The Agiliance RiskVision platform manages enterprise risk by making it visible, actionable and measurable across business units, IT operations and security management in near real time.
The AlgoSec Security Management Suite is comprised of three parts: the FireWall Analyzer, FireFlow and BusinessFlow.
Allgress Business Risk Intelligence helps companies quickly and automatically aggregate data from security and compliance assessments and technical inputs, and turn this into meaningful, actionable, risk-specific intelligence that can be aligned with the goals of the business.
The Aruvio GRC suite is a complete set of governance, risk, and compliance (GRC) applications, including controls, compliance, vendor risk, enterprise risk, incident management, and policy and training.
Citicus ONE is an integrated system for organizations to automate their IT governance, risk and compliance management processes.
Lumension Risk Manager (LRM) is a compliance and risk management solution that provides a framework for streamlining compliance management and assessing business risk.
DeviceExpert from ManageEngine provides a comprehensive approach to network configuration and change and compliance management.
Modulo Risk Manager is a single, fully integrated platform for organizations to automate and unify their IT governance, risk and compliance (GRC) processes.
Secure Configuration Manager from NetIQ provides a feature-rich platform for monitoring and ensuring policy compliance throughout the network environment.
Change Tracker Enterprise from New Net Technologies offers full change and policy compliance management and monitoring.
Promisec Endpoint Manager is a full-scale policy and endpoint management platform that allows administrators to inspect, monitor and enforce configuration and compliance policy across the entire IT environment from one easy-to-manage console.
RedSeal 6 Platform is a risk-based IT security management platform that enables organizations to identify, prioritize and respond to critical points of weakness in complex enterprise security control infrastructure.
RSA Archer’s Risk Manager is part of an enterprise GRC product portfolio sold and licensed as modules: audit, policy, risk, compliance, enterprise, incident, vendor, threat and business continuity management.
Rsam GRC v8 is a platform for risk management and security risk intelligence enabling organizations to perform risk assessments, manage compliance, threats and vulnerabilities, policies, remediation activities, issues, incidents and more.
Skybox View Enterprise Suite v6.5 is a complete portfolio of proactive security risk management solutions that automatically find and prioritize risks and drive remediation.
Patch Manager and Firewall Security Manager from SolarWinds are two products that can be used together by administrators and security professionals to achieve a full picture of system patch policy and firewall policy auditing.
Symantec Control Compliance Suite (CCS) automates key IT risk and compliance management tasks.
Tripwire Enterprise and DataMart are two products that compose a suite for maintaining configuration states of servers, network devices and databases, as well as robust reporting services, to allow for deeper analysis of security and configuration policy.
Tufin Security Suite is back again this year and, just as in years past, it has some great new features onboard.
Office 365 is a cloud-based version of Microsoft Office that adds a few additional features making it an attractive option, especially for small to midsized organizations.
Symplified addresses access management to cloud applications.
CloudLock provides data privacy, governance and management, as well as account protection and external application management and governance.
Total Defense provides end-to-end security delivered from the cloud, including unified web, endpoint and email security, giving the same level of security as in the enterprise with a single console.
Zscaler is a comprehensive suite of security services delivered from the cloud.
There are three products in AccessData’s forensic suite that every digital forensic investigator needs: Mobile Phone Examiner (MPE) Plus, Forensic Toolkit (FTK) and AD Triage.
The Triage-G2 Pro is a competent product offering a solid user experience.
The Cellebrite UFED Touch Ultimate is a fully equipped mobile forensic tool that enables quick and easy data acquisition from more than 8,000 mobile devices.
Both Mac Marshal Forensic Edition and Field Edition provide user-friendly forensic tool kits.
Encase Forensic v7 is a tool for computer investigation that both searches a computer system for information, as well as aids in the process of developing this information into a complete report.
HBGary’s Responder Professional is a Windows memory acquisition and analysis tool that offers a variety of features useful to malware analysts and computer forensic investigators.
