Security vendors may promise the world
when it comes to the capabilities of their products, but how do you
know they will work as expected when a real attack occurs? Research
has shown that only about 26% of breaches in the past 12 months were
detected by the security operations center (SOC). But what makes the
difference between successful cybersecurity teams and those that
routinely miss attacks?
The best way we can answer this question
is through thorough validation of security controls. Without a
strategy to validate the continuous health and operation of your data
collection and security appliances you could be operating under false
security assumptions with very serious consequences.