Reading Time: ~ 4 min.
Since launching our web classification service in 2006, we’ve seen tremendous interest in our threat and web classification services, along with an evolution of the types and sizes of cybersecurity vendors and service providers looking to integrate this type of curated data into their product or service. Over the years, we’ve had the good fortune to work with partners of all sizes, from global networking and security vendors to innovative and dynamic start-ups across the world.
With the end-of-life of Broadcom’s Symantec RuleSpace OEM Web Classification service, we’ve received numerous inquiries from their former customers evaluating alternative solutions. Here we’ll outline the things to consider in a replacement. For more on why Webroot is poised to fill the gap left by the Broadcom, you can read the complete whitepaper here.
Your use case: how well does it align with the vendor?
Each use case is unique. Every vendor or service provider brings its own benefit to market and has its own idea about how their service or solution adds value for customers, clients or prospects. That’s why our adaptive business model focuses on consulting with partners on technical implementation options, spending the time to understand each business and how it may benefit from a well-architected integration of classification and/or intelligence services.
Longevity and track record
A key factor influencing change on the internet is innovation. Every service provider is continuously enhancing and improving its services to keep pace with changes in the threat landscape, and with general changes to the internet itself. As well as keeping up with this change, it’s important that a vendor brings a historical perspective to the partnership. This experience will come in handy in many ways. Scalability, reliability and overall business resilience should be expected from a well-established vendor.
Fair comparative evaluations of web classification and threat intelligence providers are difficult to achieve. We can offer guidance to prospective partners, but it’s often more reassuring to simply see the strong partner relationships we have today. Many of these we’ve worked with for well over a decade. When evaluating a vendor, we recommend looking closely at current partners and imagining the investments each have made in their integrated solutions. This speaks volumes about integration performance and the quality of the partnership.
A classification or threat dataset is only as good its sources and the analytics used to parse it. Many companies offer classification and/or threat intelligence data, but the quality of that data varies significantly.
Threat Intelligence Capabilities
Not all our partners’ use cases require threat intelligence, but for those that do it’s critical they understand where their threat data comes from. There are now a great many sources of threat data, but again these are far from equal. Worse still, comparing source is often no simple task.
Ease of integration
As mentioned, every use case is unique. So are the platforms into which web classification, malware detection and threat intelligence services are integrated. It’s therefore crucial that a vendor provide flexible integration options to accommodate any pioneering partner, service provider or systems integrator. Simply providing data via an API is useful, but will it always deliver the performance required for real-time applications? Delivering a local database of threats or classifications mayContinue reading