eBooks & Reports

Security Vendor Assessment Worksheet - 2 Pages

Issue link: https://resources.threatstack.com/i/882014

Contents of this Issue

Navigation

Page 1 of 1

Q3: "How much me will this product save us vs. how much me will we need to put into it?" Our Analysis: Automa on is a great way to save me and resources, but it's important to think about how much me you'll put into se ng up and maintaining this automa on so you can decide whether it's worth it. What you're really doing here is evalua ng part of the Total Cost of Ownership (TCO), and it is cri cal to do this before you make a commitment (i.e., before you sign a contract). Q4: "How experienced does a person need to be in order to run this product?" Our Analysis: Do you need someone with ten years experience wri ng custom code, or can you put a junior engineer on it with a few hours of training? The answer to this ques on, as with the previous one, is part of calcula ng the true cost of the product — and an indicator of whether you'll s ll get results even if your best engineer isn't available. Q5: "How will this product help us differen ate between day-to-day ac vity and actual problems?" Our Analysis: Your security products shouldn't hold your coworkers back from doing their jobs — and they won't if you can readily determine what's normal and what's not. Ask yourself if this will slow you down or enable you to take ac on when it's really important. Q6: "If we are compromised, how will this product fit into the response process?" Our Analysis: Everyone in security knows it's not a ques on of if you'll be breached — it's when — and how will you respond? Mentally walk through every step of your incident response process and try to think ahead about exactly how the product you're purchasing will aid you in that me of need. Q7: "Do you (vendor) use your own products? To solve which use cases?" Our Analysis: If a vendor doesn't prac ce what they preach, it's a sign of a weak product. Ask your vendor how they use their own technology and how it has helped create efficiencies for their own team. If they don't have a strong story, think twice before you buy. Q8: "What financial informa on is available on your business stability and performance record?" Our Analysis: Do a li le research to determine how well qualified and reliable they are. If you can, and if it's appropriate, check out their cer fica ons, ask for customer a esta ons, and find out what you can about their performance on SLAs. Also, find out how long they've been in business. Alone these ques ons might not give you everything you need to know, but together, they create a very revealing profile. Q9: "What level of Tech Support and Customer Service is provided?" Our Analysis: At no point do you want to be stranded if something goes wrong with the product or if you need further informa on on how to use it. So insist on high quality, 24x7 coverage in these two areas. Q10: "How do you plan to con nue evolving your solu on as technology changes?" Our Analysis: Technological infrastructure looks almost nothing like it did ten years ago, and it will probably look completely different in another ten. You need to know that your vendor has a product roadmap: You need to feel confident that the technology you're choosing today will evolve alongside your company so you're not was ng me and money replacing it a couple of years down the road. About Threat Stack Security at Speed & Scale Threat Stack's comprehensive intrusion detec on pla orm combines con nuous security monitoring and risk assessment — protec ng companies from intrusion, insider threats, and data loss. Threat Stack goes beyond a single type of infrastructure, point of detec on, or threat category — and casts a wide net of detec on points across complex infrastructures, offering unparalleled visibility at the speed and scale of today's business. TO SEE HOW THREAT STACK'S INTRUSION DETECTION PLATFORM CAN WORK FOR YOUR ORGANIZATION, GET IN TOUCH | GO.THREATSTACK.COM/DEMO

Articles in this issue

Links on this page

view archives of eBooks & Reports - Security Vendor Assessment Worksheet - 2 Pages