Deepnet Security DualShield v5.8.1

DualShield is an enterprise-grade, unified, multifactor authentication platform that protects all commonly used business applications with a large selection of multifactor authentication methods.


DIGIPASS 760 is a trusted hardware device for visual transaction-signing that creates a secure optical communication channel between the end-user (client) and the organization (server).

Entrust IdentityGuard

Entrust IdentityGuard is a dual-factor authentication server, app, smart card manager, biometrics server and general jack-of-all-trades when it comes to dual-factor authentication.

Gemalto SafeNet Authentication Service

SafeNet Authentication Service is a cloud-based authentication service that uses a wide range of tokens and custom agents to support multifactor authentication to include one-time passwords generated by a phone app, SMS, a hardware token or email.

Imation IronKey F200 Flash Drive

The Imation IronKey F200 Flash Drive is a simple, easy to set up and extremely secure device for users who need to transport confidential data between computers.

Cyphercor LoginTC

LoginTC from Cyphercor is a cloud-based solution that uses a mobile device or a desktop for authentication. It has easy-to-use iOS, Android and Chrome desktop applications to approve logins to a variety of products.

PistolStar PortalGuard

PortalGuard is a multifactor authentication, web-based single sign-on (SSO) through internet information services (IIS) and self-service password reset server and application rolled into one.

RSA Authentication Manager

The RSA Authentication Manager is a dual-factor authentication system designed from the ground up for enterprise deployment.

SecureAuth IdP

SecureAuth IdP is an identity provider – with a unique approach to securing user access control.

Swivel Secure Swivel Appliance

The Swivel Appliance is a competitive solution for two-factor authentication methods for clients searching for a secure product.

BeyondTrust UVM20 Security Management Appliance

The BeyondTrust UVM20 Security Management Appliance is the preconfigured hardware offering of Retina CS Enterprise Vulnerability Management.

Core Security Core Insight

Core Security’s Core Insight is the gold standard for penetration testing and vulnerability assessment.

Qualys Express Lite

Qualys Express Lite is a cloud-based vulnerability assessment tool intended for small businesses.

Rapid7 Nexpose Ultimate Appliance

Rapid7 Nexpose Ultimate is a comprehensive vulnerability scanner that is determined to convince you of its findings.

SAINT Security Suite

The SAINT Security Suite is a robust software package that quickly and easily gives a heads-up view of vulnerabilities on the network.

Secunia Corporate Software Inspector CSI

Secunia Corporate Software Inspector (CSI) inspects software on any Windows or Android device with an agent.

Skybox View Enterprise Suite

The Skybox Enterprise Suite is an enterprise vulnerability assessment tool that is deployed to aid in vulnerability and threat management, as well as security policy management.

Tenable Network Security Nessus

Tenable Network Security Nessus is one of the most comprehensive and widely deployed vulnerability assessment tools.

Tripwire IP360

The Tripwire IP360 appliance is a solution for advanced enterprise threat detection, vulnerability management and risk assessment.

Centripetal Networks Network Protection System v2.1

This product collects threat intelligence data from a variety of sources.

OpenDNS Investigate

Engineers at OpenDNS have developed a suite of tools that they use to manage, monitor and investigate potential cyberthreats, especially those that impact name servers directly. One of those tools is Investigate.

Recorded Future Cyber

This is a solid, technically oriented open source intelligence service.


This is a general open source intelligence tool with a solid, though not extensive, focus on cyberintelligence.

FireEye Threat Intelligence

This is an extremely powerful system for gathering, analyzing and acting on cyberthreat intelligence.

ThreatStream Optic Platform

ThreatStream’s OPTIC is a cyberthreat intelligence platform that manages the lifecycle of threat intelligence via integration across an enterprise’s security infrastructure.

SurfWatch CSuite

This is a very good threat intelligence tool where almost all of the threat sources and analytics are under the covers.

iSight Partners ThreatScape

Adds a lot of value to your security stack by applying threat intelligence. Provides a prodigious amount of extremely useful research, much of it from analysts around the globe.

Norse DarkWatch

Threat intelligence appliance that ties the Norse DarkMatter infrastructure to your network.

Barracuda Web Application Firewall Model 660

The Barracuda Web Application Firewall is a hardware-based device which is used to monitor, assess and remediate web-based application vulnerabilities.

Fortinet FortiDB 1000D

The FortiDB 1000D is a hardware appliance that monitors, audits and identifies vulnerabilities in databases. There are three deployment options: network sniffer, native audit and network agents.

Identity Finder Sensitive Data Manager

Sensitive Data Manager ties discovery to business issues making classification easier and more relevant.

CA Data Classification

This is a clean product with a well thought-out goal and a well-executed solution. It is part of the overall CA suite of access control products with which it integrates smoothly, and it offers dynamic classification and recognition.

Boldon James Classifier

Allows users to apply relevant visual and metadata labels.

TITUS Classification Suite

Provides classification for data, largely in a Microsoft environment, plus mobile environments.

RiskIQ Platform

Threat protection centered outside the firewall.

RSA Web Threat Detection

Detects anomalous behavior on websites.

