This month, our Technology Editor Peter Stephenson looks at risk and policy management.
Gathered here are some of the most comprehensive digital forensic tools available.
AhnLab refers to its product - MDS - as a malware defense system. I, however, think of it more as a malware management system.
SIEMs today are powerful beasts and they are necessary - if not always sufficient - for the protection of your enterprise.
X1 is an agentless SAP auditing tool that is able to map out entire SAP landscapes and display any insecure configurations on the individual elements of the landscape.
A few years back, I boldly predicted that UTMs would merge into a single product type with gateways and SIEMs. Boy, did I get that wrong!
CIRT from AccessData Group is a full lifecycle forensic tool - from detecting to analyzing to remediating - and it's all in a single package.
We are "ethical hackers" or "white hat hackers." We are penetration testers. Never let us be aligned with the mass media's view of hackers.
We're off to another year. I read recently where one security maven is referring to 2014 as the "Year of Cryptolocker."
iScan uses a really neat approach to vulnerability and PAN (looking for credit card, etc.) scanning.
Along with innovation comes uniqueness, says Peter Stephenson, technology editor.
Access control is, arguably, the key aspect of information protection.
Analysis and testing covers the entire gamut of testing - from forensic tools to penetration testing.
Since it's all about the data why not go straight to the data and protect it directly?
How do we protect a perimeter that does not, physically, exist?
When we talk about the cloud, we need to realize that the concept of the cloud is a business, not a technical, construct.
The greatest pleasure that we have in writing this section each year is seeing who has the innovation and staying power to make it to the Hall of Fame.
This month we will look into three more. Identity management and network access control (NAC) are fairly obvious, while data leakage prevention (DLP) is, perhaps, not.
The EndaceProbe is a purpose-built enterprise-grade tool.
This month's product section focus on email security and management.
Securing mobile devices - and, by extension, our enterprises - is the topic of this month's Group Test.
Authentify has a good solution that addresses security and simplicity of management.
This month's products - and there are a slew of them - watch policy, make sure that you know what needs to be changed and what doesn't, and how your organization's risk picture has changed.
Over the past year, there have been numerous creative features added to just about every digital forensic tool that we reviewed.
This month we look at security information and event management (SIEM) tools.
FortiDDoS is an appliance that examines data packets in a variety of ways to separate DDoS packets from legitimate packets.
The notion of authentication is one that is so familiar to most of us that it hardly bears discussing. Or does it?
These tools define and manage the security infrastructure by managing risk and implementing policy.
Now we get to the meat of the issue: Protecting the data directly.
The cloud and its core enabling architecture virtualization needs a special kind of security.