Your SlideShare is downloading. ×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Vulnerability Management - How Market Trends and Changing Threats Will Shape the Future of the Market

3,539
views

Published on

An analyst briefing presentation delivered by Frost & Sullivan network security industry analyst Chris Rodriguez.

An analyst briefing presentation delivered by Frost & Sullivan network security industry analyst Chris Rodriguez.

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
3,539
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
136
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Vulnerability Management: How Market Trends andChanging Threats will Shape the Future of the Market Chris Rodriguez Industry Analyst, Network Security December 9, 2010
  • 2. Today’s Presenters Chris Rodriguez, Industry Analyst, Network Security Frost & Sullivan Jake Wengroff, Global Director, Corporate Communications Frost & Sullivan 2
  • 3. Focus Points Why So Much Interest? - Growth and Revenue Projections of the Vulnerability Management Market Market Definitions and Segmentation How Did We Get Here? - Evolution of the Vulnerability Management Market Growth by Sub-Market Sub-Market Life Cycle Analysis Market Trends including Drivers and Restraints What’s next? Charting the Course of the Vulnerability Management Market Key Market Participants Questions and Answers 3
  • 4. Growth and Revenue Projections of the VulnerabilityManagement Market Total Vulnerability Management Products Market: Revenue Forecasts (World), 2006-2016 Revenues ($ Million) Revenue Growth Rate (%) 1,600.0 16.0 1,400.0 14.0 Revenue Growth Rate (%) Revenues ($ Million) 12.0 1,200.0 10.0 1,000.0 8.0 800.0 The vulnerability 6.0 management market will 600.0 achieve its highest 4.0 growth rates in 2011. 400.0 2.0 200.0 0.0 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 Note: All figures are rounded; the base year is 2009. Source: Frost & Sullivan 4
  • 5. Market Definitions and Segmentation Total Vulnerability Management Products Market: Market Segmentation (World) Vulnerability Management Vulnerability Patch Application Vulnerability Assessment Management Security Intelligence Source: Frost & Sullivan 5
  • 6. Market Definitions and Segmentation Vulnerability Assessment Sub-Market: Market Definitions (World) Vulnerability Management Vulnerability Patch Application Vulnerability Assessment Management Security Intelligence • Network-based scans • Uncover and prioritize vulnerable endpoints • Product functionality expanding • Vendors integrating: • database/application scanning • penetration testing • configuration management Source: Frost & Sullivan 6
  • 7. Market Definitions and Segmentation Application Security Sub-Market: Market Definitions (World) Vulnerability Management Vulnerability Patch Application Vulnerability Assessment Management Security Intelligence • Web application scanning • Security-based static source code analysis • Dynamic testing and/or static testing Source: Frost & Sullivan 7
  • 8. Market Definitions and Segmentation Patch Management Sub-Market: Market Definitions (World) Vulnerability Management Vulnerability Patch Application Vulnerability Assessment Management Security Intelligence • Fix systems found to be vulnerable • Acquire and install missing patches and updates • Patching required for IT operations and security purposes Source: Frost & Sullivan 8
  • 9. Market Definitions and Segmentation Vulnerability Intelligence Sub-Market: Market Definitions (World) Vulnerability Management Vulnerability Patch Application Vulnerability Assessment Management Security Intelligence • Regularly updated subscription-based service • Feeds actionable and original vulnerability reports • *Not yet included as a separate market segment Source: Frost & Sullivan 9
  • 10. Evolution of the Vulnerability Management Market Total Vulnerability Management Products Market: Market Timeline (World), 2000-2010 PCI DSS now Vulnerability New regulations demands use management finds Commercial such as FISMA Increased Increased of web focus on new points of penetration testing require regular industry focus on application software securing end- integration, such vulnerability vulnerability security as with UTM developed assessments points intelligence solutions 2000 2002 2004 2006 2008 2010 The success of Companies Source code Configuration Internet Security founded to solve analysis management now Systems’ Internet the web application recognized as an integrated with Scanner prompts scanning challenge important security vulnerability new competition function management products Source: Frost & Sullivan 10
  • 11. Growth by Sub-MarketThe vulnerability management products market was valued at $698.0 million in 2009, and wasdivided among the following market segments as shown here. Total Vulnerability Management Products Market: Sub-Market Size by Revenues (World), 2006-2016 Vulnerability Assessment Application Security Patch Management 1,600.0 1,400.0 Revenues ($ Million) 1,200.0 1,000.0 800.0 600.0 400.0 200.0 0.0 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 Source: Frost & Sullivan 11
  • 12. Sub-Market Life Cycle Analysis Total Vulnerability Management Products Market: Sub-Market Life Cycle Analysis (World), 2009 Market Value Vulnerability assessment has long been known as Vulnerability Assessment the critical first step in the security and risk management process. Application Security Patch Management Commercial, automated penetration testing is gaining legitimacy and has tremendous potential Patching has long been a for future growth. necessary function for IT management, but has Customer awareness of been hindered primarily by the threat posed by free solutions. insecure applications has Penetration improved and this market Testing has strong potential for further growth. Time Development High Growth Mid Growth Late Growth Source: Frost & Sullivan 12
