Commercial Off-The-Shelf (COTS)

5th May 2020 | Cybrary Commercial Off-The-Shelf (COTS)


cots cybrary

Commercial Off-The-Shelf (COTS) in cybersecurity is a computer hardware or software product made for nearly any user because it is available to the general public for purchase. COTS products are designed to be very user friendly. A typical example of a COTS product is Microsoft Office. COTS products are available off-the-shelf and do not require custom development before installation. 

Advantages of COTS Software

COTS software usually enjoys the following benefits:

  • fully supported by the vendor
  • 3rd party integrators can help you train on the product or implement the solution because it is universally available to a large customer base
  • a predictable hardware or software life-cycle by a stable well-funded software company
  • longevity of use
Disadvantages of Custom Written Software

In comparison to COTS software solutions, some SMBs attempt to write their own specific software solutions to solve specific problems they face. Now, this may be the only way to solve a problem critical to your SMB.  If that’s the case, perhaps go for it.  However, know the following risks:

  • Less predictable longevity for the solution under development
  • Difficulty supporting a custom solution that doesn’t have wide industry adoption
  • The risk that developer(s) go in another direction and stop developing your product
  • Lack of 3rd party security testing and assessments may put your solution at risk of hacking or compromise or logic flaws

Source: Techopedia

Additional Reading: Using COTS Software To Model Development And Logistics

Related Terms: Closed Source Software, Open Source Software, Software Development Life Cycle (SDLC), Software End-of-Life (EOL) and End-of-Support (EOS)

What does this mean for an SMB?

SMBs should strongly consider the use of COTS software over building their own. Technical debt accumulates with custom built software over time.  People and developers move on to other projects and customers.  A COTS product will be supported by the vendor in the long run and you will always enjoy an upgrade path, patches, and support which is not always true of home grown or built applications.

To learn more about COTS, watch this short 3 minute video:

Are you doing enough to protect your business?

Sign up with CyberHoot today and sleep better knowing your

employees are cyber trained and on guard!


Sign Up Today!

Latest Blogs

Stay sharp with the latest security insights

Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.

Top 10 Emerging AI-Based Threats Every Business Must Prepare For

Top 10 Emerging AI-Based Threats Every Business Must Prepare For

Artificial Intelligence (AI) is transforming productivity and efficiency, but it’s also arming cybercriminals...

Read more
Microsoft Rolling Out Token Protection: Practical Guidance for MSPs

Microsoft Rolling Out Token Protection: Practical Guidance for MSPs

Part 2 of Our Microsoft Entra Security Series In Part 1, we explored how Microsoft’s Token Protection...

Read more
Why Traditional Phishing Tests Fail — And How the Latest Research Proves It’s Time for a Change

Why Traditional Phishing Tests Fail — And How the Latest Research Proves It’s Time for a Change

For years, organizations have relied on fake email phishing simulations to measure employee resilience to...

Read more