Vendor: AlgoSec
Website: www.algosec.com
Product: AlgoSec Security Management Suite 2018.1
Price: Starts at $5,000

Quick Read

Strengths:
Automation of change requests that are processed from start to finish with no human interaction. AlgoBot integration with Slack and Skype for Business is the first of its kind in this space and opens the door to new ease of operability solutions.
Weakness:
None that we found.
Verdict:
Great security management product with effective automation options to free up more time for your security teams.

Rating Breakdown

SC Labs Reviews

Reviews from our expert team

Features:
Rating: %s
Documentation:
Rating: %s
Value for Money:
Rating: %s
Performance:
Rating: %s
Support:
Rating: %s
Ease of Use:
Rating: %s
Rating: 5.00/5 5.00/5

Summary

Tested by: Matthew Hreben & Katelyn Dunn

AlgoSec Security Management Suite 2018.1 is geared entirely towards business-driven security management in the forms of agility, security and visibility values across an enterprise. Although AlgoSec is a security management product, their business-driven mindset crosses over to the return on investment their users are incurring with increased productivity and operational efficiency.

AlgoSec approaches the security policy management process as a lifecycle. It starts with discovering and defining at the top. Users auto-discover and map application connectivity and their security infrastructure in order to perform the next step, planning and assessing risk and compliance. Following this is the execution of automatic migrations rules that include an automated policy push of all the changes and smart validation of their integrity. Nearing the end of the lifecycle is maintenance of policy monitoring, enforcing security posture through auditing and reporting and policy clean-up and optimization. The last step is decommissioning, which reduces vulnerabilities caused from complexities and redundancies.

To implement this, AlgoSec provides three important tools. Business Flow helps find the construct of a business application, the data flow those applications need to function and how to translate those application requirements into firewall change requests. Firewall Analyzer brings visibility to the network’s security operations, including troubleshooting, compliance auditing and risk analysis. Fireflow controls workflows related to firewall automation in terms of pushing policy, integrating with third-party ticketing systems. It has out-of-the-box security policy change automations for users to add traffic to the environment, gives business justifications for why the controls are there and re-approval and certification of controls.

The remainder of the AlgoSec ecosystem is broken up into two areas: management and integration. We found AlgoSec fits very well into the DevOps picture overall, particularly with the ability to spin up connectivity across the network programmatically as code, since AlgoSec has open API customization and provides out-of-the-box playbooks.

There are a variety of notable automation tools that can be applied to deliver requests significantly faster, driven entirely by the user’s comfort-level with automating steps. With ZeroTouch, change requests can be submitted and processed with zero human interaction, fully automating the change request process without requiring a single mouse-click. ZeroTouch can be applied to anything in the workflow for as much automation as desired.

AlgoSec is currently the only vendor to provide a freely available chat bot for Slack, Skype for Business and soon Microsoft Teams. For example, users might ask AlgoBot if traffic is working between components in addition to being able to see it on the map. AlgoBot can also be used to check whether applications are working correctly and checking the status of change requests. AlgoSec offers quick identification of all the rules supporting business applications in a variety of ways and views to make it as simple and comprehensive for their users as possible. In the Policy Optimization view, users see actionable reports on redundant and risky policies for rule clean-up simplification. AlgoSec finds users spend a lot of time in this view. It has email integration to notify individuals rules are going to be acted on. This process can also be automated. Moreover, it provides a customizable risk profile that gives risk rating and reason of the risks on the device “today,” as well as cause and source.

Finally, AlgoSec provides regulatory compliance with an easy-to-read report card style view and these profiles are customizable from the standpoint of what underlying data is used to build the reports. Baseline compliance is offered and customizable as well and handles all the OS-level technical configurations.