Ongoing advances in information technology affect all areas of society. One of the most promising areas of rapid growth within the field of information security is cyberattack detection and intrusion prevention. Massive cyberattacks initiate the development of specific technical solutions, tools and cyber countermeasures systems. To identify network intrusions, intrusion detection and prevention systems use modern methods, models, tools and integrated technical solutions that can remain effective when new or modified types of cyberthreats occur. In practice, however, with the emergence of new threats and anomalies, these tools do not always remain effective. Thus, intrusion detection systems must be continuously researched and improved. Such systems include specialized software that is designed to detect suspicious activity or information system intrusions and take sufficient measures to prevent cyberattacks. These systems and tools tend to be rather expensive, closed source, and require periodic support from their developers for improvement and appropriate adaptation to certain organizations' environments. Taking into account the results of well-known research, the paper presents a generalized analysis of intrusion detection systems software using a defined basic set of characteristics (Cyberattack Category, Adaptivity, Detection Methods, Management, Scalability, Observation Level, Cyberattack Response, Security and Operating System Support). This will provide the developers and users with certain options when selecting the appropriate modern information systems protection software.