IBM Security Trusteer Pinpoint Criminal Detection

Account takeover detection and prevention.

White Ops Advanced

Provides evidence-based bot and malware detection with high certainty, in real-time, on any browser-based web request.

Avatier Identity Management Suite

Besides automating user creation, the Avatier suite of products offers seamless integration with HR software, enables IT departments to set up a web portal for users to reset their passwords, and it can also create workflows so that high-level IT personnel aren’t bogged down with lower-level requests.

ForeScout CounterACT

The ForeScout CounterACT is a policy-based network access control product that allows for inventory, classification and regulation of endpoints and network devices.

Forum Systems Sentry API Gateway

The Forum Systems Sentry API Gateway is a comprehensive application security appliance that allows users to set up robust security over a variety of different protocols and data formats.

Hexis Cyber Solutions NetBeat NAC Enterprise

The Hexis Cyber Solutions NetBeat NAC is a well-designed network access control solution that can be deployed in minutes.

Lieberman Software Enterprise Random Password Manager

ERPM can come in one of several ways. In addition to a standard Windows installer package, it can also come as a virtual appliance for VMware or HyperV.

PFU Systems iNetSec Smart Finder

The iNetSec Smart Finder from PFU systems is an excellent network access control system for organizations of any size.

Pleasant Password Server

Pleasant Password Server (PPS) is a simple yet effective way for organizations to manage their passwords everywhere.

Axway MailGate SC v5.4

MailGate is a secure collaboration gateway appliance which combines email security and content management gateway functionality.

Barracuda Spam Firewall 400 v6.1

The Barracuda Spam Firewall is an integrated hardware and software solution designed to protect the email server from spam, virus, spoofing, phishing and spyware attacks.

EdgeWave ePrism Email Security v9.7

EdgeWave ePrism offers a complete suite of email security services.

McAfee Email Protection

McAfee Email Gateway protects networks from viruses, undesirable content, spam and other threats.

SafeT Data SafeT Box v5.1

Safe-T Box is a secure email and data exchange solution comprised of three components offering high levels of security for secure email solutions.

WatchGuard XCS 580 v10.0

The WatchGuard XCS 580 (Extensible Content Security Appliance) is an easy-to-use, all-inclusive email and web appliance that provides security and privacy of inbound and outbound traffic.

Avira Endpoint Security

Avira Professional has its own console and is largely an anti-malware product.

CenterTools DriveLock v7.3

DriveLock offers dynamic, configurable access control for mobile drives, such as floppy disk drives, CD-ROM drives and USB memory sticks.

CoSoSys Endpoint Protector v4

Endpoint Protector v4 comes as a virtual appliance and is intended to provide device control, mobile device management and data leakage protection.

Fortinet FortiClient 5.0 for Windows v5.0.9

The tool includes an anti-virus module to scan system files, executables, dynamic-link libraries and drivers. It also scans for and removes rootkits.

Invincea Platform v3.3/4.0

Invincea provides an additional layer of security at the endpoint by adding in protection for web browsing and document use.

Kaspersky Endpoint Security for Business

Kaspersky Endpoint Security for Business is an enterprise-grade endpoint security system that addresses malware, mobile device management, endpoint controls, encryption and systems management.

Dell KACE K1000 Systems Management Appliance v6.0

Addresses systems management tasks: device discovery and inventory, software distribution, patch management, software asset management (SAM), security audit and enforcement, service desk, power management and more.

Novell ZENworks Endpoint Security Management v11

Novell ZENworks Endpoint Security Management v11 hits all of the marks for a full-featured endpoint security product by addressing managing.

Safetica Technologies Safetica v5

Safetica manages and controls data security at the endpoint through its client-server architecture and three major components: Endpoint Client, Management Server and the Safetica Management Console.

Trend Micro Smart Protection Complete v11

Trend Micro Smart Protection Complete v11

Lumension Endpoint Management and Security Suite LEMSS v8.0

Unifies IT operations and security through a single console, server and agent architecture to address IT risk and systems management requirements across the enterprise.

ThreatTrack Security VIPRE Business Premium v6.5

Helps enterprises manage and control endpoint security by combining a small-footprint, anti-virus agent with integrated patch management and mobile device management (MDM) capability.

BlackBerry Enterprise Service 10

BES10 provides device management, security and application management for corporate and BYOD (bring your own device) BlackBerry, iOS and Android devices delivered through a single end-to-end platform.

MobileEther v2.0 by iboss

MobileEther by iboss extends device security which marries MDM with web security in one cloud or hybrid-based platform.

MECS Server v1.9.4.2 by Mobile Active Defense

The MECS (Mobile Enterprise Compliance and Security) server is a centrally managed enterprise-grade solution designed to extend security functions to corporate and personally-owned mobile devices (iOS, Android).

Sophos Mobile Control v4.0

Sophos Mobile Control is an enterprise mobility management solution which offers mobile device management, mobile application management, mobile email management, mobile content management and mobile security and compliance through an easy-to-handle, web-based user interface.

Acuity STREAM Integrated Risk Manager v3.1

STREAM Integrated Risk Manager v3.1 from Acuity Risk Management is a risk-driven, compliance-monitoring and reporting solution that can log, track, remediate and report against multiple standards.

