Evaluating Network Intrusion Detection Signatures, Part One

by Karen Kent Frederick
Sept. 24, 2017 1 comment Symantec Detection & Response nid

Over the past several years, a number of academic and commercial entities have conducted evaluations of various network intrusion detection (NID) software, to determine the overall effectiveness of each product and to compare the products to each other. Many system administrators and security analysts are also responsible for conducting their own evaluations of NID products, in order to choose a solution for deployment in their environments. NID evaluations typically include some rough indication of the relative quality of each product's signatures. However, high signature quality is critical to achieving a good NID solution, so the importance of accurately evaluating signature quality cannot be stressed strongly enough.

https://www.symantec.com/connect/articles/evaluating-network-intrusion-detection-signatures-part-one

Avatar
2flash 2 months ago

I really find it interesting the way the author talks about the NID evaluations and solution here. Good job!

Reply