Applied Intelligence for Cloud Security Testing
Bridging the Cloud Security Intelligence Gap
SecureIQLab enhances the value of analyst insights through objective testing. Analysts provide vision and strategic guidance on cloud security, but without objective information, their recommendations are subjective. SecureIQLab provides analysts with the empirical data they need, and organizations the intelligence to act.
SecureIQLab bridges the gap between vision and empirical data by performing relevant testing that enables organizations to optimize their security posture and assists security vendors in their efforts to improve security solutions. SecureIQLab’s efforts contribute to an improved cybersecurity ecosystem.
What we do:
- Collaborating across the industry from enterprises to vendors to create meaningful tests and develop methodologies specific to business requirements.
- Mapping enterprise cloud security ecosystems to their current and future organizational risk posture.
- Aligning enterprise use cases and workflows with quantifiable key performance indicators (KPIs) to measure and improve ROSI.
Cloud Web Application and API Protection CyberRisk Reports 2024
The CyberRisk Ripple captures security resilience, operational efficiency, relative price and return on security investment of the products validated in our public tests in one figure.
The relative size of the markers represents the relative annual cost of the solutions.
- The X-axis is the return on security investment, ROSI, for the validated products.
- The circular markers represent the Complete Security Scores (left Y-axis) relative to their ROSI.
- The triangular markers represent the validated products’ Operational Efficiency Ratings (Right Y-axis) vs their ROSI.
Measurable and Operationalizable Intelligence for Enterprises and Security Vendors
SecureIQLab CyberRisk Validation Roadmap
Our NGFW firewall-based tests will be focused on three key criteria: Security, Compliance, and enterprise centric workflows.
The evaluation of Cloud WAF will be based on blocking attacks against application and API based security threats, seamless integration, and deployment and scalability handling. We will also validate against compliance.
The evaluation of XDR will be based on blocking blended attacks across multiple security layers – email, endpoint, server, cloud workload, and network. Alerts will be evaluated from an operational perspective.
Healthcare focused ransomware test
A combination of four solutions will be evaluated: Firewall, SWG, CASB and ZTNA