The analysis and testing products are the toys in our lab. The five products we’ve selected form the standards against which we test other products.
With one exception these products tend to be single use rather than suites of products. The exception is an innovative set of forensic tools. We look at test tools in the context of the types of testing that we do. Some of our testing is product testing and some involves research into new ways to protect the enterprise. The tools in this section address both.
Click here for Mu Security Mu 4000.
Click here for Core Security Impact.
Click here for RazorThreat TAC.
We can break down this group into three subgroups. First we have the vulnerability test tools. These include very specialized vulnerability analysis and high-powered penetration test products. The second group is the analyzers. These include an innovative threat analysis tool and one of our work horses, a security information management and security event management (SIM/SEM) analysis product. Finally, we have the forensic tools.
One of the key drivers for organizations performing the types of testing that these tools represent is what needs to be tested. There are many open source vulnerability scanners that do a good job in the day-to-day scanning of network perimeters. However, when you want to test the individual devices on the perimeter, you need a lot more horsepower. One of our products offers that and more.
After determining the vulnerabilities on the perimeter, the next step is attempting to exploit them. Here one needs a solid production penetration tool that is easy and fast to use, as well as capable of providing repeatable results.
Over the network, we are concerned about attack vectors, inter-domain communications and what is going on in the enterprise. We’d like to access all of the available logs as part of our analysis.
Finally, when things fail we need some good forensic tools to figure out what happened. Our last product covers that territory nicely.
There were products we thought extremely innovative, but that did not fit into this category. For example, we love Amenaza SecurITree attack tree analysis tool. We also could not get by without Analyst’s Notebook from I2. Since these tools fit closer to analysis and testing, we feel that we should mention them, at least.