Divided into two tiers: tier 1 includes security technologies required as the basis for a secure infrastructure, such as the following.
- Desktop antivirus tool
- Secure Web gateways
- Messaging security
- Intrusion detection/prevention systems
- Security information event management
Tier 2 security technologies, such as those listed below, have the capability of identifying abnormal behavior in transit and on the host. They are typically purchased after a major breach occurs. But in advance of such a loss, the more knowledgeable corporations invest in these advanced technologies that go beyond traditional pattern matching and signatures for known attacks. They have the capability of identifying abnormal behavior in transit and on the host.
- Network forensics
- Desktop forensics
- Data leakage protection
- Behavior-based analysis
- Security intelligence feeds