Automated Malware Analysis Technologies Central To Defense Strategies
"The most important security alerts we see."
That’s how one customer described the importance of Automated Malware Analysis technologies in their security workflow. After months of demonstrations, reference calls, and analysis we are thrilled that The Forrester Wave™: Automated Malware Analysis, Q2 2016 is live! Many clients we talked to used multiple vendors to analyze malware in order to maximize analysis results.
The underlying mechanisms for automated malware analysis are fascinating for the technophile - combining content security, hypervisor-driven execution, behavioral analytics, and algorithmic API analysis. Incredibly sophisticated software engineering and statistical modeling adds another layer of intrigue. Mix those together with evasive adversaries attempting to bypass the technology and it's an intense discussion!
We used the importance of AMA solutions as the dominant element of detection and prevention in client environments to inform our assessment.
Here’s an overview of our approach:
Visibility is a cornerstone of detection and protection.
In order to detect it, you must see it in the first place.
Flexible deployment models are key to dynamic production environments.
If it is hardware or on-premise only, then it only fits in environments that match the form factor.
Scalability avoids creating a problem as the environment grows.
Scalable infrastructure allows the business to orchestrate workloads based on need and priority, AMA solutions should offer the same capabilities to better align with technology needs.
Usability leading to better decisions is a key outcome.
Finding malware is important – but helping security teams understand if an attack tool is non-targeted ransomware or targeted to capture credentials is an important element in the efficacy of solutions.
We gauged deeply technical areas like anti-evasion capabilities, detection efficacy, and more. Since you can obtain a Ph.D. in each of these areas – and many of the vendors that participated have dozens of them – we leaned toward more capability from a vendor leading to better results for a client.
Special thanks to the 30-plus customer references that took time out of their busy days to share feedback and the 11 vendors that participated. A huge shout out to Kelley Mak, Josh Blackborrow, Stephanie Balaouras, Peggy Dostie and many others at Forrester that put in the time, energy, and effort to wrap this up.
For Forrester clients looking to discuss the results in more detail or looking to understand the market don’t hesitate to reach out.
(About the author: Jeff Pollard is a principle analyst at Forrester Research. This post originally appeared on his Forrester blog, which can be viewed here).