Rony_Sklar - PeerSpot reviewer
Community Manager at a tech services company with 51-200 employees
  • 11
  • 343

What are the threats associated with using ‘bogus’ cybersecurity tools?

There are many cybersecurity tools available, but some aren't doing the job that they should be doing. 

What are some of the threats that may be associated with using 'fake' cybersecurity tools?

What can people do to ensure that they're using a tool that actually does what it says it does?

PeerSpot user
13 Answers
Principal Advisor at Pro4:Six CISO Services and Consulting
Jan 7, 2021

The biggest threat is risks you think you have managed are not managed at all so you and your executive team have a completely false sense of security.  This is even worse than not having any tool in place.  With no tool in place, you at least know you have a vulnerability.

There several ways to ensure a tool is doing what it is supposed to do.

1. Product Selection - when selecting a tool, do not focus on what a tool can do.  Focus on what you want the tool to do.  You drive the direction of the sales demo, not the sales team.

2. Product Implementation - use professional services to implement and configure the solution.  Your team should be right there with them as a knowledge transfer session but the professional who installs and configures the product every day should drive the install, not someone who wants to learn.

3. Trusted Partners - find yourself a trusted partner(s) who can help guide you.  This should consist of product testing labs partners, advisors who live and breathe the space daily, and resellers with a strong engineering team.

Search for a product comparison in Application Security Tools
DevSecOps Evangelist & Coach at Shiftleft
Top 10
Jun 28, 2021

I suppose it depends on just how 'bogus' they are. If they are truly 'bogus' then you are likely looking at a trojan. If, however, we are just talking about a 'bad' security tool then you are talking about trying to manage your security with bad or missing information.

Navcharan Singh - PeerSpot reviewer
Senior Seo Executive at Ace Cloud Hosting
Top 5
Jan 24, 2023

Using ‘bogus’ cybersecurity tools can seem like a good idea in the short term, but it can come back to haunt you in the long run. Bogus security tools pose serious threats to your business and personal information because they don't provide the same level of protection as legitimate, trusted security solutions. Here are some potential threats associated with using bogus cybersecurity tools:

1. Data Leakage – Bogus cybersecurity products may be full of loopholes that allow malicious actors access to your confidential data and networks. This could lead to data breaches and an increased risk of identity theft and financial fraud if sensitive customer or corporate information is exposed.

2. Increased Risk of Malware – Bogus security products often contain malware which can be difficult for even experienced IT technicians to detect and remove from computers, smartphones, tablets, etc. Malware can spread through networks quickly if not handled properly by an experienced IT professional; resulting in system crashes or significant data losses if allowed inside a secure environment without proper detection measures being taken beforehand.

3. Poor Security Performance – Bogus security products often lack the necessary performance levels for protecting devices against current cyber threats such as DDoS attacks or ransomware infections which could result in costly (and sometimes irreparable) damage to important systems within businesses or homes alike due to their weak defenses against these malicious programs/intrusions etc

4. Lottery Scams - Fake antivirus software might ask you to repeatedly enter credit card details while informing you that you have won a lottery prize when actually stealing those details illegally instead providing real protection from malware/viruses etc., therefore, running large risks on unsuspecting users getting scammed off their hard-earned money!

Overall, fraudulent cybersecurity tools are unreliable and should always be avoided at all costs, as they do more harm than good when it comes down right down to the nitty-gritty! It's best for businesses/individuals alike only use genuine trustworthy cyber defense solutions whenever possible so that any problems arising out of digital safety aren’t exacerbated further due to unfortunate choices made beforehand.

Cyber Security Advisor - Director at Fort Net UK
Top 5Leaderboard
Jan 8, 2021

Dan Doggendorf gave sound advice.

Whilst some of the free or cheap platforms will provide valuable information and protection, your security strategy has to be layered. Understand what you want to protect and from whom. At some point you will need to spend money but how do you know where to spend it? There are over 5,000 security vendors to choose from.

There is no silver bullet and throwing money at it won’t necessarily fix what you are at risk from but at the same time free products are free for a reason.

