August 2008 Issue of SCMagazine

August 2008 Issue of SCMagazine


Adopting the right business model

The rise of organized online crime will be a major challenge in the next few years, says Illena Armstrong, editor-in-chief, SC Magazine.


Continuous compliance

Compliance is an opportunity to run operations in a more consistent and predictable manner, says Harish Rao, chairman & CEO, nSolutions.

FISMA in the private sector

More and more companies are getting requests for FISMA control assessments, says David Lawson, director, risk management and compliance, Acumen Solutions.

CSO's desk

Protecting your credit card data

The march to a near cashless society advances, says Nancy Edwards, VP/CSO, State Auto Insurance Companies.


Evident domain

With e-discovery laws in effect, companies find benefits to data archiving, says TLC Vision's Roger McIlmoyle.

Flight plan

To keep up with its expansion, Denver-based Frontier Airlines sought to centralize its firewall needs.

No small concern

Small- and medium-sized enterprises are often ignored by security vendors, and contend with unsavvy users a lot.

Breach laws: A mixed bag

Data breach laws have proven to be helpful to consumers, but daunting to those charged with enforcement.

Is FISMA fizzling?

Can the Federal Information Security Management Act have an upside to the government, Eric Butterman asks.

Stop global threats with teamwork

The U.S. should engage with the world to combat cyberthreats, says Howard Schmidt.

Product opener

Enterprise verification and validation

This month we look at two aspects of verification and validation: policy management and vulnerability assessment.

Product Reviews

SonicWALL Global Management System

A Java-based web management platform that enables users to manage many key aspects of SonicWALL’s product line.

ManageEngine DeviceExpert 5.1

A web-based configuration and change management solution for network devices.

BigFix Enterprise Suite 7

A series of client server and web-based components designed to assist with workstation/server configuration and vulnerability management.

NetIQ SCM 5.7

A combination of client server and web-based components to help organizations manage configurations of workstations and servers.

Exaprotect SolSoft ChangeManager 7.4

A suite of client server and web components that are primarily used for network security device configuration management, as well as auditing to support change ...

Tufin SecureTrack 4.2

An appliance-based security operations solution that is used to manage policies for firewalls only.

Core Impact 7.5

This product is the ultimate tool for finding and exploiting possible holes in a network.

Retina Appliance 651

This product incorporates all the great features of the Retina Scanner with added capabilities for compliance and patch management.


The GFi LANguard Network Security Scanner focuses into three areas of network security scanning.

PatchLink Scan

A fairly robust vulnerability scanner that enables administrators to identify and scan all network-attached assets for three types of vulnerabilities.

SecureScout EagleBox SP

This tool is customized and tailored to the environment for absolute pinpoint accuracy and in-depth vulnerability analysis.

NeXpose Appliance

A feature-packed vulnerability assessment and risk analysis tool that always goes beyond expectations.

Scanner + Exploit

Two great tools wrapped up to work together to provide an in-depth view of vulnerabilities throughout a network.

Secure Auditor 2.0

This product can be used to audit Windows, Cisco or Solaris systems, as well as Oracle and SQL database servers.

VAM 5.5

The StillSecure VAM appliance is serious vulnerability management in a single device.


The way I see these products is that we are really looking at two products. The first is Nessus and Passive Vulnerability Scanner, and the ...

Last Word

Securing Web 2.0 for work

Keeping web technologies out of the workplace can have a detrimental effect on morale, says Yuval Tarsi.