A nonprofit cyber assessment firm found vulnerabilities in the ability of widely used enterprise firewall products to block transport and network-layer evasions commonly deployed by cyber attackers, in a report examining the effectiveness of security offerings.
“Enterprise Firewalls are constantly evolving to combat new attacker techniques and tools but sometimes that evolution takes a wrong turn. A vendor can have a near-perfect detection engine but if attackers can bypass that engine it gives them a clear path through your defenses,” CyberRatings.org CEO Vikram Phatak sad in a Nov. 5 release.
CyberRatings is a nonprofit organization conducting independent testing of cybersecurity products through its testing partner firm, NSS Labs.
CyberRatings evaluated the “security effectiveness” of seven firewall products in 55 performance tests using 3,326 exploits, 11,311 malware samples, 5,752 evasion techniques in 53 evasion categories and 6,481 false-positive samples,” according to the report.
Read the full article here.