This product collects threat intelligence data from a variety of sources.
Engineers at OpenDNS have developed a suite of tools that they use to manage, monitor and investigate potential cyber-threats, especially those that impact name servers directly. One of those tools is Investigate.
This is a solid, technically oriented open source intelligence service.
This is a general open source intelligence tool with a solid, though not extensive, focus on cyber-intelligence.
This is an extremely powerful system for gathering, analysing and acting on cyberthreat intelligence.
ThreatStream’s OPTIC is a cyberthreat intelligence platform that manages the lifecycle of threat intelligence via integration across an enterprise’s security infrastructure.
This is a very good threat intelligence tool where almost all of the threat sources and analytics are under the covers.
Adds a lot of value to your security stack by applying threat intelligence. Provides a prodigious amount of extremely useful research, much of it from analysts around the globe.
Threat intelligence appliance that ties the Norse DarkMatter infrastructure to your network.
The Barracuda Web Application Firewall is a hardware-based device which is used to monitor, assess and remediate web-based application vulnerabilities.
The FortiDB 1000D is a hardware appliance that monitors, audits and identifies vulnerabilities in databases. There are three deployment options: network sniffer, native audit and network agents.
Sensitive Data Manager ties discovery to business issues making classification easier and more relevant.
This is a clean product with a well thought-out goal and a well-executed solution. It is part of the overall CA suite of access control products with which it integrates smoothly, and it offers dynamic classification and recognition.
Allows users to apply relevant visual and metadata labels.
Provides classification for data, largely in a Microsoft environment, plus mobile environments.
Threat protection centered outside the firewall.
Detects anomalous behaviour on websites.
Account takeover detection and prevention.
Provides evidence-based bot and malware detection with high certainty, in real-time, on any browser-based web request.
Besides automating user creation, the Avatier suite of products offers seamless integration with HR software, enables IT departments to set up a web portal for users to reset their passwords, and it can also create workflows so that high-level IT personnel aren’t bogged down with lower-level requests.
The ForeScout CounterACT is a policy-based network access control product that allows for inventory, classification and regulation of endpoints and network devices.
The Forum Systems Sentry API Gateway is a comprehensive application security appliance that allows users to set up robust security over a variety of different protocols and data formats.
The Hexis Cyber Solutions NetBeat NAC is a well-designed network access control solution that can be deployed in minutes.
The iNetSec Smart Finder from PFU systems is an excellent network access control system for organisations of any size.
Pleasant Password Server (PPS) is a simple yet effective way for organisations to manage their passwords everywhere.
McAfee Email Gateway protects networks from viruses, undesirable content, spam and other threats.
MailGate is a secure collaboration gateway appliance which combines email security and content management gateway functionality.
The Barracuda Spam Firewall is an integrated hardware and software solution designed to protect the email server from spam, virus, spoofing, phishing and spyware attacks.
EdgeWave ePrism offers a complete suite of email security services.
Safe-T Box is a secure email and data exchange solution comprised of three components offering high levels of security for secure email solutions.
The WatchGuard XCS 580 (Extensible Content Security Appliance) is an easy-to-use, all-inclusive email and web appliance that provides security and privacy of inbound and outbound traffic.
Avira Professional has its own console and is largely an anti-malware product.
DriveLock offers dynamic, configurable access control for mobile drives, such as floppy disk drives, CD-ROM drives and USB memory sticks.
Endpoint Protector v4 comes as a virtual appliance and is intended to provide device control, mobile device management and data leakage protection.
The tool includes an anti-virus module to scan system files, executables, dynamic-link libraries and drivers. It also scans for and removes rootkits.
Invincea provides an additional layer of security at the endpoint by adding in protection for web browsing and document use.
Kaspersky Endpoint Security for Business is an enterprise-grade endpoint security system that addresses malware, mobile device management, endpoint controls, encryption and systems management.
Addresses systems management tasks: device discovery and inventory, software distribution, patch management, software asset management (SAM), security audit and enforcement, service desk, power management and more.
Novell ZENworks Endpoint Security Management v11 hits all of the marks for a full-featured endpoint security product by addressing managing.
Safetica manages and controls data security at the endpoint through its client-server architecture and three major components: Endpoint Client, Management Server and the Safetica Management Console.
Trend Micro Smart Protection Complete v11
Unifies IT operations and security through a single console, server and agent architecture to address IT risk and systems management requirements across the enterprise.
Helps enterprises manage and control endpoint security by combining a small-footprint, anti-virus agent with integrated patch management and mobile device management (MDM) capability.
These three products are approximately the same type of tool, but with different functionalities depending on the market in which they are used.
Sophos Mobile Control is an enterprise mobility management solution which offers mobile device management, mobile application management, mobile email management, mobile content management and mobile security and compliance through an easy-to-handle, web-based user interface.
With employees mixing personal and business applications on their mobile devices, parameters for security must be imposed. The product-set offers value for money.
With employees mixing personal and business applications on their mobile devices, parameters for security must be imposed. This product is also considered very good value for money.
With employees mixing personal and business applications on their mobile devices, parameters for security must be imposed. We find this product is very good value for money.
STREAM Integrated Risk Manager v3.1 from Acuity Risk Management is a risk-driven, compliance-monitoring and reporting solution that can log, track, remediate and report against multiple standards.
Agiliance RiskVision v7.0 provides a holistic view of security and compliance in one integrated enterprise platform that enables companies to move from a reactive threat-driven approach to a proactive, risk-aware posture.
The AlgoSec Security Management Suite is an appliance-based policy management toolset for analysing routing tables, hit counters, log files and topology information from various firewalls, switches and routers.