If your organisation doesn’t have a large team of security experts to research the market and build labs then you need to get outside advice. Good Cyber-advisors will understand your business and network architecture therefore will ask the right questions to help you to navigate the plethora of vendors and find the ones that are right for where your business is now and where you intend it to be in the future.

Large IT resellers will sell you what they have in their catalogues based on what you ask for and give a healthy discount too but that may not fix the specific risks your business is vulnerable to. A consultative approach is required for such critical decisions.

By the way, there are free security products and services that I recommend.

Chief Marketing Officer at JetPatch
Jan 8, 2021

Tools are not necessarily bogus. Sometimes they are just 'legacy' tools that have been around for too long and no longer fit the problem they were designed to solve, simply because IT infrastructure, organizational needs, and cybersecurity threat complexity have evolved. 

Cybersecurity Solutions Architect Lead at Altron Systems Integration
Real User
Jan 7, 2021

Open Source or Free products need proper management. Based on my experience I have found that many people who uses open source don't bother to patch them and attackers then utilize such loopholes.

One of the great example one client was using free vulnerability management plus IP scanner. And they got hit with ransomware. During the investigation I realise the attacker utilized the same tool to affect other devices on the network. The attack took his time at least 2 months unnoticed. 

Learn what your peers think about GitHub. Get advice and tips from experienced pros sharing their opinions. Updated: March 2023.
690,226 professionals have used our research since 2012.
Cyber Security Officer at Grupo Vision
Real User
Top 20
Jan 7, 2021

You should build a lab, try the tools and analyze the traffic and behavior with a traffic analizer like wireshark and any sandbox or edr that shows you what the tools do, but all this should be outside your production environment, use tools that has been released by the company provider and not third party downloads or unknown or untrusted sources.

Cyber Security Officer at Grupo Vision
Real User
Top 20
Jan 7, 2021

Assosiated threats are many, like data loss, data exfiltración, vlan hoppin, sensible data expossure, ransomeware, etc.

PeerSpot user
Senior Manager at a financial services firm with 10,001+ employees
Real User
Top 5Leaderboard
Jan 7, 2021

One should 1st have details understanding of what he/she is looking to protect within environment as tool are specially designed for point solution. Single tool will not able to secure complete environment and you should not procure any solution without performing POC within your environment 

As there is possibility that tool which works for your peer organisation does not work in similar way for yours as each organisation has different components and workload/use case

Head of Services at Sistemar Tecnologias
Jan 12, 2021

Tools are not necessarily bogus. Sometimes they are just 'legacy' tools that have been around for too long and no longer fit the problem they were designed to solve, simply because IT infrastructure, organizational needs, and cybersecurity threat complexity have evolved

Network Security Engineer at Social Security Commission
Real User
Top 5Leaderboard
Jan 8, 2021

Refrain from free products

Delete products and traces of product after evaluation

Always know what you want from the cybersecurity solution. Can identify illegal operations of the products if different from its stipulated functions.

Work with recognised partners and solution providers

Download opensource from reputable sites

User at a tech services company with 11-50 employees
Real User
Jan 8, 2021

Bogus cybersecurity tools might bring about the data exfiltration, trojan horse 

Sales Engineer | Technical Sales | Pre-Sales at SUSE
Top 10
Jan 13, 2021

I think this is quite an open-ended question.

Since cyber security is quite a vast world, it might be better to start small. Ask yourself what it is you are looking for or need. From there you can start asking specific questions based on that need. You should then be able to get more specific answers. Free doesn't always mean bad, but it probably will mean that you require more man power and more technical skills to manage it correctly. There are also quite a few "community" options available. Quite often you might start with a free solution and then upgrade that solution to their paid version which would give you more features.

So find out what it is you need and grow from there.

Sr Systems Administrator at a comms service provider with 11-50 employees
Jan 11, 2021

The biggest threat in using "bogus" or fake tools would be that they are themselves actually tools for someone else to access you. Its a very plausible and likely scenario. 

