I was reminded this week in a customer meeting of a famous Winston Churchill quote, “Things do not get better by being let alone. Unless they are adjusted, they explode with a shattering detonation.”
Prior to leveraging the Verodin Security Instrumentation Platform (SIP), this customer was getting about 10-20 percent of the value they should have been getting and assumed they were getting from their security tools. This was true across the board for their security tools but in particular, their firewalls, IPS, proxies, and SIEM were grossly underperforming. Actually, even before they were a customer and we were simply conducting a POC, it was discovered that approximately five percent of their correlation rules were actually firing correctly.
The ineffectiveness was attributed to a number of technical issues, departmental changes, and employee changes. But the core of the issues, per their security team, was that once a security solution was installed and assumed to be working correctly, there was never a program in place to validate that it was doing what they thought. It was truly assumption-based security.
In just a few short months of instrumentation with Verodin SIP, they now have empiric evidence regarding what’s working, what’s not, and how to address it. They are measuring, managing and improving the effectiveness of their security tools daily. Their effectiveness numbers have risen substantially and they are realizing more value from their investments.
The best part is, they don’t have a dedicated engineer using Verodin SIP. Verodin SIP provides continuous and automated analysis so that once something is working, they are notified if it ever stops. They are truly managing security by exception now.
Security can’t be left alone. Environments are constantly changing. As such constant validation must be applied so adjustments can be made and avoid, in the words of Winston Churchill, “shattering detonation.”