IDC Forecasts Worldwide Intrusion Detection and Vulnerability Assessment Software Revenues Will Exceed $1 Billion in 2003

FRAMINGHAM, MA – APRIL 18, 2001 – Revenues in the worldwide intrusion detection and vulnerability assessment market are quickly sneaking up on the $1 billion mark, and by the time 2003 comes to a close, they will be well beyond this figure. According to IDC, the market is increasing at a strong 1999-2004 compound annual growth rate (CAGR) of 34%. The global market intelligence and advisory firm maintains, however, that fear of security breaches is not the primary market driver.


"Organizations are purchasing intrusion detection and vulnerability assessment products to increase control and awareness over the state of their computing environments," said Charles Kolodgy, manager of IDC’s Internet Security research. "The size and complexity of many enterprise computing environments have tremendously increased, and the individuals running them need a way to find out what the state of the network looks like. By scanning the network, vulnerability assessment tools provide them the information they need."

Although intrusion detection software will increase faster than the vulnerability assessment segment, the latter will account for the majority of revenues through 2004. Intrusion detection software revenues will increase at a 1999-2004 CAGR of 37% and account for 46% of the market’s revenues in 2004. In comparison, vulnerability assessment software revenues will increase at a CAGR of 32% and maintain 54% of revenues.

IDC believes intrusion detection software will shift from being sold as outright software sales to being sold embedded in an appliance or as part of outsourced monitoring and detection services. "The expense of monitoring the solutions and the overhead many solutions place on the network are still too high for many environments," said Brian Burke, an analyst with IDC’s Internet Security research program. "Little reason exists for any company outside the Fortune 200 to not seriously consider outsourcing the management of their intrusion detection software. The ROI needed to truly monitor these solutions properly is beyond the scope of all but the largest and most paranoid organizations."

IDC recently published Gaining Control over Infrastructure: Intrusion Detection and Vulnerability Assessment (IDC #B23718). This bulletin forecasts worldwide revenues through 2004 by segment and illustrates vendors’ 1999 market shares and also provides estimates of 2000 shares. The bulletin discusses factors driving growth in each segment and looks at the pros and cons of each product type. IDC also outlines future trends by segment. The bulletin concludes with profiles of the following vendors: Internet Security Systems, AXENT, BindView, Cisco, Network Associates,, Entercept, L3 Network Security, Tripwire, Network ICE, and CyberSafe.

To purchase this bulletin, contact Cheryl Toffel at 1-800-343-4952, extension 4389, or at

About IDC

IDC delivers dependable, high-impact insights and advice on the future of ebusiness, the Internet, and technology to help organizations make sound business decisions. IDC forecasts worldwide markets and trends and analyzes business strategies, technologies, and vendors, using a combination of rigorous primary research and in-depth competitive analysis. IDC provides global research with local content through more than 700 analysts in 43 countries worldwide. IDC's customers comprise the world's leading IT suppliers, IT organizations, ebusiness companies, and the financial community. Additional information can be found at

IDC is a division of IDG, the world's leading IT media, research and exposition company.


# # #

All product and company names may be trademarks or registered trademarks of their respective holders.