Agiliance RiskVision v7.0 HF1

Agiliance RiskVision v7.0 provides a holistic view of security and compliance in one integrated enterprise platform that enables companies to move from a reactive threat-driven approach to a proactive, risk-aware posture.

AlgoSec Security Management Suite v6.5

The AlgoSec Security Management Suite is an appliance-based policy management toolset for analyzing routing tables, hit counters, log files and topology information from various firewalls, switches and routers.

Allgress Insight and Risk Manager v5

Allgress Insight and Risk Manager v5 helps companies aggregate data from security and compliance assessments and technical inputs and turn it into meaningful, actionable risk specific intelligence that can be aligned with the goals of the business

Risk Analytics as a Service v4.1.0

Brinqa Risk Analytics is an IT risk management and vulnerability risk management platform that provides a consolidated view of an organization’s risk factors. Handles Big Data very well, reporting, dashboarding and analytics.

Citicus ONE vR.4.0

Citicus ONE is an integrated system for organizations to automate their IT governance, risk and compliance management processes.

Aegify vMarch2014

Aegify from eGestalt Technologies is a subscription-based, cloud-delivered software-as-a-service (SaaS) solution for IT security monitoring and compliance management, vulnerability analysis and risk management.

FireMon Security Intelligence Platform

The FireMon Security Intelligence Platform consists of a central security manager appliance fed via data collectors spread throughout the network.

Total Protection ToPS for Compliance v7.x

ToPS for Compliance and ePolicy Orchestrator (ePO) software is an extensible management platform that enables centralized policy management and enforcement of security products and the systems where they are installed.

Modulo Risk Manager v8.4

Modulo Risk Manager automates GRC processes, integrating different areas and activities and allowing for centralized reporting.

New Net Technologies Change Tracker Enterprise

Change Tracker Enterprise from New Net Technologies enables organizations to bring their existing environment into a state of policy compliance and then continually monitor and report on changes made once compliant.

Netwrix Auditor for Active Directory

Netwrix Auditor for Active Directory is a small piece of the much larger Netwrix Auditor Suite, which provides change and configuration auditing across a vast array of enterprise systems.

RSA Archer GRC Platform 5.4 SP1

The RSA Archer GRC Platform 5.4 SP1 provides an organization with a consolidated view of its risk.

Rsam GRC Platform v 8.2

Rsam GRC v8.2 is a platform for risk management and security risk intelligence enabling organizations to perform risk assessments, manage compliance, threats and vulnerabilities, policies, remediation activities, issues, incidents and more.

Skybox View Enterprise Suite v7.0

Skybox Risk Control is part of Skybox View, a complete portfolio of proactive security risk management solutions that automatically find, prioritize risks and drive remediation in a large or complex network before an adverse event occurs.

TrustedAgent GRC V5.0.4

TrustedAgent GRC v5.0.4 is an IT risk and governance tool modeled after the NIST 800-37 risk management framework – with two added steps that include define, categorize, plan, implement, assess, manage, authorize and monitor.

SolarWinds Network Configuration Manager

Network Configuration Manager from SolarWinds is a powerful tool for managing policy compliance across many network devices including routers, switches and firewalls.

Titania Nipper Studio

Nipper Studio from Titania is a newcomer this year to our policy management review.

Tripwire Enterprise and Tripwire DataMart

Tripwire Enterprise is a full-scale configuration management product that allows administrators to create master “known and trusted” configuration states for many types of systems and devices on the network.

Tufin Orchestration Suite

The Tufin Orchestration Suite feature three modules for managing security and compliance policies on network devices, such as routers, switches and firewalls.

Viewfinity Application Control

Application Control from Viewfinity offers full-scale application policy that can be deployed right from a group policy within Active Directory.

Incapsula Enterprise

By proxying all users to a site via a secure content delivery system most, if not all, of the risks are virtually eliminated by this tool.


nCryptedCloud adds a layer of encryption between the user and the storage provider.

Zscaler Security Cloud

This service forces users through the cloud instead of via direct access to an organization’s internet portal.

Promisec Endpoint Manager

Promisec Endpoint Manager offers full agentless management and auditing of the many client computers on the enterprise network.

AccessData Tool Suite

We are reviewing this suite of forensic tools as a package the same way we did last year because the elements work well together and offer a complete set of computer forensic capabilities.

Cellebrite UFED Series of Tools

Cellebrite is, arguably, the number one mobile device forensic tool suite available.

CRU Ditto Forensic FieldStation

Everything that one needs is in the case, including cables, adapters, a power brick and a space for extra disks.

EnCase Forensic

EnCase Forensic v7 is the latest incarnation of the EnCase computer forensic tradition.

Lima Digital Forensic Case Management Standard

The only pure digital forensic case management tool of which we are aware.


This is a general purpose network forensic tool with a solid history.

ADF TriageG2, Responder, Examiner

These three products are approximately the same type of tool, but with different functionalities depending on the market in which they are used.

AlienVault Unified Security Management v4.4

AlienVault’s Unified Security Management product is an excellent introductory SIEM appliance.

Sign up to our newsletters