These three products are approximately the same type of tool, but with different functionalities depending on the market in which they are used.
With employees mixing personal and business applications on their mobile devices, parameters for security must be imposed. The product-set offers value for money.
With employees mixing personal and business applications on their mobile devices, parameters for security must be imposed. This product is also considered very good value for money.
With employees mixing personal and business applications on their mobile devices, parameters for security must be imposed. We find this product is very good value for money.
STREAM Integrated Risk Manager v3.1 from Acuity Risk Management is a risk-driven, compliance-monitoring and reporting solution that can log, track, remediate and report against multiple standards.
Agiliance RiskVision v7.0 provides a holistic view of security and compliance in one integrated enterprise platform that enables companies to move from a reactive threat-driven approach to a proactive, risk-aware posture.
The AlgoSec Security Management Suite is an appliance-based policy management toolset for analysing routing tables, hit counters, log files and topology information from various firewalls, switches and routers.
Allgress Insight and Risk Manager v5 helps companies aggregate data from security and compliance assessments and technical inputs and turn it into meaningful, actionable risk specific intelligence that can be aligned with the goals of the business.
Brinqa Risk Analytics is an IT risk management and vulnerability risk management platform that provides a consolidated view of an organisation’s risk factors. Handles Big Data very well, reporting, dashboarding and analytics.
Citicus ONE is an integrated system for organizations to automate their IT governance, risk and compliance management processes.
Aegify from eGestalt Technologies is a subscription-based, cloud-delivered software-as-a-service (SaaS) solution for IT security monitoring and compliance management, vulnerability analysis and risk management.
The FireMon Security Intelligence Platform consists of a central security manager appliance fed via data collectors spread throughout the network.
ToPS for Compliance and ePolicy Orchestrator (ePO) software is an extensible management platform that enables centralised policy management and enforcement of security products and the systems where they are installed.
Modulo Risk Manager automates GRC processes, integrating different areas and activities and allowing for centralised reporting.
Change Tracker Enterprise from New Net Technologies enables organisations to bring their existing environment into a state of policy compliance and then continually monitor and report on changes made once compliant.
Netwrix Auditor for Active Directory is a small piece of the much larger Netwrix Auditor Suite, which provides change and configuration auditing across a vast array of enterprise systems.
The RSA Archer Risk Management GRC Suite v 5.4 SP1 provides an organisation with a consolidated view of its risk.
Rsam GRC v8.2 is a platform for risk management and security risk intelligence enabling organisations to perform risk assessments, manage compliance, threats and vulnerabilities, policies, remediation activities, issues, incidents and more.
Skybox Risk Control is part of Skybox View, a complete portfolio of proactive security risk management solutions that automatically find, prioritise risks and drive remediation in a large or complex network before an adverse event occurs.
TrustedAgent GRC v5.0.4 is an IT risk and governance tool modeled after the NIST 800-37 risk management framework – with two added steps that include define, categorise, plan, implement, assess, manage, authorise and monitor.
Network Configuration Manager from SolarWinds is a powerful tool for managing policy compliance across many network devices including routers, switches and firewalls.
Nipper Studio from Titania is a newcomer this year to our policy management review.
Tripwire Enterprise is a full-scale configuration management product that allows administrators to create master “known and trusted” configuration states for many types of systems and devices on the network.
The Tufin Orchestration Suite feature three modules for managing security and compliance policies on network devices, such as routers, switches and firewalls.
Application Control from Viewfinity offers full-scale application policy that can be deployed right from a group policy within Active Directory.
By proxying all users to a site via a secure content delivery system most, if not all, of the risks are virtually eliminated by this tool.
nCryptedCloud adds a layer of encryption between the user and the storage provider.
This service forces users through the cloud instead of via direct access to an organisation’s internet portal.
Promisec Endpoint Manager offers full agentless management and auditing of the many client computers on the enterprise network.
Everything that one needs is in the case, including cables, adapters, a power brick and a space for extra disks.
