NNT Change Tracker Generation 7

starstarstarstar½
The product is a strong PCI compliance measuring and reporting tool.

Allgress Insight Risk Manager

starstarstarstar½
This is a strongly IT-focused compliance and risk management tool.

Tufin Orchestration Suite

starstarstarstarstar
The Orchestration Suite actually comprises three products: SecureTrack dashboard (change tracking, risk analysis, etc.), SecureChange (change automation-ticketing) and SecureApp.

Modulo Risk Manager

starstarstarstarstar
Modulo Risk Manager is a perennial favourite around here.

LockPath Keylight Platform

starstarstarstarstar
The Keylight Platform is a cloud (SaaS)-based, on-premises or hybrid governance, risk and compliance (GRC) platform used for compliance and policy management, operational risk management, IT risk management, vendor risk management, business continuity management, and audit management.

Acuity Risk Management STREAM Integrated Risk Manager

starstarstarstarstar
This is pure risk management. Very good pure play risk management tool with a lot of reporting and customisation options. Good value, especially for consultants, something we almost never see. Weaknesses we wish that Stream did automated asset discovery and had a closed loop remediation platform instead of emailing a manager. Verdict ...

AlgoSec Security Management Solution

starstarstarstarstar
This tool can manage security – and, thus, risk and policies – by managing the data flows within the enterprise.

Skybox Security Suite

starstarstarstarstar
This tool manages the security on the enterprise’s entire threat surface.

SolarWinds Network Configuration Manager

starstarstarstarstar
SolarWinds has pulled all of its capabilities together in its network configuration manager (NCM).

RiskVision

starstarstarstarstar
RiskVision – formerly Agiliance – focuses on the “R” in GRC.

Tripwire Enterprise

starstarstarstarstar
Tripwire Enterprise is a policy compliance/risk management, IT operations and security tool.

AccessData Forensic Toolkit FTK

starstarstarstarstar
One of the distinctions that we still find in cyber-forensics is between media forensics and network forensics.

Cellebrite UFED Analytics Enterprise Platform

starstarstarstarstar
Over the years Cellebrite has been a pioneer in mobile device forensics.

Guidance Software Encase Endpoint Investigator

starstarstarstarstar
This is an “over-the-network” tool. Under the licence, you can connect up to 2,000 nodes.

IntaForensics Lima Forensic Case Management

starstarstarstarstar
The inclusion of case management in digital forensic tools is becoming much more common, but there are some functions in Lima that we don’t find anywhere else.

NIKSUN NetDetectorLive

starstarstarstarstar
NetDetector always has been a good series for Niksun, but this new version tops everything they’ve done so far.

Paraben DS

starstarstarstarstar
Paraben was one of, if not the, pioneer in mobile device forensics long before we called it that.

TSFactory RecordTS Single Server Edition

starstarstarstarstar
This is a very interesting tool and, though it does just one thing – monitor and record remote terminal services sessions – it does that quite well.

Bufferzone

starstarstarstarstar
Bufferzone uses a unique approach to protecting the endpoint.

Cybereason Detection Response Platform

starstarstarstarstar
This is a pure-play endpoint protection tool with a strong focus on malware.

DeviceLock Endpoint DLP Suite + DeviceLock DLP Discovery

starstarstarstarstar
This is one of the best-known endpoint DLP products in the industry.

X by Invincea

starstarstarstarstar
X by Invincea is an endpoint protection tool that is focused strongly on malware protection.

Kaspersky Endpoint Security for Business

starstarstarstarstar
This is a full-featured endpoint and DLP product.

Quick Heal Technologies Endpoint Security Total with DLP

starstarstarstar
A very competent endpoint DLP tool with some endpoint protection functionality.

Symantec Endpoint Protection

starstarstarstarstar
Like a true next-generation product, this one leverages machine learning, an extensive cloud system with a huge number of telemetry points around the world.

Webroot SecureAnywhere Business Endpoint Protection with Mobile Protection

starstarstarstarstar
This is a very simple to deploy endpoint security system with optional mobile device management.

Somansa Privacyi SaaS Endpoint DLP

starstarstarstar½
This is a cloud-based SaaS product with agents at the endpoints.

Citrix XenMobile

starstarstarstarstar
Of the products we reviewed, Citrix XenMobile was the easiest to deploy, use and provision.

IBM MaaS360

starstarstarstar
Security is excellent and the policy capabilities are what you should expect in a product of this type.

Sophos Mobile Control

starstarstarstarstar
Out of the gate we need to say that this product impressed us.

VMware AirWatch Enterprise Mobility Management

starstarstarstarstar
This product is well thought-out and has a lot of good functionality.

Beyond Trust Retina CS Enterprise Vulnerability Management

starstarstarstarstar
This is a full-featured vulnerability management platform with all of the bells and whistles you need to deal with vulnerabilities on your enterprise.

Core Insight

starstarstarstarstar
Insight automates much of the vulnerability management workflow beginning with asset discovery.

