How not to be a crybaby vendor, and start to take responsibility for what we do

Gadi Evron
Jun 29, 2018 · 2 min read

Gadi’s five principles of what we should expect from security vendors (as customers and as an industry), written after founding a vendor (Cymmetria). Or, “how not to be a crybaby vendor”, and start to take responsibility for what we do”:

(1) Don’t be vulnerable to the attacker’s lab (they download you, research you, change 2 bits in their attack… and bypass you).

(2) Be 0day agnostic — detect the unknown unknowns. It’s time we stopped accepting tools which detect mostly only the known, as we don’t have high expectations and grew kind of used to mediocrity.

(3) Be effective even if bypassed. Why should an attacker be able to operate with impunity if they manage to bypass your tool?

(4) Detect real attackers, not signs that might indicate an attack. Do it with high fidelity. Don’t be a noise generator!

(5) Share data with other products. Augment them. If you see something, another tool should be able to use it to perform better as well. It’s about the customer’s value, not competition.

And an extra one for vendor behavior, rather than product:

Take the burden to not become shelfware after deployment. If you are not deployed, fully used (as needed), and pushing your customer to deploy — you should be kicked out.

Gadi Evron.
(Twitter: @gadievron, Facebook: @gadioncyber)

#startup #security #cybersecurity #vendor #principles

This story is published in The Startup, Medium’s largest entrepreneurship publication followed by 339,876+ people.

Subscribe to receive our top stories here.

The Startup

Medium's largest active publication, followed by +528K people. Follow to join our community.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade