Threat analysis: NitroSecurity
The security information and event management (SIEM) market is trying to find itself. NitroSecurity really is not a SIEM, although that is where it has traditionally been placed in today's security tool assortment. Sometimes, it's hard to fit a really innovative product into a neat, clear slot and that, in our view, is the challenge here. As with many of the products in this month's issue, we have followed NitroSecurity for many years.
It has, for a long time, been one of my most useful tools. It does things that its competitors simply do not do, such as allowing detailed drill-down analysis in whatever manner I want to do it. Getting a maverick to market and then dominating that market is a huge task. While, traditionally, Nitro has not dominated the market - which is, after all, rather crowded - the NitroView has provided capabilities that we have not seen anywhere else.
Getting the product to market and raising it to prominence - and that is where it is today - has been challenging. I don't know what I like more about this company: its technology innovation or its marketing innovation. As for technology, Nitro is superbly placed for some new trends in the threat analysis marketplace. For example, the NitroView's drill-down capabilities suite is perfect for forensic examination of network events. In my view, its forensic ability exceeds that of products that market themselves as forensic tools.
The issue today is not pure-play log management, according to the visionary I spoke with at Nitro. That is a position echoed by one of our other innovators, one that traditionally has been a leader in log management. Threat management, on the other hand, is a major concern in the marketplace. Users are looking for serious threat management and that means being able to dig deep and gather lots of packet-level data. More important, though, is getting just the packets you need from a massive multi-million pack capture.
In addition, the types of sensors feeding a threat management system is huge and growing and the number of protocols such a device is expected to handle is equally large. Nitro manages both challenges with ease. Add the evolving ecosystem of partners helping broaden Nitro's market reach and you have a solid, impressive performer.
AT A GLANCE
Flagship product: NitroView Enterprise Security Manager
Vendor: Nitro Security
Innovation: A mix of very advanced technology and the vision to apply it in a threat management environment
Greatest strength: Flexibility and vision coupled with very strong technology