June 09, 2005
$895 per server, $39 per workstation
- Ease of Use:
- Value for Money:
- Overall Rating:
Clear, intuitive interface, flexibility.
Documentation could be a little better.
A comprehensive and easily deployed auditing tool.
SecurityExpressions is a comprehensive audit and compliance software tool which is easy to deploy and usable in most computing environments. It can audit systems either with or without agents deployed on the target machines.
There are benefits to both approaches, and the administrator can set preferences according to available bandwidth and other parameters. In any event, having a choice of fundamental approaches is a commendable feature.
SecurityExpressions is rule-based, and a variety of predefined rules are supplied which can be used as they are or customized to suit the organization. The supplied rules (from NIST, Microsoft and others) are fairly comprehensive and worth experimenting with.
Alternatively, you can create rules from scratch, and a useful 168-page guide explains the process. A getting started guide is also supplied in PDF format (although we always prefer printed manuals), and the help files, while not extensive, are useful and carefully considered.
The pane-based user interface, while not fancy, is intuitive and clear – just what the admin needs. Having selected a rules policy and run an audit, the results are displayed clearly with an "OK" or "not OK" against each rule.
Clicking on an item displays further details in a lower, sizeable pane, including a priority level and suggested fix. There is also the option to display a preamble, which gives an overview on the rules policy currently being used.
On clicking the "fix" link, the fix is performed automatically and the result updated in the audit. This is a logical approach that will work well for many of the predefined rules. There is also a comprehensive reports section for configuring custom reports quickly and easily – a key feature.
SecurityExpressions can also be used for benchmarking and subsequent compliance testing, as well as patch management. It is a potentially versatile product that will prove invaluable in many scenarios. It is also an easy tool for the administrator to become familiar with. As familiarity and experience increase, a more in-depth approach can be taken which will realize even more powerful functionality.
SecurityExpressions is a well-conceived auditing tool, fast to deploy within a majority of contemporary organizations. It is both intuitive and flexible, providing scope for fine tuning according to requirements.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry