Paul Ditty

View Original

ESG Showcase: NG-IDS, NDR, and ExtraHop

Securing the perimeter alone worked well in the 1990s. Unfortunately, today’s IT teams need more robust security solutions to keep up with advanced threats and increasingly complex environments—yet many organizations are finding that their security tools aren’t holding up.

As a result, many CISOs are now re-evaluating their toolsets. A recent ESG Showcase, NG-IDS, NDR and ExtraHop, explored how intrusion detection systems (IDS) no longer rise to the challenge and why organizations should look to next-generation tools such as network detection and response (NDR).

Rising Challenges Over Just Two Years

When IDS entered the market over 20 years ago, the landscape of cybersecurity was much smaller. All you’d need was a sturdy network perimeter and the ability to inspect traffic for exploits that targeted vulnerable software. But according to ESG research, many organizations believe security has become even more difficult in the past two years due to:

  • An increasingly complex network

  • A more dangerous threat landscape

  • An ever-growing attack surface

  • A global cybersecurity skills shortage

With these growing concerns, CISOs are discovering that they can’t rely on legacy strategies anymore and are looking for ways to improve their overall efficacy, integration, and dwell time.

IDS Only Goes So Far

While IDS was designed to detect and secure the network perimeter from attacks—like port scanning, SQL injections, and buffer overflows—the evolution of the adversary has exposed the limits of IDS. This one-size-fits-all technology misses the mark due to:

  • A narrow view of threat detection efficacy

  • An inability to cover east-west traffic

  • A lack of support for network security hygiene

  • An need for high operational overhead

  • The potential for numerous false positives

As attackers have become more strategic and malicious, organizations need to pivot to a comprehensive defense solution. IDS is still useful, but it’s effectiveness is growing increasingly limited.

How NG-IDS Modernizes Network Security

Next-generation intrusion detection systems (NG-IDS) improve on legacy technologies by harnessing the benefits of network detection and response (NDR). With NDR, you can monitor the attacker’s land-and-pivot approach to prevent threats before they cause significant damage. Additional benefits include:

  • Better security efficacy with cloud-scale machine learning (ML) behavioral analysis

  • Rules-based critical common vulnerabilities and exposures (CVE) exploit detection

  • Added visibility into encrypted and east-west traffic

  • Extended detection across the full attack life cycle

  • Optimized workflows for time-strapped analysts

  • Integrated detection, investigation, and response into one tool

CISOs and security teams can no longer support operationally intensive technologies like IDS. They need integrated solutions like NG-IDS as part of a broader operation. To learn more about the ESG evaluation of ExtraHop Reveal(x) network detection and response as an NG-IDS solution, and how it can take your network security to the next level, read the ESG Showcase Report.