What’s the Difference, Anyway?
Starting with the definition, a product is anything that is made to be sold. It could be a physical item, like a carrot or a steam locomotive, but it can also be something less tangible, like a service, intellectual property, or (crucially for us) a piece of software. A solution, on the other hand, is a more nebulous concept. It can combine any number of products and services to solve a specific problem or address a specific need.
For simple problems and needs, just getting the product might be close enough to a solution. But the more complex the problem, the more it takes to solve it, until the product becomes a mere starting point. Despite everyday usage, products and solutions are very different things. Allow me to digress and illustrate.
My Door Problem
My front door does a great job of separating the inside of my house from the outside but other than that, it’s old, badly insulated, warped, flaking, and plain ugly. Simply put, the door is my problem – and I need to change it.
So what do I do? Well, I can go out and buy a new door. Then I’ll have the product – but not the solution. In fact, a new door is only the first step on my road to a solution. Once I have the door, I still have to take it back to the house, find the right tools and materials, remove the old door, fit the new door, clean up all the dust and rubble, and dispose of the old door. The thing is that my hatchback is wholly inadequate for transporting anything much larger than a shopping bag and I haven’t got a clue about knocking down and installing front doors, let alone disposing of construction waste.
Come to think of it, I would much rather pick a nice door and then have someone else deliver it, install it, clean up, and take away the old door. I want someone to solve my door problem without me getting my hands dirty – you might even call that, quite literally, a white-glove solution.
The Problem with Security Products
Software is one area where many vendors focus on selling products rather than solutions. Especially in enterprise software (think ERP), many products are effectively sold as raw components that need to be customized and integrated before they can be useful – a bit like flat-pack furniture, except it takes a lot more than a couple of hours with an Allen key.
When carried over to application security testing, this approach often leaves companies struggling with a product that takes a long time to deploy, integrate, customize, and actually deliver value. Or they might have the product but never manage to use its full potential. Sometimes, they might even give up on trying to make a product truly useful. This is especially true of open-source software which is temptingly easy to acquire (because it’s free) but can be difficult and costly to turn into an effective solution.
Measuring value from security testing is hard enough without worrying about inadequate tooling. This is one area where a mere product won’t do – you must have a solution, and one that delivers maximum value.
The Netsparker Approach
At Netsparker, we take the product vs. solution thing very seriously. In fact, we never sell the product – always the solution. This approach is especially important in web application security testing, where a small but fundamental issue like misconfigured authentication can make the difference between getting detailed and actionable results and getting nothing at all. In fact, many misconceptions about the limitations of dynamic application testing are the result of people taking a product and simply throwing it at a website or application without configuring it properly.
To make sure that Netsparker customers always get an effective solution and make the most of their product, we start with a demo period where our engineers set up a proof-of-concept deployment to show off the solution in the customer’s specific environment. After that, we have a whole onboarding process where our experts can help to fully customize the deployment and configuration to match the organization’s unique needs, which is especially important in large and complex enterprise settings. This also includes setting up integrations, delivering hands-on technical training, and providing best-practice guidance on application security testing.
Once the Netsparker solution (and now it is a solution) is up and running, customers are still not left on their own. Apart from world-class technical support to handle incoming issues and questions related to the product, we also have a whole customer success team whose job is making sure that customers always have an effective solution in place. That way, if the solution ever needs modifications to meet changing requirements, we can quickly bring in the right expertise to put things back on track.
From Product to Solution in a Few Hours
If Netsparker were a door, we would start by helping you pick the best door on the market. Then, within a few hours, we would get the door to you, handle the installation, mount new locks, adjust the hinges, get rid of the old door, sweep the floors, repaint the door frame, and leave your new house keys under a complimentary “Welcome Home” doormat. Later, we would also check back every now and then to oil the hinges and make sure everything works as expected under the lifetime warranty.
We start with an industry-leading product and work with the customer to turn it into an effective and risk-free solution that keeps delivering value and customer satisfaction – and all in a very short time, sometimes quite literally a few hours. Our secret to turning a product into a solution is a dedicated and well-organized team that always goes the extra mile to make sure that customers have exactly what they need.
So that’s how you turn a product into a solution. Now I just need to find someone to replace that door...