Idappcom Traffic IQ Professional

starstarstarstar½
Traffic IQ Professional may be just what the doctor ordered.

LOGICnow MAX Risk Intelligence

starstarstarstarstar
MAX Risk Intelligence requires almost no interaction with the user and it can be set to remind the user to scan automatically.

SAINT Security Suite

starstarstarstarstar
SAINT is one of the pioneers in mixing vulnerability assessment and penetration testing in the same tool.

Skybox Security Security Suite

starstarstarstarstar
Many of Security Suite's modules interact in such a manner that the overall management of vulnerabilities – particularly analytics – is enhanced significantly.

Tenable Nessus Manager/Cloud

starstarstarstarstar
This has next-generation capabilities.

Tripwire IP360

starstarstarstarstar
The IP360 is a feature-rich vulnerability management system with a pure-play vulnerability assessment personality.

AlienVault Unified Security Management Platform

starstarstarstarstar
AlienVault, the company with the cool logo, has really outdone themselves with the Unified Security Management Platform (USM).

CorreLog SIEM Correlation Server

starstarstarstar¾
This one leads two lives: a SIEM in its own right or a tool that can work alongside other, perhaps larger, SIEMs.

EventTracker Security Centre

starstarstarstarstar
Excellent value and wide-ranging capabilities perhaps unexpected in such a modestly priced package.

LogRhythm Security Intelligence Platform

starstarstarstarstar
Probably the most complete pure-play SIEM we’ve seen with the added benefit of many next-gen features and superlative correlation and analytics.

McAfee Enterprise Security Manager

starstarstarstarstar
Probably the most comprehensive and powerful SIEM we’ve seen, continuing the legacy of the old Nitro product up to the present time.

WatchGuard T30W and WatchGuard Dimension

starstarstarstarstar
The T30-W is a UTM for small- to medium-sized organisations. Used with Dimension it provides most of the functionality needed for today’s threatscape.

Bayometric Touch N Go

starstarstarstarstar
Bayometric does have many kinds of fingerprint scanners available for sale, it primarily is the developer of a fingerprint recognition API.

Datablink Device 200 and Mobile 200

starstarstarstarstar
The idea behind Datablink is that you pair up your device or mobile phone with a screen that is presented from a server online.

PistolStar PortalGuard

starstarstarstarstar
PortalGuard is a dedicated web-based portal that provides all strong authentication for the assets it supports.

SafeNet Authentication Service

starstarstarstarstar
SafeNet Authentication Service is a SaaS offering, but it can be set up on-premises if desired.

SecureAuth IdP

starstarstarstarstar
SecureAuth IdP is a specialised web server that can act as a portal with strong authentication tied to the applications or web/cloud locations to which it allows connections.

Vasco DigiPass 780, DigiPass for Mobile, and Identikey Authentication Server

starstarstarstarstar
This suite addresses malicious actors and can intercept and decode online banking transactions.

Yubico YubiKey 4

starstarstarstarstar
The YubiKey is an odd, little touch-sensitive second-authentication factor.

BeyondTrust PowerBroker and Password Safe

starstarstarstarstar
PowerBroker and Password Safe from BeyondTrust are the privileged account management components that sit on top of the much larger BeyondInsight platform.

Bomgar Privileged Access Management and Bomgar Vault

starstarstarstarstar
Bomgar Privileged Account Management and Vault is an agentless, proxy-based appliance that helps secure privileged account access and monitor systems accessed with those accounts.

CA Technologies Privileged Access Manager

starstarstarstarstar
Privileged Access Manager from CA Technologies is an appliance-based access gateway for securing access to systems using privileged accounts.

Centrify Privileged Identity Management

starstarstarstarstar
The two components of this tool make for a solid privileged account management platform to secure access to crucial accounts both on the enterprise network but also in the cloud

CyberArk Privileged Account Security Solution

starstarstarstarstar
The CyberArk Privileged Account Security Solution is an entire account management platform that combines a password vault with strong controls and real-time threat detection.

Hitachi ID Privileged Access Manager

starstarstarstarstar
The Hitachi ID Privileged Access Manager is a more traditional privileged account manager product with some really great features and functionality.

Lieberman Software Enterprise Random Password Manager ERPM

starstarstarstarstar
The Lieberman Enterprise Random Password Manager provides a secure repository for storing and managing access to privileged accounts and their associated passwords.

ManageEngine Password Manager Pro

starstarstarstarstar
Password Manager Pro from ManageEngine provides simple and easy-to-deploy password and access management to privileged or system accounts.

NetIQ Privileged Account Manager

starstarstarstar½
The NetIQ Privileged Account Manager offers a four-tiered approach to managing privileged access.

Netwrix Auditor

starstarstarstar½
The Netwrix Auditor takes an interesting yet vital approach to managing privileged accounts: Information is key.