Allgress Insight and Risk Manager v5 helps companies aggregate data from security and compliance assessments and technical inputs and turn it into meaningful, actionable risk specific intelligence that can be aligned with the goals of the business.
Brinqa Risk Analytics is an IT risk management and vulnerability risk management platform that provides a consolidated view of an organisation’s risk factors. Handles Big Data very well, reporting, dashboarding and analytics.
Citicus ONE is an integrated system for organizations to automate their IT governance, risk and compliance management processes.
Aegify from eGestalt Technologies is a subscription-based, cloud-delivered software-as-a-service (SaaS) solution for IT security monitoring and compliance management, vulnerability analysis and risk management.
The FireMon Security Intelligence Platform consists of a central security manager appliance fed via data collectors spread throughout the network.
ToPS for Compliance and ePolicy Orchestrator (ePO) software is an extensible management platform that enables centralised policy management and enforcement of security products and the systems where they are installed.
Modulo Risk Manager automates GRC processes, integrating different areas and activities and allowing for centralised reporting.
Change Tracker Enterprise from New Net Technologies enables organisations to bring their existing environment into a state of policy compliance and then continually monitor and report on changes made once compliant.
Netwrix Auditor for Active Directory is a small piece of the much larger Netwrix Auditor Suite, which provides change and configuration auditing across a vast array of enterprise systems.
The RSA Archer Risk Management GRC Suite v 5.4 SP1 provides an organisation with a consolidated view of its risk.
Rsam GRC v8.2 is a platform for risk management and security risk intelligence enabling organisations to perform risk assessments, manage compliance, threats and vulnerabilities, policies, remediation activities, issues, incidents and more.
Skybox Risk Control is part of Skybox View, a complete portfolio of proactive security risk management solutions that automatically find, prioritise risks and drive remediation in a large or complex network before an adverse event occurs.
TrustedAgent GRC v5.0.4 is an IT risk and governance tool modeled after the NIST 800-37 risk management framework – with two added steps that include define, categorise, plan, implement, assess, manage, authorise and monitor.
Network Configuration Manager from SolarWinds is a powerful tool for managing policy compliance across many network devices including routers, switches and firewalls.
Nipper Studio from Titania is a newcomer this year to our policy management review.
Tripwire Enterprise is a full-scale configuration management product that allows administrators to create master “known and trusted” configuration states for many types of systems and devices on the network.
The Tufin Orchestration Suite feature three modules for managing security and compliance policies on network devices, such as routers, switches and firewalls.
Application Control from Viewfinity offers full-scale application policy that can be deployed right from a group policy within Active Directory.
By proxying all users to a site via a secure content delivery system most, if not all, of the risks are virtually eliminated by this tool.
nCryptedCloud adds a layer of encryption between the user and the storage provider.
This service forces users through the cloud instead of via direct access to an organisation’s internet portal.
Promisec Endpoint Manager offers full agentless management and auditing of the many client computers on the enterprise network.
Everything that one needs is in the case, including cables, adapters, a power brick and a space for extra disks.
EnCase Forensic v7 is the latest incarnation of the EnCase computer forensic tradition.
The only pure digital forensic case management tool of which we are aware.
This is a general purpose network forensic tool with a solid history.
These three products are approximately the same type of tool, but with different functionalities depending on the market in which they are used.
We are reviewing this suite of forensic tools as a package the same way we did last year because the elements work well together and offer a complete set of computer forensic capabilities.
Cellebrite is, arguably, the number one mobile device forensic tool suite available.
AlienVault’s Unified Security Management product is an excellent introductory SIEM appliance.
LOG Storm from BlackStratus combines log management and correlation systems with real-time monitoring and an integrated incident response system all on one easy-to-deploy and use appliance.
System administrators looking to extend their logging capabilities, or security professionals needing to gain deeper insights into their computing environments, might start their search with the CorreLog Enterprise Server.
SecureVue from EiQ Networks provides log gathering, correlation and analysis services for numerous operating systems, network and security devices, combining these services into a solid SIEM platform that offers vulnerability and compliance monitoring, incident management and configuration auditing in one easy-to-use package.
This feature-rich tool is designed to meet the needs of organisations of all sizes. It hits all the marks for an enterprise SIEM.
HP’s ArcSight ESM is a mature product that collects events from virtually any source.
Combining SIEM, log management, file integrity monitoring and analytics with powerful forensic tools, LogRhythm v6.2 offers security professionals a powerful monitoring and auditing platform to keep them informed, and an excellent investigatory tool in case things go wrong.
The ManageEngine EventLog Analyser has most of the features you would expect in a SIEM, and supports more than 700 devices from 30-plus vendors.
Enterprise Security Manager from McAfee is a truly enterprise-grade SIEM. Able to process thousands of events per second and store billions of events and flows, it offers great visibility into network activity for customers of any size.
NetIQ’s SIEM helps to quickly identify and respond to threats and to simplify management and compliance reporting. It delivers scalable log collection, aggregation, correlation, and analysis and reporting capabilities through flexible deployment options.
The SolarWinds Log & Event Manager (LEM) offers a quality set of log management, event correlation, search and reporting facilities.
There are better paths to authentication than passwords, primarily using multifactor and biometric tools, says Peter Stephenson
he IronKey F200 Biometric Flash Drive by Imation comes in several sizes for different uses. The first noticeable aspect out of the box is the water¬proofing case that houses the flash drive.
ecureAuth IdP is a good choice for an authentication solution because it supports a variety of multi-platform authentication devices and the server can be setup in the cloud or on-premises.