EnCase Forensic v7 is the latest incarnation of the EnCase computer forensic tradition.
The only pure digital forensic case management tool of which we are aware.
This is a general purpose network forensic tool with a solid history.
These three products are approximately the same type of tool, but with different functionalities depending on the market in which they are used.
We are reviewing this suite of forensic tools as a package the same way we did last year because the elements work well together and offer a complete set of computer forensic capabilities.
Cellebrite is, arguably, the number one mobile device forensic tool suite available.
AlienVault’s Unified Security Management product is an excellent introductory SIEM appliance.
LOG Storm from BlackStratus combines log management and correlation systems with real-time monitoring and an integrated incident response system all on one easy-to-deploy and use appliance.
System administrators looking to extend their logging capabilities, or security professionals needing to gain deeper insights into their computing environments, might start their search with the CorreLog Enterprise Server.
SecureVue from EiQ Networks provides log gathering, correlation and analysis services for numerous operating systems, network and security devices, combining these services into a solid SIEM platform that offers vulnerability and compliance monitoring, incident management and configuration auditing in one easy-to-use package.
This feature-rich tool is designed to meet the needs of organisations of all sizes. It hits all the marks for an enterprise SIEM.
HP’s ArcSight ESM is a mature product that collects events from virtually any source.
Combining SIEM, log management, file integrity monitoring and analytics with powerful forensic tools, LogRhythm v6.2 offers security professionals a powerful monitoring and auditing platform to keep them informed, and an excellent investigatory tool in case things go wrong.
The ManageEngine EventLog Analyser has most of the features you would expect in a SIEM, and supports more than 700 devices from 30-plus vendors.
Enterprise Security Manager from McAfee is a truly enterprise-grade SIEM. Able to process thousands of events per second and store billions of events and flows, it offers great visibility into network activity for customers of any size.
NetIQ’s SIEM helps to quickly identify and respond to threats and to simplify management and compliance reporting. It delivers scalable log collection, aggregation, correlation, and analysis and reporting capabilities through flexible deployment options.
The SolarWinds Log & Event Manager (LEM) offers a quality set of log management, event correlation, search and reporting facilities.
There are better paths to authentication than passwords, primarily using multifactor and biometric tools, says Peter Stephenson
he IronKey F200 Biometric Flash Drive by Imation comes in several sizes for different uses. The first noticeable aspect out of the box is the water¬proofing case that houses the flash drive.
ecureAuth IdP is a good choice for an authentication solution because it supports a variety of multi-platform authentication devices and the server can be setup in the cloud or on-premises.
SecurEnvoy’s SecurAccess is a product for authentication using multifactor and/or biometrics. This class of products provide enhanced security for users providing credentials for access to an authenticator or authentication server.
The Threat Prevention Appliance from Check Point Technologies provides a solid security platform that can be customised with the addition of several software blades.
The CR200iNG-XP from Cyberoam Technologies offers full-scale, best-of-breed protection including an intrusion prevention system, gateway anti-virus, spam prevention at the gateway, web content filtering and a web application firewall.
The NSA 4600 from Dell SonicWALL incorporates next-generation firewall technology combined with a multi-core hardware platform to provide robust protection at the perimeter of even some of the most demanding networks.
The FortiGate-140D-POE from Fortinet offers a built-in firewall, intrusion prevention system, application control, web and email filtering and anti-virus in one solid appliance.
The Protector UTM appliance from SecPoint offers a full set of features packed into a single device.
This product provides a complete secure remote access platform that incorporates many perimeter security functions.
The XTM 545 from WatchGuard provides an excellent mix of best-of-breed functions and an easy-to-manage platform for robust perimeter security.
Take a security server in your virtual environment, add tools on each of the virtual servers you want to protect, throw in a control centre in the cloud and you have what you need to protect against malware in the virtual world.
Compliance monitoriing is claimed by all but delivered by few, so its good to find a product that truly delivers.
This is the only virtual security product of its type exclusive to Microsoft Hyper-V.
This is a security automation product for use in a VMware environment.
