Validation

Cybersecurity Challenges:¹²

The ongoing cybersecurity skills shortage has two major implications. The most obvious is a shortage of talented cybersecurity professionals, with simply more cybersecurity job openings than qualified candidates to fill them. The second is at least as important: Many members of the current cybersecurity workforce lack the advanced skills necessary to safeguard critical business assets or counteract sophisticated cyber-adversaries. This helps to explin why preventative protection was the most cited core capability of endpoint security solutions in an ESG survey of cybersecurity professionals.

Co-Author (s):Tony Palmer

Cyber-recovery Data Protection Challenges

IT executives are noticing an increasing risk of cyber-attacks. And this risk is leading them to build more comprehensive data protection and cyber-resiliency strategies in an effort to protect their organizations from the detriments of application downtime and lost data. ESG research also shows that loss of employee productivity is the most cited impact that respondents believe could result from application downtime or lost data, followed by other challenges such as diversion of IT resources from business-critical projects, loss of customer and employee confidence, loss of revenue, and more.

Introduction

This ESG Technical Validation documents testing of IBM Cloud Pak for Security, with a goal of verifying how it can help organizations to maximize both the effectiveness and efficiency of incident response, threat remediation, and risk management within their existing security operations workflows.

Network Security Challenges: ¹

Introduction

This ESG Technical Validation documents evaluation of security features and controls for Google Cloud Data Analytics. We evaluated how five aspects of security—encryption, data loss prevention (DLP), identity and access management (IAM), protection from data exfiltration, and logging/access transparency—contribute to increasing security and transparency for data analytics projects using Google Cloud Platform.

Abstract

This ESG Technical Review documents ESG’s evaluation and analysis of how HCL AppScan can help developers continuously secure applications using policies defined by security specialists. We also evaluate how AppScan can easily be integrated into CI/CD pipelines and support other aspects of DevSecOps initiatives to provide continuous application security at scale.

Abstract

This ESG Technical Review documents ESG’s evaluation and analysis of how developers can easily integrate Google reCAPTCHA Enterprise into public-facing web applications. We also evaluate how effectively reCAPTCHA can defend web applications from common automated threats and attacks while never interrupting users with a challenge.

Introduction

ESG evaluated the Illusive Networks Platform with a focus on validating its ability to simply and efficiently preempt attacks before they occur where possible, protect against attackers inside the perimeter, and respond to incidents with fast data-driven decisions, regardless of where assets are located, or where the attacks originated. Illusive’s ability to scale deception technology quickly and easily was also of interest.

Abstract

This ESG Technical Review of Respond Analyst focuses on how the solution functions as a virtual cybersecurity analyst, analyzing cybersecurity telemetry, aggregating many events and alerts into security incidents, and efficiently and effectively presenting incidents to the security team for investigation and remediation.

Abstract

This ESG Technical Review documents testing and analysis of BMC’s TrueSight Automation for Networks, with a focus on configuration, patching, vulnerability management with automated remediation, and compliance features.