Advanced Threats Will Drive High Growth in New Product Segment, IDC Says

FRAMINGHAM, Mass., August 19, 2013 — As hackers have shifted their ultimate goals from disruption and notoriety to financial and intellectual property theft, the tactics they use have changed accordingly. The malware used today is increasingly target specific and stealthy, often evading signature-based defenses. Further, since the malware itself is simply a tool for the collection and exfiltration of data, sophisticated attackers are using different pieces of code for each phase of the offensive, making the detection of advanced attacks much more difficult.

To defend against these specialized threats, a new segment of products has emerged that leverage a variety of technologies above and beyond signature-based defenses. Recognizing this, International Data Corporation (IDC) has defined a new competitive security market segment dubbed Specialized Threat Analysis and Protection (STAP). STAP products must use a predominantly signature-less technology (i.e., sandboxing, emulation, big data analytics, containerization) to detect malicious activity. These solutions can be based at the network level, on the endpoint, or both, and scan both inbound and outbound traffic for anomalies including botnet and command and control traffic. The market also includes products that allow for the reverse engineering and forensic analysis of discovered malware. The worldwide market for STAP solutions is forecast to have a compound annual growth rate (CAGR) of 42.2% from 2012 through 2017 with revenues reaching $1.17 billion in 2017.

"Organizations have quickly begun to realize that they need improved protection against targeted attacks," said John Grady, Research Manager with IDC's Security Products group. "IDC has seen these solutions become a strategic necessity for many organizations, especially in the financial services and government sectors, with budget being quickly allocated to prioritize deployment."

Products in the STAP market remain incredibly varied, though they all tackle the same fundamental issue of bringing visibility and protection against threats that legacy security products are unable to address.

Additional findings from IDC's research include the following:

Many STAP solutions today are deployed in a layered fashion (e.g. endpoint and network-based solutions), meaning that not all vendors in this market compete against one another.

In many cases, there remains a gap between detection and remediation, although vendors are moving quickly to address this.

Ultimately, many STAP functions will be incorporated into traditional security products, although IDC believes this will be towards the end of the forecast period.

The IDC study, Worldwide Specialized Threat Analysis and Protection 2013-2017 Forecast and 2012 Vendor Shares (IDC #242346), examines the STAP market and provides a market size for 2011, vendor shares for 2012, and a forecast for 2013–2017.

To purchase this study, please contact IDC Sales at 508-988-7988 or sales@idc.com

About IDC

International Data Corporation (IDC) is the premier global provider of market intelligence, advisory services, and events for the information technology, telecommunications, and consumer technology markets. IDC helps IT professionals, business executives, and the investment community to make fact-based decisions on technology purchases and business strategy. More than 1,000 IDC analysts provide global, regional, and local expertise on technology and industry opportunities and trends in over 110 countries. For more than 49 years, IDC has provided strategic insights to help our clients achieve their key business objectives. IDC is a subsidiary of IDG, the world's leading technology media, research, and events company. You can learn more about IDC by visiting www.idc.com.