As I read some of the other comments I can't help but think that they are proving your point - people often take a portion of a statement you made and read into it based on their own biases and what they believe your conclusion should be (as a vendor). You are generally right on target; testing as a for-profit business model is always going to [at the very least perceived to] be skewed to maximize their profitability. Testers are going to design test suites that fit their pre-concieved notions of how a)real-world users act; b)how anti-malware is done "right"; and c) what the results "really mean". Vendors will always push back at results that don't show them as #1 because they believe in their product and their approach to the issue. The real test suite? Ones own production environment. A long time in the network consulting/managed services arena has made me eschew potentially cozy relationships with other vendors (including one who handed me a 5-figure check for attending and speaking at their top reseller/top client events) for the superior stopping power that I've gotten from Webroot. My tests care about two things - stopping the bad guy and not messing up the client endpoint. Webroot has done both for me.
... View more
Surveillance devices should never have direct Internet access. Period. Devices talk to a controller that may have a public-facing interface, but that's as close as a camera, access device, or sensors should ever get to outside access.
... View more