Security Architecture, Application security, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Patch/Configuration Management, Incident Response, TDR, Governance, Risk and Compliance, Compliance Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Look ahead: Search for pioneers

It's not easy predicting the future. Every time you do that you lay yourself open to impassioned cries of bias and lack of vision. That said, we at the Labs think we may have made some pretty good selections this year. This is a totally new feature and it was great fun putting it together.

We wanted to help you, our readers, answer the question, “If we are buying a product in one of these product groups, who should we be looking at?” The products that we have reviewed over the past 11 months really comprise the field as a whole. We selected particular products based on our usual monthly criteria. However, the one criterion we did not apply was that of innovation. This issue remedies that.

Innovation, for me, is the forward-looking nature of product development. It's taking a product type and seeing into the future to understand how that product type will be used 12 to 18 months from now. Then it's building a product that addresses specific business needs up the road. This is hard to do because if you add in development time, you're looking at up to 36 months in the future and that's a pretty tough call. The vendors that we have selected this month have done a very good job of that prognostication.

A few of our selections have been chosen for our First Look section, or recognized as Recommended, Best Buy or SC Magazine Lab Approved products over the past 11 months. That is to be expected, but it certainly was not a requirement for selection in this issue. The primary criteria this month are:

Shelf life — Is the product or product suite going to be able to sustain its usefulness and grow and change as the requirements for its product class grow and change?

Innovation — Is there a long-term strategy for staying ahead of the curve? Is the company forward-thinking and equipped to move vision to implementation over time?

Usefulness — Is this product or product suite an important part of the evolving information security landscape?

Comprehensiveness — If appropriate, is the product part of a suite of products that is tightly integrated to provide a comprehensive solution to the challenges in its product space? If not part of a suite — as is the case with some testing tools — does the product implement an expanding vision for solving the problems it will need to address over time?

We looked at several products that were new to us. Those products came into the labs for testing and you will see that we have included a bit more about them from the testing perspective than we have for the products that we have seen before. For those that we have seen before, we wanted to know how they had evolved since our last look at them. You'll see some comments in that regard in the individual reviews.

For all products we had conversations with the visionaries at each vendor company. We wanted to know why they thought they should appear in this issue and what made them different from their competitors. Having heard this type of sales pitch for most of the products we've reviewed, we were prepared for a stack of marketing hype. We got very little. Comparisons were interesting and the vendors stuck close to the agenda and gave us verifiable facts.

Where we could, we looked at entire product lines. In some cases, these comprised standalone products, but more often they were sets of modules that enhanced a core architecture. In that regard, user extensible architectures rated high and we were not disappointed. 

The most innovative product lines were built on just such an architecture. These lines included an architecture or platform that could be enhanced by vendor-supplied modules, vendor-supplied modules that the user could modify, and user-created modules that could snap into the underlying architecture. This approach greatly increases shelf life.

The products and product lines we looked at are not for the faint-hearted. These are big solutions to big problems. However, that does not mean that they are for large organizations only.  Several of our choices target small and mid-sized organizations. This is another trend that we observed: pricing strategies are a key part of innovation. Several vendors told us that their biggest innovation was finding a way to deliver world-class products to smaller companies at prices they can afford.

Overall, we think that this issue itself is innovative. That, of course is as it should be. If you don't agree with our choices, bring your comments to the blog. I always look forward to discussing this type of issue with the most important folks with whom we deal: you, the readers.

To make it easy to find our choices for innovative companies and products, we have broken our
19 look forward products into five product categories:
  • Access control
  • Analysis & testing
  • Perimeter defense
  • Data protection
  • Security infrastructure
While these do not cover the entire information assurance tool spectrum, they cover pretty much all of the territory. As well, the categories are neither arbitrary nor do they necessarily follow anyone else's classifications.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.