And also, the probability they can be successful.
A rule of thumb is that if the cost that they have to pay to
break the system is higher than the benefit they can get,
then a rational attacker will not attack, attempt to break the system.
Once you find the weakest security link in your system and decided,
decided to improve it, you may find that there are too many products on the market.
Most of them, claim to be secure or
with a security, sec, certific, cert, certification.
However, claims and certification are not guarantees.
In many cases, there's no security benchmark, and
the attackers will always keep on bringing new and a powerful attacks.
So we cannot test the system against all the possible
scenarios to verify its security.
Even worse, it may not make much sense to compare
the security features of components from different vendors.