News Release for 23rd July 2014
Open Source IDS Rules Comparison Report - July 2014
We regularly assess the capability of the available Open Source IDS rule sets to detect our traffic files, to highlight the necessity of a multi vendor approach for obtaining rules.
Each rule set is tested in various configurations with the last three month's worth of exploit traffic files from Traffic IQ™ Professional, totalling 342 traffic files for May, June and July. The aim of the tests are to compare the detection capabilities of each rule set for recently discovered threats.
Results for July 2014
- Not one rule set could provide 100% detection against Traffic IQ™ files.
- All rule sets and all configurations allowed more than 43% of Traffic IQ™ attack files through undetected.
- Rule sets loaded with the default policies provide poor detection and protection capability against Traffic IQ™ attack files.
For detailed results and further info, download the full PDF report...
|Open Source IDS Rules Comparison Report - July 2014|