Intrusion Detection & Prevention Systems (IDS/IPS) have long provided a critical last line of defense against sophisticated cybersecurity attacks that have penetrated endpoint and perimeter defenses. They also offer an important frontline defense in emerging networks that do not really have fixed perimeters, and which often connect new kinds of devices that cannot support conventional embedded endpoint security software.
However, conventional IDS/IPS have some weaknesses in usability (like generating high volumes of false positive alerts) and in effectiveness (such as a blindness to many protocols and to certain types of advanced threats – especially those using encryption to evade detection).
The latter is especially worrying as the use of encryption expands and standards become more rigorous, making it impossible to use common current methods of analyzing traffic without resorting to decryption.
To better understand these concerns, how IDS/IPS is currently being used, and what the future might hold for this important technology, we conducted a comprehensive survey of Cybersecurity Insiders 500,000-member information security community.
For a panel discussion about options and strategies for addressing the needs and concerns raised in this survey, we invite you to watch our webinar 2022 State of IDS/IPS: Adapt or Die.
Many thanks to Enea Qosmos for supporting this important research project, and we hope you find the information shared by respondents useful in strengthening your own cybersecurity posture.