Virtual management for virtual environments.
Secures servers with software-based attestation, full-memory encryption and OS hardening, providing a foundation for trusted computing.
The UVM20 Security Management Appliance from BeyondTrust offers a full set of vulnerability scanning and compliance tools that are well integrated into a single easy-to-use appliance that features the Retina CS Threat Management Console as the center piece of the suite.
Insight Enterprise offers a full vulnerability and risk management platform that can be used to analyze and prioritize vulnerabilities throughout the enterprise to ensure that risk from vulnerabilities is handled effectively.
LanGuard from GFI Software is back again this year and those who are familiar with the tool will feel right at home with the latest version for 2014. On the surface, not much appears to have changed from last year, so here is the rundown for those unaware of this ...
Internal Scan - Cloud Edition from netVigilance offers a full vulnerability testing suite that can scan pretty much anything with an IP address and report on any vulnerabilities.
QualysGuard Express from Qualys uses the software-as-a-service (SaaS) model to provide vulnerability and compliance management services to customers.
Virtual machine makes deployment easy, high-gain antenna for Wi-Fi cracking.
Secunia’s Corporate Software Inspector (CSI) enables users to leverage its signature-based vulnerability scanner via installable software agents and/or a simple-to-use web-based console.
Focusing more on total risk than individual threats, this product analyzes networks in a holistic manner, enabling security teams to first remediate threats to hosts that could cause the most damage rather than relying solely on criticality ratings.
Strategic Cyber’s Cobalt Strike application is a serious penetration testing and educational tool.
Combining the gold-standard Nessus vulnerability scanner with the powerful Passive Vulnerability Scanner and Log Correlation Engine, Tenable’s Security Center Continuous View brings some of the industry’s best vulnerability management tools under one roof.
The BIG-IP 4200v with ASM from F5 is well-stocked with original, useful features.
Fortinet is well-known for its products, and those we have reviewed in the past exhibited high quality response to a variety of challenges.
Right out of the box, Imperva’s SecureSphere X1010 Web Application Firewall X1010 presented a slight learning curve to get it configured, as all the documentation was not available right away.
SecureSphere Database Activity Monitoring hardware appliance by Imperva is a well put together and configured machine that provides outstanding protection to both web and database servers.
The McAfee Database Security Solution software is a solid buy for any enterprise.
The FortiMail-200D from Fortinet features many email security features bundled into an easy-to-manage appliance. It includes anti-virus, anti-spam, onboard identity-based encryption, and content filtering and data leakage prevention through the use of many predefined policies.
McAfee Email Protection offers full-scale email security and content management in a single appliance with flexible deployment options.
CA DataMinder Classification “discovers and classifies sensitive structured and unstructured content stored within file servers, databases, collaboration tools and storage repositories.
Provides email and document classification – when both products are used – for Microsoft platforms.
As part of the Digital Guardian program, provides data classification.
Provides data classification for human-generated files, such as documents and SharePoint files or any human-generated files that reside on file servers.
SaaS-delivered secure collaboration application.
Model 660 is a useful tool that provides protection for web applications.
The tool takes advantage of IP reputation, context and categorization to analyze incoming and outgoing IP addresses.
A comprehensive database security management tool that provides vulnerability assessment, auditing and monitoring for database management systems.
The appealing aspect of the M100 - and other Imperva servers - was the preloaded policies that were already running once the server was up and operating.
This solution provides protection against such attacks as SQL injection. It is intended to be used with SecureSphere Web Application Firewall.
McAfee describes the functionality of the tool as providing "the five essentials for database protection: discovery, assessment, monitoring, prevention and compliance."
AIMS provides a complete set of identity management (IdM), network access control (NAC) and data leakage prevention (DLP) features.
Network Sentry monitors edge connections to a network and provisions the appropriate level of network access based on role-based security policies.
By leveraging an existing infrastructure enterprise, Centrify Suite 2013.2 Platinum Edition provides central control and securing and auditing of user access through cross-platform systems, mobile devices and applications.