that integration of security services, specifically brand-new endpoint security products is extremely tough. I hear the concern constantly in client conversations. But information is now appearing showing this isn’t really always the case.
Recent study work by NSS Labs on “sophisticated endpoint” products, they report that Global 2000 customers based in the United States and Canada have actually been happily shocked with how well these types of products integrate into their existing security architectures. According to the NSS research study entitled “Advanced Endpoint Protection – Market Analysis and Survey Results CY2016”, which NSS consequently provided in the BrightTalk webinar listed below, participants that had actually already deployed sophisticated endpoint items were much more favorable regarding their ability to integrate into existing security architectures than were respondents that were still in the planning stages of acquiring these products.
Particularly, for participants that have already released advanced endpoint services: they rank integration with already established security architectures as follows:
● Excellent 5.3 %
● Good 50.0 %
● Average 31.6 %
● Poor 13.2 %
● (Terrible) 0.0 %
Compare that to the more conservative responses from people still in the preparation stage:
● Excellent 0.0 %
● Good 39.3 %
● Average 42.9 %
● Poor 14.3 %
● (Awful) 3.6 %
These reactions are motivating. Yes, as noted, security folks have the tendency to be pessimists, however in spite of low expectations participants are reporting positive outcomes with respect to integration experiences. In fact, Ziften consumers typically show the very same preliminary low expectations when we initially go over the integration of Ziften products into their already established community of products. However in the end, customers are wowed by how easy it is to share details between Ziften services and their already established infrastructure.
These survey results will hopefully assist reduce concerns as newer service adopters might check out and count on peer recommendations before making purchase choices. Early traditional adopters are clearly having success deploying these services which will hopefully help to minimize the natural cautiousness of the true mainstream.
Definitely, there is considerable distinction with products in the space, and companies should continue to carry out appropriate due diligence in understanding how and where products integrate into their broader security architectures. However, fortunately is that there are solutions not just satisfying the requirements of customers, however actually out performing their preliminary expectations.