NSS Labs tests the world’s security products. Based in Austin, Texas, the company’s research and testing laboratory is recognized globally as the most trusted source for independent, fact-based cybersecurity guidance. C-Suite executives and information security professionals from many of the world's most demanding global enterprises rely on NSS Labs to accelerate security decisions with greater confidence. For more information, visit www.nsslabs.com.
Cloud Security
NSS Labs considers cloud workload protection (CWP) technology the best option for many organizations looking to secure workloads being moved to the cloud. This test includes data to help enterprises understand how effective CWP products are at protecting cloud-resident workloads against several common threat scenarios. Cloud security is a radical departure from traditional security approaches. Enterprises migrating to the cloud often start with local (on-premises) virtualization and then move an entire application or parts of an application to a cloud provider infrastructure (IaaS). It is this scenario that CWP technology supports. Whether the IaaS destination is a virtual machine (VM) running in a provider environment or a container technology (e.g., Kubernetes, Docker, Rkt, etc.), CWP te
Data Security
Four of the industry’s leading data center deep inspection firewall products were tested to compare product capabilities for security effectiveness (exploit block rate, evasion techniques, and stability & reliability), total cost of ownership (TCO), and performance.
Firewall Security
The next generation firewall (NGFW) is the first line of defense against today’s threats, and as such, is a critical component of any defense-in-depth strategy. The NGFW market is one of the largest and most mature in the cybersecurity industry. NGFW technologies have evolved from packet filtering and circuit-level gateways to application layer (proxy-based) and dynamic packet filtering firewalls that use port and protocol combinations to create and enforce access control policy between trusted and untrusted networks.
Incident & Breach Response
Breach Prevention Systems (BPS) are solutions suites that involve the integration of different products such as endpoint, network, sandbox, cloud, and other protections. Vendors have been claiming for years that if enterprises purchase their entire suite, they will see better results. Enterprises asked us if this was true, as many perform technology proofs-of-concept (PoCs), but few have the resources to test a multilayer defense with so many integrated protections.
Risk Management
An AEP product is one that provides automatic threat prevention and threat event reporting capabilities for every endpoint system it protects. These products are the current evolution of endpoint security technology, combining endpoint protection products (EPP) with endpoint detection and response (EDR) technology in order to provide detection, blocking, and forensic insight. With the large number of vendors marketing products with visibility, as well as advanced detection and blocking functionality, it is challenging for enterprises to understand true differentiation. The AEP Group Test provides Test Reports and Comparative Reports that enable enterprises to make informed decisions to evolve and rationalize their cyber risk programs.
Threat Protection
NSS Labs has deep expertise in cyber threats based on millions of hours of real-world security product testing.
Web Security
Secure web gateways (SWGs) are designed to detect and block attacks that target vulnerable systems and applications by monitoring web traffic for malicious content. SWGs protect web surfing devices by filtering unwanted software/malware from user-initiated web traffic. They also enforce regulatory compliance and company human resource policies that restrict access to prohibited sites; for example, gambling sites and sites with adult content. At a minimum, an SWG should include URL filtering (e.g., web reputation), malicious code detection and filtering, and application controls for popular web-based applications, such as instant messaging (IM) and Skype, and the ability to inspect SSL/TLS traffic. Increasingly, native or integrated data loss prevention is also included.