Get up-to-the-minute news and opinions, plus access to a wide assortment of IT security resources that will keep you current and informed.

Keep me logged in Forgot your password?

Please wait...

Please wait...

2007 Industry Innovators

Industry innovators 2007: Identica Vascular Biometrics

December 01, 2007

The VP-II S vascular hand scanner provided by Identica fits perfectly into our look forward for the year. This device takes biometrics to a whole new level.
 

Industry innovators 2007: Bradford Networks

December 01, 2007

If you are trying to log into a network protected by Bradford Networks' NAC Director, you'll have an agent on your computer or you won't login. If you have an agent, you'll be sent exactly where policy allows you to go and nowhere else.
 

Industry innovators 2007: Passlogix v-Go SSO

December 01, 2007

Like all of our selections for this issue, Passlogix told us that they were innovators because they look at problems in new ways. What is more important is not that they look at problems in new ways, but how they do it. The "how" in the case of Passlogix is the real differentiator.
 

Industry innovators 2007: Fischer Identity Suite

December 01, 2007

When the phrase identity management comes up it is almost enough to make any administrator cringe. Between managing users, making sure they are in the right groups and have the right permissions, keeping the system up to date, and the many other headaches that come along with managing identity, most administrators would rather do pretty much anything else.
 

Industry innovators 2007: Entrust Identity Guard

December 01, 2007

Every company — especially the ones we have selected this month — couples vision with philosophy. The simple philosophy that Entrust embraces is: if multifactor authentication is to be the wave of the future, it must be affordable and manageable without losing its effectiveness.
 

Industry innovators 2007: Mu Security Mu 4000

December 01, 2007

There may — will, according to Mu Security — come a time when signature-based vulnerability assessment by itself is no longer a viable testing option.
 

Industry innovators 2007: Core Security Impact

December 01, 2007

Iconsider the term "ethical hacking" an oxymoron, but it has become a part of the information assurance lexicon whether I agree or not. However, the practical fact is that true penetration testing is not hacking in any form whatever.
 

Industry innovators 2007: RazorThreat TAC

December 01, 2007

Every now and then we see, as Monty Python used to say "...something completely different." The RazorThreat Threat Analysis Console is just such a product. The TAC, as RazorThreat refers to its product, analyzes inter-domain communications and determines through policy whether the communication is allowed or may be indicative of an attack.
 

Industry innovators 2007: LogLogic

December 01, 2007

SIM/SEM — security information management or security event management — often is characterized as being log correlation and analysis. LogLogic entered the market as an early player and focused on log management. That is still, five years later, where the company puts its efforts.
 

Industry innovators 2007: WetStone Technologies

December 01, 2007

Occasionally one gets to see a set of products whose only connection is that they take really hard problems in a particular application space and address them in remarkably innovative ways. These are the solutions to hard problems that everyone says you can't do, but you have to do it anyway.
 

Industry innovators 2007: eSoft Instagate

December 01, 2007

The unified threat management (UTM) market is a fast growing segment of the security market and vendors are trying to cram more and more security into a single device. The major problem here is that most vendors take a best of breed approach and bring in third-party technology. This is where eSoft separates itself from the bunch.
 

Industry innovators 2007: NitroSecurity IPS

December 01, 2007

It's just an intrusion prevention system (IPS), right? Well, not exactly. NitroSecurity is another of those companies that we've been watching for a long time. Initially, its claim to fame was a blazingly fast backend database. It provided that to developers of some very demanding applications, including IDS/IPS apps. The database platform shines when there are huge amounts of data to process without losing any.
 

Industry innovators 2007: AirWave

December 01, 2007

Wireless is not the future. It is now. Organizations are demanding wireless connectivity and IT departments are struggling to deploy it, while security managers are pushing back hard until security concerns for this pervasive technology can be addressed. The issues are management and security.
 

Industry innovators 2007: GTB Inspector

December 01, 2007

We have characterized GTB Inspector as "email security," but, really, that requires a bit of rethinking about what we mean by the term. There are, as everyone knows, a lot of aspects to email security and Inspector addresses one of the most important: data leak prevention.
 

Industry innovators 2007: PGP Encryption

December 01, 2007

In discussing innovation with people from PGP, we made a very interesting discovery. What we classically think of as PGP encryption actually is only a small part of the view that the company has of the product line and the mission of the company.
 

Industry innovators 2007: Mi5 Networks Webgate

December 01, 2007

A major challenge in today's large networks is the build-up of unseen malware, spyware and botnets. The Mi5 Networks Webgate is a tool that helps bring these problems to the surface and remediates them without disruption of network traffic flow.
 

Industry innovators 2007: eSoft Threatwall

December 01, 2007

As we pointed out earlier in this month's issue, eSoft has the UTM for everyone. However, in some cases, a UTM is not what is needed. In some cases the customer's current environment already has a firewall and VPN, but is without a way to manage content and usage policies. This is where the ThreatWall appliance comes in.
 

