Subscribe to the latest content and updates from Nightfall
Many organizations recognize the emergent need to discover, classify, and protect their sensitive information stored in cloud applications (SaaS) and infrastructure (IaaS) via a dedicated cloud content inspection process. However, cloud-native detection engines are a relatively new technology, and many corporate Information Security teams or Product Security developers are, understandably, not yet familiar with how to effectively evaluate cloud content detection.
Some cloud DLP vendors capitalize on this lack of standardized evaluation criteria, promoting attention-grabbing statistics on their websites such as “99% accuracy.” While these numbers may make you feel like you’re getting a great solution, they are actually somewhat meaningless without some additional context, and ultimately can distract you from the key questions you really should be asking.
Nightfall is here to help you navigate the process of evaluating cloud content detection engines, so we’ve put together some tips provided by our expert team of data scientists and machine learning engineers. Here’s what you should really be looking for when evaluating a detection engine for data loss prevention (DLP) or other content inspection, beyond the splashy numbers.