SANS WHITE PAPER

Measuring Cybersecurity Controls Effectiveness with Security Validation

Security vendors may promise the world when it comes to the capabilities of their products, but how do you know they will work as expected when a real attack occurs?

Research has shown that only about 26% of breaches in the past 12 months were detected by the security operations center (SOC). But what makes the difference between successful cybersecurity teams and those that routinely miss attacks?

The best way we can answer this question is through thorough validation of security controls. Without a strategy to validate the continuous health and operation of your data collection and security appliances you could be operating under false security assumptions with very serious consequences. 

This paper will explore best practices for getting in front of these issues by measuring cybersecurity control effectiveness. It will explore:

  • Traditional methods of verification and security controls testing 
  • The limitations of traditional methods 
  • The introduction and benefits of security validation technologies 
  • Key capabilities to consider when building an effective security validation program