We just raised a $30M Series A: Read our story
2021-01-06T14:09:00Z

What are the threats associated with using ‘bogus’ cybersecurity tools?

291

There are many cybersecurity tools available, but some aren't doing the job that they should be doing. 

What are some of the threats that may be associated with using 'fake' cybersecurity tools?

What can people do to ensure that they're using a tool that actually does what it says it does?

ITCS user
Guest
1213 Answers

author avatar
Top 5LeaderboardReseller


Dan Doggendorf gave sound advice.


Whilst some of the free or cheap platforms will provide valuable information and protection, your security strategy has to be layered. Understand what you want to protect and from whom. At some point you will need to spend money but how do you know where to spend it? There are over 5,000 security vendors to choose from.


There is no silver bullet and throwing money at it won’t necessarily fix what you are at risk from but at the same time free products are free for a reason.


If your organisation doesn’t have a large team of security experts to research the market and build labs then you need to get outside advice. Good Cyber-advisors will understand your business and network architecture therefore will ask the right questions to help you to navigate the plethora of vendors and find the ones that are right for where your business is now and where you intend it to be in the future.


Large IT resellers will sell you what they have in their catalogues based on what you ask for and give a healthy discount too but that may not fix the specific risks your business is vulnerable to. A consultative approach is required for such critical decisions.


By the way, there are free security products and services that I recommend.


2021-01-08T17:10:56Z
author avatar
Vendor

Tools are not necessarily bogus. Sometimes they are just 'legacy' tools that have been around for too long and no longer fit the problem they were designed to solve, simply because IT infrastructure, organizational needs, and cybersecurity threat complexity have evolved. 

2021-01-08T14:39:23Z
author avatar
Real User

Open Source or Free products need proper management. Based on my experience I have found that many people who uses open source don't bother to patch them and attackers then utilize such loopholes.



One of the great example one client was using free vulnerability management plus IP scanner. And they got hit with ransomware. During the investigation I realise the attacker utilized the same tool to affect other devices on the network. The attack took his time at least 2 months unnoticed. 

2021-01-07T22:48:44Z
author avatar
Top 5LeaderboardReal User

One should 1st have details understanding of what he/she is looking to protect within environment as tool are specially designed for point solution. Single tool will not able to secure complete environment and you should not procure any solution without performing POC within your environment 


As there is possibility that tool which works for your peer organisation does not work in similar way for yours as each organisation has different components and workload/use case

2021-01-07T15:20:48Z
author avatar
Top 5Real User

You should build a lab, try the tools and analyze the traffic and behavior with a traffic analizer like wireshark and any sandbox or edr that shows you what the tools do, but all this should be outside your production environment, use tools that has been released by the company provider and not third party downloads or unknown or untrusted sources.

2021-01-07T14:08:41Z
author avatarJavier Medina
Top 5Real User

Assosiated threats are many, like data loss, data exfiltración, vlan hoppin, sensible data expossure, ransomeware, etc.

author avatar
Top 5Vendor

I suppose it depends on just how 'bogus' they are. If they are truly 'bogus' then you are likely looking at a trojan. If, however, we are just talking about a 'bad' security tool then you are talking about trying to manage your security with bad or missing information.

2021-06-28T15:22:22Z
author avatar
Top 5LeaderboardReal User

Refrain from free products


Delete products and traces of product after evaluation


Always know what you want from the cybersecurity solution. Can identify illegal operations of the products if different from its stipulated functions.


Work with recognised partners and solution providers


Download opensource from reputable sites


2021-01-08T12:12:20Z
author avatar
User

Tools are not necessarily bogus. Sometimes they are just 'legacy' tools that have been around for too long and no longer fit the problem they were designed to solve, simply because IT infrastructure, organizational needs, and cybersecurity threat complexity have evolved

2021-01-12T22:10:57Z
author avatar
Top 10Real User

Bogus cybersecurity tools might bring about the data exfiltration, trojan horse 

2021-01-08T01:19:14Z
author avatar
Top 5LeaderboardReseller

I think this is quite an open-ended question.

Since cyber security is quite a vast world, it might be better to start small. Ask yourself what it is you are looking for or need. From there you can start asking specific questions based on that need. You should then be able to get more specific answers. Free doesn't always mean bad, but it probably will mean that you require more man power and more technical skills to manage it correctly. There are also quite a few "community" options available. Quite often you might start with a free solution and then upgrade that solution to their paid version which would give you more features.

So find out what it is you need and grow from there.

2021-01-13T15:58:32Z
author avatar
User

The biggest threat in using "bogus" or fake tools would be that they are themselves actually tools for someone else to access you. Its a very plausible and likely scenario. 

2021-01-11T12:47:02Z
Find out what your peers are saying about SonarSource, Veracode, Sonatype and others in Application Security. Updated: November 2021.
554,676 professionals have used our research since 2012.