Increasingly, the security community is calling for more sharing of security threat intelligence between organizations. Such a community approach is vital in breaking down the silo of security information and for dealing with modern threats. What of the security vendors? Many vendors resort to badmouthing and making outlandish claims about their competitors in order to clinch a sale. Why haven't more security vendors banded together? Given that different vendors focus on different security facets (network, endpoint, applications, etc.) partnering with another vendor would seem like a logical way to strengthen one's brand.
Bit9, an endpoint security company, saw value in forming such partnerships, and joined forces with network security firms Palo Alto and FireEye. According to Brian Hazzard, VP product management for Bit9, forming such partnerships is critical in delivering greater value to customers and in being able to better detect malware and threats. Since Bit9's bread and butter is endpoint security, integrating with network security specialists such as Palo Alto, allows for their customers to strengthen their prevention, detection, and response phases as they have a more complete picture of their internal environments (endpoints and network) by providing end-to-end visibility.
We should no longer tolerate security companies jockeying for position by slamming or being unnecessarily critical of their competition. Enterprises should demand that their security vendors embrace the partnership approach that Bit9 is advocating. Hazzard indicated that the security industry needs to move in this direction in order to "change the security playing field". Instead of being enemies we should be allies in combating modern threats.
Vendors that provide game changing integration and improve their customers' security posture across more than one threat vector, will not only survive but thrive. Aside from enjoying the economic benefits, the security tools become more effective as the silo of security information around them disappears. Hazzard described these partnerships as field driven, the direct result of listening to their customers (customers wanted to have better integration amongst their hodgepodge of security products). What good is your security defences if they are not communicating and sharing information? Enterprise security defences will become more valuable, efficient, and effective if they were to work together as one cohesive unit.
As customers, we should be evaluating potential vendors based on how well they work with other security vendors. In order to regain the upper hand and successfully deal with "advanced" and persistent attacks, we need more companies like Bit9 to embrace their security brethren and form these valuable partnerships. After all, united we stand, divided we fall.
Dominic Vogel is currently a security analyst for a financial institution in beautiful Vancouver, British Columbia.