Industry innovators 2007: BigFix

December 01, 2007

Years ago, when BigFix was a new entry in the market, it was thought of as a patch management product. Over time the system has evolved into a suite of products that BigFix characterizes as enabling "organizations to see, change and enforce the IT policies of computing devices in real-time at global scale."
 

Industry innovators 2007: Archer Technologies

December 01, 2007

It's not enterprise security management anymore. According to visionaries from Archer Technologies, the old notion of enterprise security management has given way to risk and compliance management. For years IT risk managers were treated almost as second-class citizens because IT risk was viewed as a very small part of the overall risk picture.
 

Latest Product Reviews

ADF Solutions Triage-Examiner

May 01, 2012  |  star star star star star
ADF Solutions Triage-Examiner is a forensic tool that scans target devices whether they are powered on or off. The product reduces forensic backlogs and dedicates resources to collecting evidence.
 

Cellebrite UFED Ultimate

May 01, 2012  |  star star star star star
Cellebrite UFED Ultimate is a forensic tool for gathering information from portable devices, such as cell phones, tablets, PDAs, memory sticks, standalone GPS devices and USB drives.
 

Cyber Security Technologies Mac Marshal Field Edition

May 01, 2012  |  star star star star star
 

NIKSUN NetDetector Alpine

May 01, 2012  |  star star star star star
NetDetector Alpine v4.2 is the most up-to-date version of NIKSUN’s network traffic-monitoring hardware that audits and informs users of network security threats.
 

Paraben Device Seizure v4.6

May 01, 2012  |  star star star star star
Paraben Device Seizure v4.6 is a software package that assists forensic investigators in the examination of mobile devices, allowing data acquisition of both logical and physical devices.
 

RSA NetWitness

May 01, 2012  |  star star star ¾
RSA NetWitness is a network-monitoring system designed to handle a wide range of information.
 

Technology Pathways ProDiscover Incident Response v7.1.0.5

May 01, 2012  |  star star star star star
Technology Pathways ProDiscover IR v7.1.0.5 aims to provide streamlined previews, imaging and analysis of live systems.
 

WetStone Technologies US-LATT

May 01, 2012  |  star star star star ¾
Once the kinks are worked out in initial setup, the equipment performs adequately, working according to the defined parameters.
 

AccessData Group Forensic Toolkit (FTK) v4

May 01, 2012  |  star star star star star
The suite of computer forensic tools from AccessData Group that we tested is a nearly complete examiner’s tool kit.
 

AlienVault Professional Threat Management S3000

April 02, 2012  |  star star star star ½
Part of the fun of doing these product reviews is that we get to see new products as they emerge into the marketplace. AlienVault’s Professional Threat Management S3000 is no exception.
 

Latest First Looks

RedSeal Systems Network Advisor v4.0

A bird’s eye view into enterprise security configuration.
 

This is your SIM on steroids

Trying to dig up deeply hidden packets in huge amounts of data has always been among the most important tools in my analysis arsenal. But, then along came massive numbers of regulatory requirements and SIMs/SEMs became SIEMs with the focus moving to suites of reports to satisfy compliance audits.
 

Yes, Virginia, you can have a secure virtual environment

The emerging popularity of virtual computing has very few blemishes considering its youth. One of those, unfortunately, is security both of the underlying operating environment and of the individual virtual machines.
 

Lifecycle management of data: A special type of DLP

Identity Finder starts with a very simple premise: If you want to keep data from leaking, protect it where it lies. That way, if someone steals it, they get nothing. As simple as that sounds, it’s a bit harder to execute.
 

Access management from a different perspective

The appliance can be accessed through SSH, but only the customized Rohati commands are available, and there are no services turned on that are not TNS-specific. No daemons, which are not needed for the TNS to operate, are present either. This improves the security of the device itself. If you ...
 

The end of DNS attacks?

This month’s First Look is one of those products that really holds a unique and important place in the pantheon of information assurance tools
 

Another unified security gateway? Not quite.

Unified security gateway is a term we are hearing with increasing frequency. Some products that have traditionally referred to themselves as UTMs – unified threat managers – are changing their stripes. In some cases, this change is justified. In some cases, it’s marketing hype. The Finjan Vital Security Web Appliance ...
 

Good thing in a small package

Every now and then, I pluck a product out of our test queue because it intrigues me. This product is one of those.
 

Mac forensics on Macs? You bet! And it’s easy.

The idea of performing forensics on Macs may seem strange, but the Mac Marshal brings a uniqueness that we don’t see often. It is unique because the tool uses many of the native capabilities of the Mac to assist it in performing comprehensive forensic analysis of the OS X release ...
 

Two-factor authentication, or not two-factor?

The notion of true multifactor authentication is based on the concept of combining into a single authentication mechanism something you have, something you know and something you are. Combine two or more of these and you have multifactor authentication.
 
Popular Topics
4G-war Advanced Persistent Threat Adware AMTSO Anonymous Botnets Cyber Attacks Cyber Crime Data Breach Data Breaches Encryption Hackers Hacktivism Health Care IT Security Java Malware Mobile Devices Phishing Risk Management Social Security Numbers Stolen Information Survey Trojans Vulnerabilities & Flaws