Related Questions
Software Engineer at Neusoft
Mar 27, 2023
Hello peers, I am a Software Engineer at a large tech services company. I am currently researching network security functions. What aspects of network security are more concerning to small and medium-sized enterprises? Thank you for your help.
2 out of 5 answers
Regional Director at a tech services company with 11-50 employees
Mar 23, 2023
Data breaches, malware, phishing attacks, weak passwords, insider threats, and lack of security policies are some of the most concerning aspects of network security for small and medium-sized enterprises since they may not have the same level of security measures and IT staff as larger corporations. It's important for SMEs to identify and prioritize these risks and take steps to mitigate them to protect their business and customers' data.This could include implementing strong password policies, providing security awareness training for employees, implementing firewalls and antivirus software, and regularly backing up data. In addition, SMEs should develop formalized security policies and ensure that all employees understand and follow them to maintain a secure network environment.
VP of Marketing at CyGlass
Mar 24, 2023
If we are talking strictly about the network, the issue almost all SMEs suffer from is a lack of risk visibility. Consider the risks and vulnerabilities that exist in the network from ports that are unsecured to firewall rules that are no longer effective to rogue devices that are connected and no one in IT is aware. If SMEs simply closed all of these gaps effectively, they would greatly reduce the chances that they are compromised. The second area is threat visibility - meaning an actual attack unfolding.  Once an attacker - say ransomware - bypasses an endpoint, they are free to waltz around the network for weeks. I think that the latest dwell time number is over 4 weeks. Four weeks of recon, command calls, lateral movement, credential compromise, data location, etc. That is enough time to make the ransomware attack really hurt and find all the partner companies that the attacker can move to next. Most large companies have NDR in place to detect and stop attacks - greatly lowering that dwell time and damage - but SMEs cannot afford most of those tools. There are new cloud-based NDR tools that are a lot less (CyGlass), and there are great options with Managed Detection and Response (MDR) companies like Stratejm. Either path, SMEs need to deploy tools or services that watch the network for risks, vulnerabilities, and threats.
Avigayil Henderson - PeerSpot reviewer
Content Development Manager at PeerSpot
Mar 20, 2023
Hi community,  Please share your input and help out fellow peers. Thank you.
See 2 answers
Navcharan Singh - PeerSpot reviewer
Senior Seo Executive at Ace Cloud Hosting
Feb 28, 2023
Automating security for a CI/CD pipeline is essential in ensuring the safety and reliability of your applications. Security automation helps organizations automate the process of validating security policies, patching vulnerabilities, ensuring regulatory compliance with industry standards, and maintaining application integrity. When considering automating security for your CI/CD pipeline there are three main components you should pay attention to: Policy Validation, Vulnerability Scanning & Patching, and Regulatory Compliance & Governance. Policy Validation aims to ensure that all changes made during deployment align with existing organizational policies. Automated policy validation should use configuration management tools such as Ansible or Puppet to scan source code repositories like GitHub or GitLab for any changes made prior to deployments into production environments. This can be integrated into continuous integration pipelines so that any non-compliant changes are flagged before reaching an active environment. Vulnerability Scanning & Patching ensures that any known vulnerabilities which may have been introduced via a new code commit or change in existing infrastructure configurations will be identified prior to deployment allowing appropriate remediation action to take place such as blocking the release until fixes can be applied or automatically applying patches where possible before the change is deployed in production environments. These activities can also be automated by integrating scanning tools such as Nmap directly into CI/CD pipelines so they execute at each stage performing active scans on exposed networks and services before allowing progression through the pipeline toward production systems. Finally, Regulatory Compliance & Governance involves recognizing issues that require manual authorization from an administrator before consideration of an automated fix or deployment occurs (such as legal/privacy restrictions). It also includes monitoring external sources related to potential threats relevant specifically related to your organization (such as data breaches on other organizations), overseeing audit logs produced from actions taken within both source control platforms and cloud provider resources used within the CI/CD pipeline itself (for example developer keys used when accessing private resources). Automation here would include continually analyzing audit logs generated from activities performed throughout various stages of the delivery process permitting immediate detection of anomalies against expected behavior based on user roles assigned within each project being worked upon.
