Crowdstrike fails NSS Advanced Endpoint Protection Group Test...yes or no?

["Security Admin (NetSec)" <secadmin () netsecdesign com>]

http://www.securityweek.com/crowdstrike-sues-nss-labs-prevent-publication-test-results

> From Article:

"There are two primary issues here: is it possible to conduct fair comparative tests for advanced endpoint protection 
products (aka, machine-learning or next-gen AV); and is the law a valid method of preventing them?"


The article has various opinions about this, with additional links to opinions.

I offer my $0.02

It would appear that based on the NSS Lab admission that "The Falcon Host's final rating may have been different had it 
completed the test." that Crowdstrike may have a legitimate beef.

When deploying Palo Alto devices with Wildfire enabled, I would inevitably get asked the question as to whether or not 
traditional AV was needed.  This came up even more as Palo Alto introduced host-based protection via "traps."

What I have found is that many of these so-called "next-gen" protection mechanisms are quite good at protecting against 
unknown aka "0day" threats.  However, they tend to fall short in protecting against old threats, like the nth version 
of MyDoom.  Signature-based solutions still have their place, and until the next-gen vendors like Crowdstrike can 
protect against both, signature-based AV may still be needed.


_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave