5 Pitfalls For Emerging Endpoint Security Vendors
Alerts, Alerts, Alerts
Speaking to incident responders at a conference in Boston last summer, Eugene Spafford, a noted computer security expert and professor of computer science at Purdue University, said far too many emerging security technologies can detect and alert on an infection but don’t have the capability to do anything about it. The alerts could obstruct response by generating warnings that make security analysts investigate low-risk infections and suspicious files that pose little or no threat. There are emerging security vendors introducing agents in an attempt to put more context behind alerts. The technology typically integrates with security information event management systems.