  • 13. Market Drivers Total Vulnerability Management Products Market: Market Drivers (World), 2009 Evolving Technology Increases Attack Unmanageable Vector Number ofVulnerabilities and Patches Vendors Gain Traction by Increased Customer Integrated and New and Existing Reducing Capital Awareness of Security Flexible Product Regulatory Expenditures Issues and Threats Lines Improve Compliance Business Case Requirements Source: Frost & Sullivan 13
  • 14. Market Driver: New and Existing Regulatory ComplianceRequirements Payment Card Industry Data Security Standard HIPAA/HITECH National Institute of Standards and Technology California Security Breach Information Act Gramm-Leach-Bliley Act Federal Information Security Management Act North American Electric Reliability Corporation European Legislation 14
  • 15. Market Driver: Integrated and Flexible Product LinesImprove Business Case Total Vulnerability Management Products Market: Market Drivers (World), 2009 Evolving Technology Increases Attack Unmanageable Vector Number ofVulnerabilities and Patches Vendors Gain Traction by Increased Customer Integrated and New and Existing Reducing Capital Awareness of Security Flexible Product Regulatory Expenditures Issues and Threats Lines Improve Compliance Business Case Requirements Source: Frost & Sullivan 15
  • 16. Market Driver: Increased Customer Awareness of SecurityIssues and Threats Timeline of Major Malware Outbreaks (World), 2000-2010 SQL ILOVEYOU Slammer/Welchia/ Zlob Koobface Stuxnet Sobig/Blaster worm 2000 2002 2004 2006 2008 2010 MyDoom/ Code Red Mocmex Conficker Sasser 16
  • 17. Market Driver: Unmanageable Number of Vulnerabilitiesand Patches Vulnerability Research Market: Number of Reported Vulnerabilities (World), 1995-2008 9,000 8,000 7,000 6,000 5,000Vulnerabilities Reported 4,000 3,000 2,000 1,000 0 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 Year Source: Frost & Sullivan 17
  • 18. Market Driver: Evolving Technology Increases AttackVector Total Vulnerability Management Products Market: Market Drivers (World), 2009 Evolving Technology Increases Attack Unmanageable Vector Number ofVulnerabilities and Patches Vendors Gain Traction by Increased Customer Integrated and New and Existing Reducing Capital Awareness of Security Flexible Product Regulatory Expenditures Issues and Threats Lines Improve Compliance Business Case Requirements Source: Frost & Sullivan 18
  • 19. Market Restraints Total Vulnerability Management Products Market: Market Restraints (World), 2009 Separation of IT Regulatory Operations and Compliance Distracts Security Teams in the Security Viewed as a from Security Goals Enterprise Point Products Cost Item Provide Best-of- Breed Functionality Availability of Free and Open Source Fear of Solutions that Solutions Introduce Further Complexity Source: Frost & Sullivan 19
  • 20. Expectations for the Vulnerability Management Market Total Vulnerability Management Products Market: Forecasted Revenues (World), 2010-2016 1,400.0 Static application security testing shifts to the QA/development teams. Dynamic testing integrated with vulnerability scanners. 1,200.0 Revenues ($ Million) 1,000.0 Penetration testing 800.0 increasingly integrated with vulnerability scanning technologies. 600.0 Vulnerability 400.0 assessment integrates with endpoint security Distinct paths emerge for security and non- and UTM solutions. 200.0 security related patch management solutions. Improved functionality in both areas drives growth. 0.0 2010 2011 2012 2013 2014 2015 2016 Note: All figures are rounded; the base year is 2009. Source: Frost & Sullivan 20
  • 21. Key Market Participants• The vulnerability management market is led by companies such as Qualys, McAfee, and IBM.• Vendors such as Secunia, Rapid7, and nCircle have been gaining in market share and help propel the market’s growth. 21
  • 22. Conclusions 1 Industry-wide Integration Trend 2 Advances in the Patch Management Market 3 Increased Focus on Web Applications and Penetration Testing 4 Increased Focus on End-point Security 5 Evolving Market with High Growth Potential 22
  • 23. Questions? 23
  • 24. Next Steps Request a proposal for or Growth Partnership Services or Growth Consulting Services to support you and your team to accelerate the growth of your company. (myfrost@frost.com) 1-877-GoFrost (1-877-463-7678) Join us at our annual Growth, Innovation, and Leadership 2011: A Frost & Sullivan Global Congress on Corporate Growth (www.gil-global.com) Register for the next Chairman’s Series on Growth (http://www.frost.com/growth) Register for Frost & Sullivan’s Growth Opportunity Newsletter and keep abreast of innovative growth opportunities (www.frost.com/news) 24
  • 25. Your Feedback is Important to Us What would you like to see from Frost & Sullivan?Growth Forecasts?Competitive Structure?Emerging Trends?Strategic Recommendations?Other? Please inform us by taking our survey. Frost & Sullivan’s Growth Consulting can assist with your growth strategies 25
  • 26. Follow Frost & Sullivan on Facebook, LinkedIn,SlideShare, and Twitter http://www.facebook.com/FrostandSullivan http://www.linkedin.com/companies/4506 http://www.slideshare.net/FrostandSullivan http://twitter.com/frost_sullivan 26
  • 27. For Additional Information Jake Wengroff Craig Hays Corporate Communications Director of Sales ICT ICT (210) 247-3806 (210) 247-2460 jake.wengroff@frost.com chays@frost.com Rob Ayoub Chris Rodriguez Global Program Director Industry Analyst ICT – Network Security ICT – Network Security (210) 247-3808 (210) 477-8423 rayoub@frost.com chris.rodriguez@frost.com 27