Best Data Leakage Prevention (DLP) Solution
Products in this category include those that help organizations safeguard their intellectual property and customers' critical data persistently – inside and outside the company. Network-based and endpoint data leakage prevention products will be considered. Products should prevent data from unauthorized exit from the network, or protect data on the endpoint – whether the endpoint is connected to a network or not. Products typically are policy-driven and should include scanning of all data, regardless of protocol or application leaving the network, and/or keep track of peripherals, such as removable storage and attached to the endpoint – reporting that inventory to a central location or administrator. All entrants should have the capability of being managed by a centralized administrator. Those products considered part of this category include: network DLP products, which are typically gateways; those products protecting only endpoints; and hybrid products that operate at both the gateway to the network and at the endpoint. Specifically for endpoint DLP, traffic should be monitored and encryption should be available.
Digital Guardian for The Digital Guardian (DG) Data Protection Platform
Secure Islands for IQProtector
Dell for Dell Data Protection | Encryption
Clearswift for Adaptive Redaction
AirWatch for AirWatch by VMware Enterprise Mobility Management
Best Risk/Policy Management Solution
These products measure, analyze and report risk, as well as enforce and update configuration policies within the enterprise, including but not limited to network, encryption, software and hardware devices. Contenders' products should offer a reporting format that covers the frameworks of multiple regulatory requirements, such as Sarbanes-Oxley, Gramm-Leach-Bliley and other acts and industry regulations. As well, this feature should be network-centric, providing reporting to a central administrator and allowing for companies to centrally manage the product.
So, overall, entrants' products should be enterprise-centric; collect data across the network, including threats and vulnerabilities; report associated risk, endpoint configuration, enforcement, auditing and reporting; provide remediation options (but are not exclusively patch management systems); and, finally, offer centralized reports based on regulatory requirements and local policies.
Trustwave for Trustwave TrustKeeper Compliance Manager
SolarWinds for SolarWinds Network Configuration Manager
TraceSecurity for TraceCSO
Bay Dynamics for Risk Fabric
Venafi for Trust Protection Platform
Best Customer Service
Support as well as service of products and assistance sold are critical components of any contract. For many organizations that seek out help from information security vendors and service providers, the aid they receive from customer service representatives is crucial to the deployment, ongoing maintenance and successful running of the technologies they've bought and to which they have entrusted their businesses and sensitive data. For this new category, we're looking for vendor and service providers that offer stellar support and service – the staff that fulfilled its contracts and maybe even goes a little beyond them to ensure that organizations and their businesses are safe and sound against the many threats launched by today's savvy cybercriminals.
Best Professional Certification Program
Programs are defined as professional industry groups offering certifications to IT security professionals wishing to receive educational experience and credentials. Entrants can include organizations in the industry granting certifications for the training and knowledge they provide.
ISACA for CISA
ISACA for CISM
(ISC)² for Certified Information Systems Security Professional (CISSP)
International Association of Privacy Professionals for Certified Information Privacy Professional
ISACA for CSXP
Best IT Security-related Training Program
This category is targeting companies and organizations that provide end-user awareness training programs for organizations looking to ensure that its employees are knowledgeable and supportive of the IT security and risk management plans. It also is considering those training companies or organizations that provide programs for end-user organizations' IT security professionals to help them better address components of their IT security and risk management plans, such as secure coding, vulnerability management, incident response/computer forensics, business continuity/disaster recovery, etc.
Global Learning Systems
Security MentorWombat Security Technologies