ICSA Labs today posted the results of our first quarterly vulnerability test against all ICSA Labs certified network IPS products. 

Why is this a big deal? Well, as you know the security threat landscape is constantly evolving.  As such, members of the ICSA Labs Network IPS Product Developers' Consortium were interested in having their products tested against a fresh set of vulnerabilities on a regular basis. 

Now that ICSA Labs has completed the first quarterly test, going forward two groups of remotely exploitable vulnerabilities will be tested each quarter. The first set will contain software vulnerabilities that are no more than three months old on average. The second set will contain the vulnerabilities from the previous quarterly test sets. Products will be re-tested against these to show what improvement network IPS vendors have made in terms of vulnerability coverage protection from the previous tests. For both sets, security coverage misses are confirmed by running the live exploit through the IPS against an actual vulnerable system. 

The focus of the quarterly IPS testing is to determine how well the products protect enterprises from attacks aimed at the selected group of recently discovered, high-severity, remotely-exploitable holes in enterprise software. 

The vulnerabilities from the quarterly vulnerability test sets will be added to the annual vulnerability set and tested during re-certification. 

The results from the first test can be found by visiting our new Quarterly Network IPS Vulnerability Testing page.