Search

News Release - 8th September 2014

Open Source IDS Rules Comparison Report - September 2014

News Release for 8th September 2014

Open Source IDS Rules Comparison Report - September 2014

We regularly assess the capability of the available Open Source IDS rule sets to detect our traffic files, to highlight the necessity of a multi vendor approach for obtaining rules.

Each rule set is tested in various configurations with the last three month's worth of exploit traffic files from Traffic IQ™ Professional, totalling 360 traffic files for June, July and August. The aim of the tests are to compare the detection capabilities of each rule set for recently discovered threats.

Results for September 2014

Key Observations:
  • Not one rule set could provide 100% detection against Traffic IQ™ files.
  • All rule sets and all configurations allowed more than 32% of Traffic IQ™ attack files through undetected.
  • Rule sets loaded with the default policies provide poor detection and protection capability against Traffic IQ™ attack files, stopping only 43% of the exploit traffic.
For detailed results and further info, download the full PDF report...
Open Source IDS Rules Comparison Report - September 2014
More information

idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.