How not to be a crybaby vendor, and start to take responsibility for what we do
Gadi’s five principles of what we should expect from security vendors (as customers and as an industry), written after founding a vendor (Cymmetria). Or, “how not to be a crybaby vendor”, and start to take responsibility for what we do”:
(1) Don’t be vulnerable to the attacker’s lab (they download you, research you, change 2 bits in their attack… and bypass you).
(2) Be 0day agnostic — detect the unknown unknowns. It’s time we stopped accepting tools which detect mostly only the known, as we don’t have high expectations and grew kind of used to mediocrity.
(3) Be effective even if bypassed. Why should an attacker be able to operate with impunity if they manage to bypass your tool?
(4) Detect real attackers, not signs that might indicate an attack. Do it with high fidelity. Don’t be a noise generator!
(5) Share data with other products. Augment them. If you see something, another tool should be able to use it to perform better as well. It’s about the customer’s value, not competition.
And an extra one for vendor behavior, rather than product:
Take the burden to not become shelfware after deployment. If you are not deployed, fully used (as needed), and pushing your customer to deploy — you should be kicked out.
#startup #security #cybersecurity #vendor #principles