Chapter 7. Tools of the Trade

“...a vision without the ability to execute it is probably an hallucination.”

Stephen Case

In the early days of the security industry boom back in the late 1990s, there were only a handful of dedicated security product vendors. Most commercial security tools were offshoots or acquisitions by larger companies, and when the topic of network security tools was discussed, firewall or antivirus were the first words to come to mind. Today, there are literally hundreds of companies with security products and services that cover just about every aspect of information and network security. From password managers and social media leak detection to content-aware firewalls and breach detection systems, there is an abundance of security technology available. Many vendors offer expensive all-in-one tools or managed security services that purport to take all your data and abstract it into actionable security monitoring. The security industry has grown so huge that it has become a commoditized niche industry. You can spend millions on security solutions under the guise of protecting your network.

However, we reject the concept of the security “black box,” or the one vendor that claims to do it all without providing sufficient detail about how detection actually happens or even if it’s working properly. Proprietary detection methods and indicators are not helpful when attempting to investigate a possible breach. We know that we can never detect nor prevent 100% ...