NSS Labs Hits Back at FireEye 'Untruths'

A war of words has erupted between FireEye and an independent testing house that questioned the vendor's ability to catch malware.

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  

A war of words has erupted between FireEye Inc. and an independent testing house that questioned the vendor's ability to catch malware.

NSS Labs handed FireEye (NASDAQ:FEYE) a "caution rating" in its first ever comparative analysis of breach detection systems (BDS) after its box scored a "below average" security effectiveness rating of 94.5.

Related articles

All but one of the other vendors tested scored more than 98, with Fortinet Inc., Sourcefire Inc. and Trend Micro Inc. all scoring 99 or more.

NSS said its findings helps end users cut through the vendor marketing fluff in what is a "rapidly evolving" market.

In a forceful blog, FireEye product boss Manish Gupta moved immediately to discredit NSS Labs' findings, claiming its methodology was "severely flawed." The FireEye product the NSS used wasn't even fully functional, used an old version of its software and did not have access to its threat intelligence, Gupta said.

But this was like a red rag to a bull for NSS Labs, whose founder Bob Walder last night responded with an equally robust blog designed to address "a number of untruths and misdirections" in Gupta's missive.

Walder responded to Gupta's claims one by one, saying many were untrue, including that the product it tested was indeed a fully functional product installed and configured by FireEye engineers.

According to Gupta, FireEye insisted the only way to properly test was to run in a real environment, but that the NSS declined to change its testing methodology.

Walder, however, rejected this version of events. He claimed NSS Labs does use a live environment "with real PCs going to real, live malicious URLs." Walder confirmed FireEye did ask for it to change its methodology, but claimed this happened only after it saw the results, something the NSS "clearly cannot do."

"In the grand scheme of things, FireEye's results were not that bad," Walder said. "The real issue here is that FireEye now has credible competition in the BDS marketplace, and the data from this NSS test shows it."

Walder said it was rare for NSS to respond to criticism from vendors that have performed poorly in its tests, although a similar spat with WatchGuard Technologies Inc. erupted last year over its next-generation firewall report.

For more channel coverage from CRN UK, visit channelweb.co.uk/.

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  

Want more articles like this?

Subscribe to Channelnomics for a daily newsletter roundup direct to your inbox

More on Channel Business
Partners on globe

Microsoft, Lenovo make channel pleas

Microsoft talks up cloud, Lenovo boasts of diversity at Tech Data's TechSelect


Just say ‘no’ to nostalgia


Success = planning + growth

For the technology channel, growth is key to success, but that growth won’t happen by itself


IoT set to rocket - Splunk

Exec says IoT adoption will spike rapidly just like cloud

Visitor comments
Add comments
blog comments powered by Disqus

Channelnomics' top five stories of the week - 9 October 2015

Check out which articles grabbed the most attention this week


Editor's voice: The week's channel chatter - 9 October 2015

What's been happening this week on Channelnomics?

Cloud computing circuit

Cloud taking back seat to staffing for MSPs

Desktop as a service will take some time to catch on


In endpoint security, trust matters

Survey finds that more than a quarter of solution providers pick vendor trustworthiness as a top priority for choosing antivirus vendor