I'm building a next-gen AI powered threat intelligence platform and am wondering what features are missing from existing products on the market and how much customers are paying for their security tools.
I'm also conducting research on pricing models. What is the preferred method of payment, i.e. based on number of endpoints, storage used, user-based, flat fee subscription based?
Thank you ...
CEO & Founder at a tech services company with 1-10 employees
26 August 19
Raffael Marty, Vice President, Forcepoint Research and Intelligence, said: "There is no artificial intelligence in the field of information security, and it is unlikely to be developed in 2019." Most of unsupervised machine learning-based network anomaly detection solution does not provide why the anomaly has been aroused and whether the anomaly is malicious or not. Most of such solution's pricing model is based on number of endpoints but I prefer to have flat fee subscription-based.
I that feel there are two old problems still there in the market:
1-Vendors don't talk to each other.
2-Whoever is focusing on endpoint is missing the network and human side and the opposite is also true.
I love, for example, what Darktrace is doing in the network side and the playback option to know what happened in my network during a long holiday, for example, things will never be caught by a second-generation AV but I need to have a solid 2nd gen. AV besides the total high cost of Darktrace which by the way is worth it for IT pros but not for business owners.
We need to have something like virus total but for risks and threats beyond viruses where all vendors work on this and all endpoint customers with different vendors connect to it to be secured.
Network Performance, bandwidth utilisation, data flow speed, Bottlenecks, nodes issues, network medium issues, segmentation efficiency, distributed network requirement as a solution, multicast required as a solution or re design it.
It depends what your environment is. We have very good experiences with two solutions. When you're using Cisco Networking, their Stealthwatch solution (also part of their EA, a full NBA/ADS* solution) does a very good job and gets more and more integrated in their Networking, Security and Admission Control solutions. When you are looking for a less expensive solution, we have very good experiences with Flowmon, a spin off from the University of Brno (Tsjech Republic) and a very mature NBA/ADS* solution as well. In NL Flowmon is successfully in use by education, healthcare, finance and transportation.
*NBA/ADS: Network Behavior Analysis / Anomaly Detection System.