Aren’t All Security Threat Emulations the Same?

You should be picky when selecting a security solution for your network. When it comes to comparing solutions, are there really any metrics other than speed and accuracy? Those are certainly two of the most important, but there are some other important features as well. Our top three would be:

1. Access to the largest catalog of known threats
2. Ability to quickly identify and prevent those known threats
3. Ability to quickly and accurately emulate and block new, unknown threats

If we started digging in though, there would be more. Protecting your network is all about being flexible and offering solutions that prevent threats from being on your network for even a second. We were pretty surprised that all security vendors didn’t have the same perspective. We found some that allow unscreened emails onto your network while they emulate. We found that others would emulate and detect threats, but take up to an hour to update the security gateway. We even found some that detected but didn’t prevent unless you purchase another module. What good is that??

Solid protection is born from thoughtful network design. It is smart to partition your network. It is even better to employ mail transfer agents so emails are inspected outside your main network. Scanning all kinds of attachments including encrypted and archive file types is a must. Most of all, it should be standard practice to inspect files and clear them before they are even allowed into your network for one second.

We thought this would all be common sense, yet we found that practically every security solution we tested failed on at least one of these features, and many failed all of them. To be fair, we recognize that sandboxing everything first requires a lightening fast emulation engine. But is it our fault the others can’t keep up? Hate the game, not the player.

We encourage you to read the results for yourself on our Zero Second page.