Lima Forensic Case Management Software from IntaForensics is a complete, end-to-end case management system that offers an easy way to organize every aspect of a digital forensic investigation.
The NIKSUN NetDetector/NetVCR Alpine 4.2.1 is a network security monitoring tool with advanced forensic analytical capabilities.
ProDiscover Incident Response (IR) from Technology Pathways is a computer security tool that allows users to preview, image, view, search, analyze and report.
The Forensic ComboDock is a read/write blocker. It makes it impossible to unintentionally turn off write-blocking.
AlienVault’s Unified Security Management (AV-USM) platform combines open source technologies for asset discovery/inventory, vulnerability assessment, threat detection, behavioral monitoring and security intelligence/event correlation.
LOG Storm combines log management and security information management with correlation technology, real-time monitoring and an integrated incident response system.
CorreLog Enterprise Server combines real-time log management with correlation, auto-learning functions, high-speed search, ticketing and reporting services.
SecureVue provides all of the elements one would expect in a SIEM.
EventTracker Enterprise is comprehensive. It is designed to be scalable to address multiple locations, business units and domains using the EventTracker Stand-Alone, Collection Point and Collection Master architecture.
GFI EventsManager collects, centralizes, normalizes, consolidates and analyzes a wide range of log types.
The HP ArcSight Express appliance features a full set of SIEM capabilities.
The LogRhythm appliance goes way beyond traditional security event monitoring and management.
The Enterprise Security Manager is the ultimate high-powered SIEM.
Sentinel from NetIQ offers a lot of robust SIEM features and functions.
The SolarWinds Log & Event Manager is a virtual appliance capable of collecting logs and events from almost any network-connected device and then correlating that data for further analysis.
The ManageEngine EventLog Analyzer from Zoho is a small application that provides a lot of functionality.
The Threat Prevention Appliance from Check Point provides full-scale threat protection at the perimeter, as well as incorporating with endpoint security applications to provide a comprehensive security infrastructure.
The CR2500iNG unified threat management appliance from Cyberoam offers a multitude of security and threat prevention features for the network perimeter.
The NSA E8510 from Dell SonicWALL is a monster security appliance designed for the large enterprise environment.
This product offers a stateful firewall with deep packet inspection capabilities, proxy-based scanning, real-time threat monitoring, scanning of both web and email for worms and viruses, and protection from bots and other network attacks.
This product can protect the perimeter of the network with a firewall, intrusion prevention system and IPsec and SSL VPN.
This product features a full firewall with intrusion detection and prevention system; anti-malware at the gateway, including protection from viruses, worms and spyware; spam protection; web and URL content management; and application control.
Kerio Control provides a clear, snappy interface for administration.
Unified threat management solutions shouldn’t be limited to large corporations with unlimited budgets. NETGEAR agrees, and offers their ProSecure UTM25S at a price point that should be attractive to small businesses.
Targeting small to midsized offices with up to 150 users, it combines standard UTM offerings with a few features we didn't expect, making this product something definitely worth looking at.
Administrators of smaller environments on a fixed budget could do very well by the aXsGUARD Gatekeeper by VASCO Data Security. While a little more complicated to use than some of the more expensive products, with a little attention to detail the device performs well.
WatchGuard XTM 830, though somewhat pricey, provides an excellent enterprise-grade perimeter defense against viruses, spam and other unwelcome traffic.
The Wedge Networks 1005G looks good on paper, but in reality is a little disappointing. While the initial setup was easy enough, ease-of-use issues and documentation gaps made for a frustrating deployment experience.
VMC takes advantage of the nature of a virtual data center.
GravityZone lets users bounce between various computing environments: physical, virtualized and mobile.
McAfee has successfully brought together the application of a centralized policy engine – ePO – with its anti-malware capability in the physical world.
One might characterize CSP as a security wrapper for mission-critical environments.
The Retina CS from BeyondTrust offers up quite a few strong features for vulnerability management throughout the enterprise.
