NNSS Labs recently updated their Breach Prevention System (BPS) test methodologies, and in August 2019 they unveiled the 2019 BPS group test results. This new BPS test is designed to assess the ability of security solutions to not only simply detect, but also prevent emerging and unknown threats within 15 minutes of a breach. This is a critical capability for organizations concerned with today’s sophisticated threats, especially for Security Operations teams that are accountable for securing business initiatives and yet are understaffed, and are stuck with manual processes to provide continuous monitoring, threat and anomaly investigation, and human-initiated responses to security incidents.
What this new round of testing found (among others) is that the Fortinet Breach Protection solution – including its advanced threat detection deployed natively in AWS, and integrated across a broad set of security solutions protecting today’s distributed attack surface – dramatically changes the game. Replacing traditionally time-consuming detection and manual response methods with an integrated, automated, and highly granular detection, prevention, and response system can mean the difference between saving an organization from an unknown attack and being a victim.
Specifically, the Fortinet solution – comprised of FortiSandbox, FortiGate, and FortiClient – demonstrated a security effectiveness rate of 98.7%, with zero false positives. Combined with outstanding performance and exceptional TCO, Fortinet earned another highly coveted NSS Labs Recommended rating. And perhaps just as importantly, this latest Recommended rating for BPS is simply the latest in a long list of NSS recommendations for SD-WAN, NGFW, DCSG, DCIPS, WAF, NGIPS, BDS, and AEP*.
Failure is the Mother of Success, and nowhere is that more true that when applied to combating cyber threats. Every failed cyber campaign contributes to the ongoing evolution of cyber attacks, both in terms of sophistication and persistence. This ongoing refinement and improvement process has led to today’s sophisticated and rapidly evolving cyber attacks of today, which is why they are so increasingly difficult to detect and repel.
And that’s just the beginning. We are now seeing the use of AI to mine for and exploit new zero-days, to create new malware variants at machine speeds, and to enhance threat campaigns by changing tactics across different attack vectors to enable the self-discovery of vulnerabilities to establish a toehold within an organization. Combined with a rapidly expanding and evolving networked ecosystem of clouds, mobile devices, IoT, and applications, today’s understaffed Security Operations team have their hands full with managing dozens of isolated management consoles, disparate security policies, and siloed security products.
So Does Technology
The currently unprecedented level of vendor and solution sprawl can be overwhelming. To effectively respond, defense systems need to not just evolve alongside the cybercriminal community, but faster than they possibly can.
Fortinet’s Security Fabric platform creates an end-to-end security architecture by enabling solutions to correlate threat intelligence and quickly identify sophisticated and highly evasive threats, simplify threat response management, and accelerate threat response times.
One foundational element of this Security Fabric strategy involves integrating advanced threat protection (i.e. sandboxing) with Fortinet and non-Fortinet Fabric-Ready solutions to protect organizations and digital assets across a broad set of threat vectors against unknown threats. Behind the scenes, that sandbox acts as an intelligence hub, providing centralized analytics and the sharing of local and global threat intelligence for newly discovered threats. When combined with a fully automated prevent-detect-mitigate lifecycle across the entire attack surface, organizations are able to establish and maintain an effective mechanism to counter even highly automated attacks, which not only efficiently protects networks, but also goes a long way towards solving the cybersecurity talent shortage.
And Security Tests
To provide an effective and reliable measure for the effectiveness of today’s security solutions, it’s natural – and essential – for third party test vendors to evolve their testing methodologies to help security vendors and customers alike to validate and ensure that the latest round of security solutions have indeed kept pace with new malware techniques. To do just that, NSS Labs’ BPS v2.0 test bed has introduced a number of new tests, including physical access and malicious insider attacks, advanced attacks against system hardware, data exfiltration, and single application flows (e.g. SMTP, YouTube, WebEx, etc.)
For detailed explanations of these new tests, please refer to NSS BPS Test Methodology v2.0.
Proven Technology from Fortinet
Fortinet submitted their breach protection solution to NSS Labs for testing – consisting of FortiGate, FortiClient, and FortiSandbox (operating natively on AWS), which are all part of the Fortinet Security Fabric platform – for this iteration of rigorous BPS testing. Based on the default configurations of our solution, the NSS Labs BPS result highlights include:
- 97.8% Security Effectiveness
- 100% success rate for detecting and blocking across all malware categories (except IMAP, which has an overall success rate of 99.5%)
- 0% for False Positives
- Low 3-year TCO
The full BPS report can be downloaded here.
Consistent Results Year After Year
Fortinet has now earned a “Recommended” rating for NSS Labs Breach Prevention for two years in a row, ever since the test was first established. FortiSandbox has similarly proven itself in the NSS Labs Breach Detection Systems group tests, earning a Recommended rating five out of the last five years. And when combined with our growing list of NSS Labs Recommended awards for other Fortinet solutions, they serve as a testament not only to Fortinet’s commitment to independent testing, but also as an assurance that we are committed to continually evolving Fortinet’s Security Fabric technologies to enable organizations to securely achieve their digital transformation objectives.
Read the NSS Labs 2019 Breach Prevention Systems Group Test report here. To learn more about Fortinet’s Security Fabric, click here. To see how customers benefit from adopting the Fortinet Security Fabric, click here. And to better understand how Fortinet’s ATP solution works, click here.
*Software Defined Wide Area Network (SD-WAN), Next Generation Firewall (NGFW), Data Center Security Gateway (DCSG), Breach Detection Systems (BDS), Next Generation Intrusion Prevention System (NGIPS), Data Center Intrusion Prevention System (DCIPS), Advanced Endpoint Protection (AEP), and Web Application Firewall (WAF).