Are they innovating while embracing open standards?
Tomorrow it'll be some other new thing. But today, one innovative tool security vendors should embrace is YARA, a technology aimed at (but not limited to) helping malware researchers identify and classify malware samples. YARA rules can find patterns where regex or snort rules fall hopelessly short. Fidelis Security has absorbed YARA into its prevention-enabled real-time inspection technology, leveraging YARA rules against both unknown protocols and files in transit. This is particularly useful for customers who may already be using YARA against static files or RAM images: they can re-use the same rules in other contexts.
You need it. They claim to have it. What questions should you be asking as you hunt for the "just right" vendor to help you defend against the most sophisticated and determined adversaries?
Will Irace, vice president, Security Evangelism at General Dynamics Fidelis Cybersecurity Solutions, recently shared his top questions to ask when vetting security vendors.