We found this version of Core Impact Professional to contain more automation, more wizards and more options than previous versions we have tested.
FusionVM from Critical Watch offers both vulnerability management and configuration policy auditing in either a physical or virtual appliance or as a full, cloud-based SaaS option
This product brings together vulnerability scanning, remediation and patch management, and network and software auditing all under one easy-to-use product.
Internal Scan - Cloud edition from netVigilance offers a full cloud-based vulnerability scanning engine that can scan both internal and external systems for vulnerabilities and compliance.
The QualysGuard Vulnerability Management (VM) solution provides automated auditing and vulnerability management for small to large enterprises.
Nexpose assists clients through the entire vulnerability management lifecycle – from discovery, vulnerability detection, risk classification, impact analysis, reporting, vulnerability verification and risk mitigation.
From the same graphical user interface, SAINT provides an integrated solution for vulnerability scanning, configuration compliance testing, penetration testing, canned reporting and custom report creation.
The Secunia VIM is a real-time vulnerability intelligence and management tool, providing organizations with the necessary information required to analyze vulnerabilities in their IT infrastructure, as well as track them from a centralized dashboard interface.
Tenable SecurityCenter Continuous View (SC-CV) provides real-time vulnerability management, capturing security and compliance risks introduced by mobile, cloud and virtual infrastructure.
Security Manager Plus (Professional Edition) is a network security scanner that proactively reports on network vulnerabilities and helps to remediate them and ensure compliance.
With its DualShield, Deepnet Security offers a product that can add that extra layer of security to those applications – at a reasonable price point.
As long as one is using Active Directory, DigitalPersona Pro Enterprise may just be the solution for large-scale deployment of multifactor authentication services.
With its IdentityGuard product, Entrust integrates physical and logical, mobile and cloud security, all at a surprisingly low price point.
Companies looking for a turn-key, out-of-band authentication solution need look no further than PhoneFactor.
The SafeNet Authentication Service offers an entirely cloud-based multifactor authentication platform for the enterprise.
The Swivel Appliance from Swivel Secure is driven by PINsafe, which allows users to combine PINs with randomly generated security strings to provide robust strong authentication.
The IDENTIKEY Authentication Server and DIGIPASS GO 7 from VASCO pair together to provide solid, out-of-the-box, strong authentication to applications throughout the enterprise environment.
TeleSign 2FA is a full application programming interface (API) and software development kit (SDK) that allows an enterprise to integrate two-factor authentication into its existing web applications.
Focusing solely on database security, DbProtect from Application Security is an affordable database security product which, given the right environment, could be very beneficial to administrators.
The Barracuda Web Application Firewall provides affordable security without skimping on features or breaking the bank.
SingleKey from Bayshore Networks is a full-featured application firewall that provides solid protection from malicious attacks to enterprise applications.
The BIG-IP Application Security Manager (ASM) functions as an application firewall, protecting web applications and services with a powerful policy engine.
Given the importance of the data contained within any corporation’s databases, the task of keeping that data safe should be a top priority for any IT security team. Fortinet’s FortiDB-400c is dedicated to helping security professionals do precisely that.
With what may just be the Cadillac of application and database security products, Imperva makes its appearance to help hold attackers at bay.
Database Activity Monitoring from McAfee provides both threat protection as well as database auditing for compliance needs
Avatier’s Identity and Access Risk Management Suite provides user creation, authentication, provisioning, and deprovisioning of user IDs.
Network Sentry provides centrally managed access to the network, integrates with user management applications, such as Microsoft Active Directory, and may use agents or remain agentless.
Centrify Suite 2012 provides user provisioning and access control across the enterprise.
The CI-750 provides real-time content inspection allowing customers to protect against data loss across the network.
The Fischer solution is postured to help organizations drive (not react to) their identity management solutions.
ForeScout CounterACT offers an enterprise-class NAC, assuring network access based on real-time endpoint classification configuration assessment, user and endpoint compliance policy and automated response.