Computer network attackers continually innovate and craft attacks to penetrate existing computer network defenses. New security product purchasing decisions are often key in order to keep the computer networks of organizations as secure as possible. Current information available to inform these decisions is limited to individual security product detection rates for some test set of attacks. Actual security performance, however, depends on how a security product performs in the context of an organization's existing security products. Even a security product that tests well on its own may be completely redundant or provide very little benefit when actually deployed into an existing environment. Metrics generated by even the best current tests fail to measure the gain of attack detection using the new security product with regard to existing layers of security. This leaves those making key purchasing unable to accurately determine how each potential security solution will actually affect an organization's overall security.
Therefore, there is a need for methods, systems, and media for evaluating layered computer security products.