Security as a service (SECaaS) is a business model in which a service provider integrates their security services into a corporate infrastructure on a subscription basis more cost-effectively than most individuals or corporations can provide on their own when the total cost of ownership is considered.[1] SECaaS is inspired by the "software as a service" model as applied to information security type services and does not require on-premises hardware, avoiding substantial capital outlays.[2][3] These security services often include authentication, anti-virus, anti-malware/spyware, intrusion detection, Penetration testing,[4] and security event management, among others.[5]
Outsourced security licensing and delivery are boasting a multibillion-dollar market.[6] SECaaS provides users with Internet security services providing protection from online threats and attacks such as DDoS that are constantly searching for access points to compromise websites.[7] As the demand and use of cloud computing skyrockets, users are more vulnerable to attacks due to accessing the Internet from new access points. SECaaS serves as a buffer against the most persistent online threats.[8]