Remy Ma - PeerSpot reviewer
Network Security Services at ACE Managed Securty Services
Mar 20, 2023
When it comes to security and automation, there's no such thing as too much. That's why it makes sense to take steps to automate security for your CI/CD pipeline. Automation can help reduce the time spent on manual tasks and ensure that your code is secure before it makes its way into production. Here are some tips for automating security for your CI/CD pipeline: 1. Use a static application security testing (SAST) solution to scan code for vulnerabilities. SAST solutions can help identify and fix known issues quickly and efficiently. 2. Run regular scans of your codebase using a dynamic application security testing (DAST) tool. This will help identify any new security issues in real time. 3. Use a container scanning tool to check all your images and containers for vulnerabilities or misconfigurations. This will help ensure that no malicious code can enter the pipeline. 4. Utilize an API scanner to detect potential API vulnerabilities in your applications, such as SQL injection, cross-site scripting, and parameter tampering. 5. Implement a Web Application Firewall (WAF) to protect your applications from attacks like DDoS or brute force attacks. This can help prevent attackers from accessing sensitive information.
Related Articles
Ariel Lindenfeld - PeerSpot reviewer
Director of Community at PeerSpot
Aug 21, 2022
We’re launching an annual User’s Choice Award to showcase the most popular B2B enterprise technology products and we want your vote! If there’s a technology solution that’s really impressed you, here’s an opportunity to recognize that. It’s easy: go to the PeerSpot voting site, complete the brief voter registration form, review the list of nominees and vote. Get your colleagues to vote, too! ...
Deena Nouril - PeerSpot reviewer
Tech Blogger
Aug 5, 2022
What is OWASP? The OWASP or Open Web Application Security Project is a nonprofit foundation dedicated to improving software security. It operates under an open community model, meaning that anyone can participate in and contribute to OWASP-related online chats and projects. The OWASP ensures that its offerings (online tools, videos, forums, events, etc.) remain free and are easily accessible t...
See 2 comments
Ben Arbeit - PeerSpot reviewer
Manager at a retailer with 51-200 employees
Jul 31, 2022
Thanks for this informative article.
Jairo Willian Pereira - PeerSpot reviewer
Information Security Manager at a retailer with 10,001+ employees
Aug 5, 2022
OWASP is nice, but very specific and currently limited. How about trying ISO-24772 for all?
Director of Community at PeerSpot (formerly IT Central Station)
Mar 4, 2022
Hi community members, Here is our new Community Spotlight for YOU. We publish it to help you catch up on recent contributions by community members. Do you find it useful? Please comment below! Trending Top HCI in 2022 What are the main differences between XDR and SIEM? Articles Top 5 Ethernet Switches in 2022 SASE: what is it and what are the main benefits? Questions Che...
Enterprise Architect at CDPL
Dec 15, 2021
Privacy Concerns in an RPA Implementation Program. The biggest concern we (as RPA solution implementors) have faced when interacting with clients and customers were: 1. Regulatory and Compliance issues. 2. InfoSec and Security issues. 3. Audit Issues. Regulatory and Compliance Issues: There is a huge penalty if the wrong data gets updated and emails are sent to customers by the regulatory...
CEO at Rufusforyou
Sep 3, 2021
ICT is getting more and more complex: today I have several systems in Chicago, several more in Amsterdam and if you need to protect your environment you will need to check on-premises, the cloud at Amazon, and the cloud at Microsoft Azure.  Why is Performance related to security? For the following reasons:  Today we need more than one tool to protect our environment. You need anti-spoofing...
See 2 comments
Shibu Babuchandran - PeerSpot reviewer
Regional Manager/ Service Delivery Manager at a tech services company with 201-500 employees
Sep 1, 2021
Very good insights about correlation for security with performance.
Key Account Manager at ITRS Group
Sep 3, 2021
Interesting positioning and way of thinking, thank you very much for the article!
Related Articles
Ariel Lindenfeld - PeerSpot reviewer
Director of Community at PeerSpot
Aug 21, 2022
PeerSpot User's Choice Award 2022
We’re launching an annual User’s Choice Award to showcase the most popular B2B enterprise technol...
Deena Nouril - PeerSpot reviewer
Tech Blogger
Aug 5, 2022
What is OWASP Top 10 in 2022
What is OWASP? The OWASP or Open Web Application Security Project is a nonprofit foundation dedi...
Download Free Report
Download our free GitHub Report and get advice and tips from experienced pros sharing their opinions. Updated: March 2023.
690,226 professionals have used our research since 2012.