Cb Connect 2018 | Power of You | Register Now


10 Steps to Compare Next-Generation Antivirus (NGAV) Solutions

January 13, 2017 / Ryan Murphy

(Editor’s Note: The content below derives from the recently published SANS Guide “Out with the Old, In with the New: Replacing Traditional Antivirus.”)

When evaluating NGAV vendors, if you end up with two or more vendors in close contention, follow a scoring process, such as the one described below, to determine which solution may be best for your organization.

(NOTE: Before reading on, be sure to have available the evaluation-criteria tables from SANS, available for download here:)

1. Translate and customize your evaluation tables into a formal statement of requirements you can use to score vendor technical responses.

2. Determine what requirements you feel are mandatory (“must have”) versus optional (“nice to have”), and assign a weight to each requirement based on the importance of the requirement to your organization.

3. Define a rating scale such as:

0 = not supported
1 = partially supported
2 = fully supported with the basic product
3 = fully supported with additional features enabled or third-party tools

4. Build a numeric scoring sheet, ideally spreadsheet-based, that can help establish an overall score for how a vendor responds to these requirements.

5. Determine the method used to evaluate each requirement using standard approaches:

A = Analysis; T = Test; D = Demonstration; I = Inspection

6. Construct a request-for-proposal (RFP) structure through which each vendor can provide additional, supporting product information plus actual pricing and support information in a manner that easily establishes alignment with your requirements.

7. Evaluate the completeness of each vendor response against the technical and operational requirements. Review how the pricing and support structure for each vendor meets your organization’s needs.

8. Select the top vendor based on the overall numeric score and on how competing vendors meet your requirements, as well as their pricing and support structure. Negotiate pricing to meet your needs in terms of support and service.

9. Develop the contract (or accept the vendor’s contract) and negotiate any legal terms and conditions.

10. Finalize the award, deploy the product and go!

Consider asking each vendor to score itself and then evaluate the responses against your own scoring based on the evaluation criteria. Compare the scores to help select the leading candidate.


Click the image below to download the free SANS Guide “Out with the Old, In with the New: Replacing Traditional Antivirus.”


TAGS: Carbon Black / Next-Generation Antivirus / NGAV / sans