Pleasant Solutions Pleasant Password Server

starstarstarstarstar
The Pleasant Password Server from Pleasant Solutions provides a secure password vault and privileged account password management that leverages KeePass technology to expand web-based sign-on functionality to the enterprise.

Thycotic Secret Server

starstarstarstarstar
Secret Server from Thycotic offers highly scalable distributed privileged account management.

Wallix AdminBastion Suite

starstarstarstarstar
The AdminBastion Suite from Wallix takes a very interesting approach to privilege account management and access.

Rapid7 UserInsight

Rapid7 has been in the vulnerability game for a long time and now have gotten into the active detection game.

Attivo BOTsink

This is a high interaction honeypot on steroids.

CRU SCILock

This product – with its objective of defeating persistent malware – is a fit for active breach detection.

Fidelis XPS

There really is little, if anything, that XPS cannot do in the digital forensics detection, analysis, prevention and response arena.

GuardiCore Data Centre Security Suite

The GuardiCore suite exhibits characteristics of both active breach detection and threat deception plus a whole lot more.

illusive networks illusive

illusive is a very cool products that has as its main purpose focusing on the actors rather than the malware in an attack.

LightCyber Magna

LightCyber provides us with a behavioural attack detection tool.

TrapX DeceptionGrid

The whole focus of TrapX is based on operationalising deception as a defensive activity.

Vectra Networks XSeries Platform

This is an active breach detection tool with a very particular focus: malware, most especially APTs.

Acuity Risk Management STREAM Integrated Risk Manager

starstarstarstarstar
STREAM is an integrated risk management tool delivered as a software product consisting of a database server, an application server and a client component.

Agiliance RiskVision

starstarstarstarstar
This is a hybrid application. It has many of the aspects of a traditional GRC platform and many of the technology-centric attributes. But, for all of that, it is biased toward risk management, albeit with many other GRC trappings.

AlgoSec Security Management Suite

starstarstarstarstar
This is a very specialised product. Its premise – and a good one it is – is that the firewall(s) manage the risk in any system.

Allgress Insight Risk Manager

starstarstarstarstar
This is an interesting product. It focuses on taking GRC into an IT environment and aligning it with business priorities to manage security and compliance.

FireMon Security Intelligence Platform

starstarstarstarstar
FireMon Security Intelligence Platform is focused on monitoring and managing firewalls.

MetricStream Risk Management Application and Policy and Document Application

starstarstarstarstar
This is a modular application delivered as SaaS or on-premise.

Modulo Risk Manager

starstarstarstarstar
This is a traditional approach to GRC with the added benefit of being able to consume vulnerability data from third-party scanners.

RSA Archer GRC

starstarstarstarstar
The RSA Archer GRC is a platform that integrates with a number of modules such as policy management, vulnerability risk management and content library.

Rsam GRC Platform

starstarstarstarstar
Rsam is undeniably a traditional GRC product but with a few nice twists.

Skybox SecuritySkybox Enterprise Suite

starstarstarstarstar
Skybox Enterprise Suite is strongly focused on the risk part of GRC.

SolarWinds Network Configuration Manager

starstarstarstarstar
The Network Configuration Manager takes everything that SolarWinds does well and wraps it in a cloak of GRC functionality.

Tripwire Enterprise

starstarstarstarstar
Tripwire Enterprise is a security configuration and change management tool.

Trusted Integration TrustedAgent GRC

starstarstarstar½
TrustedAgent GRC is risk-focused and takes a decidedly traditional GRC approach.

Tufin Orchestration Suite

starstarstarstarstar
Tufin Orchestration Suite is a tool that decidedly is on the technical side of GRC management.

AccessData Forensic Suite

starstarstarstarstar
We have been using AccessData tools for years and they never disappoint.

CRU Ditto Forensic FieldStation

starstarstarstar½
This is a simple tool but it may be one of the most important in your kit.

Guidance Software EnCase 7.10

starstarstarstarstar
EnCase has a long history in law enforcement and, in recent years, has moved strongly into the corporate world.

Distil Networks

starstarstarstarstar
Distil inspects each http request in real time to determine if it is a malicious bot.

IntaForensics Lima Forensic Case Management

starstarstarstarstar
This should be in every digital forensic lab, especially those that need to track evidence for use in court.

MSAB XRY Office

starstarstarstar½
XRY Office is a mobile device analysis tool, unusual in that it is very strong in recovering forensic data from devices that are locked without having to know the unlock code.

PacketSled

starstarstarstarstar
PacketSled is a cloud-based breach detection and network forensics tool that provides real-time detection of threats as they cross the wire, and retroactive investigation of host activity including the application of new indicators to historical data.

Cellebrite UFED Series

starstarstarstarstar
We are looking at three powerful tools in the UFED series: UFED 4PC Ultimate, UFED Link Analysis and the new UFED Cloud Analyser.

CylancePROTECT

starstarstarstarstar
This product is the poster child for next-generation anti-malware.

SC Webcasts UK

Sign up to our newsletters

FOLLOW US