Peter Stephenson,CeRNS,

Recent articles by Peter Stephenson,CeRNS,

Review: Core Impact 6.0

Review: Core Impact 6.0

Impact 6.0 from Core Security is a pure penetration testing tool. It is optimised for production use and comes with a suite of pre-programmed exploits. The support agreement provides regular updates with new exploits. Users can write their own exploits and can add to existing ones in the library. Impact can perform pre-configured scenarios or individual exploits.
May 15 2007 12:00AM
Review: NetClarity Branch Auditor 5.0

Review: NetClarity Branch Auditor 5.0

Last year we reviewed NetClarity’s Enterprise Auditor product and we liked it a lot. This year we looked at its little sibling, the Branch Auditor. We were amazed at the power of this little handful of an appliance.
May 15 2007 12:00AM
Review: Forensic Tool Kit v 1.70

Review: Forensic Tool Kit v 1.70

AccessData is one of the venerable developers of computer forensic software. The company’s biggest strength is that it is — and has been since its inception — the go-to supplier of password recovery tools.
May 8 2007 7:54AM
Review: Rapid7 NeXpose

Review: Rapid7 NeXpose

Rapid7 NeXpose is, generally, an impressive appliance. Although it is a hybrid (vulnerability scanner and penetration test tool), the pen tool is used specifically to validate vulnerabilities and is not intended to be used alone. This is typical of the way an attacker would attempt to penetrate a target.
Apr 10 2007 12:00AM
Review: eEye REM Security Manager

Review: eEye REM Security Manager

We found the combination of the REM Security Manager and the Retina Scanner to be easy to use and deploy. In fact, ease of use is this product’s hallmark. The user interface is similar to MS Windows Explorer and is among the most intuitive we’ve seen.
Apr 10 2007 12:00AM
Product section: SC Lab takes a look at email content filtering, policy management products

Product section: SC Lab takes a look at email content filtering, policy management products

The theme in the labs this month was policy, policy and more policy. Lab manager Mike Stephenson looked at email content filtering, which depends on policies for its success, while reviewer Justin Peltier evaluated policy management products. In these two areas, policy determines success, but the two views are quite different.
Mar 14 2007 7:17PM
Review: Tenable Nessus 3

Review: Tenable Nessus 3

Nessus is one of the granddaddies of vulnerability scanners. Today, Nessus is not only a powerful open source product in its own right, it is the basis for some of the most powerful commercial vulnerability scanners available.
Feb 5 2007 12:00AM
Review: ISS Proventia Network

Review: ISS Proventia Network

The ISS Proventia Network Enterprise Scanner is part of a larger security management system and, as such, shows its best performance as part of that suite. We tested the product outside of the Proventia suite and we do not recommend this approach. The network scanner requires, at minimum, MS SQLServer and ISS Site Protector to support it. If all you need is a vulnerability scanner, this is not your best bet.
Feb 5 2007 12:00AM
Review: Saint Scanner + Exploit

Review: Saint Scanner + Exploit

We have been watching Saint a long time. Saint, as many old-timers may recall, began life as an open source version of Satan, one of the first serious open source vulnerability scanners. Eventually the tool was commercialised and it has maintained many of its open source roots.
Feb 5 2007 12:00AM
Review: Passive Vulnerability Scanner

Review: Passive Vulnerability Scanner

The Tenable Passive Vulnerability Scanner (PVS) is a most interesting product. It is truly passive in that it does not perform active scans of any kind. It is, simply, a very smart sniffer. The product depends for its usefulness on the way that it collects and reports vulnerability data. Since the PVS is always listening, it constantly collects information from the normal data flows on the network. This is superior to active scanners in two important ways.
Jan 29 2007 12:00AM
Product Section: Two staples of information protection

Product Section: Two staples of information protection

This month, we have juxtaposed two of the foundations of information security: data protection and vulnerability assessment. On the protection side, we look at some of the key products in the area of whole disk encryption.
Jan 8 2007 10:02PM
Review: StillSecure StrataGuard Free

Review: StillSecure StrataGuard Free

As its name implies, this is a free version of the StillSecure StrataGuard intrusion detection system (IDS) and intrusion prevention system (IPS) products. The software lacks some features present in the commercial versions, such as automatic rule updating and individual device protection, but none of these limitations need be a problem for its target audience, the small business and individual user.
Oct 1 2006 12:00AM
Review: NetPilot

Review: NetPilot

The NetPilot appliance is simple to set up – you just plug it in and turn it on. It has clearly labelled ports for all network connections.
Aug 10 2006 12:00AM
Review: Proventia Network MFS Appliance

Review: Proventia Network MFS Appliance

This product was amazingly easy to set up and use. Recommended for its power and simplicity, we had it up and running in no time at all.
Aug 10 2006 12:00AM
Review: Sidewinder G2 1100C

Review: Sidewinder G2 1100C

The Sidewinder G2 is a powerful multi-function security tool, but requires some experience to get really comfortable with its management.
Aug 10 2006 12:00AM
Review: VPN-1 UTM Edge Appliance

Review: VPN-1 UTM Edge Appliance

This is a user-friendly gateway-style appliance. Installation is made simple by an easy-to-follow setup wizard that sets up the initial port configuration for connecting to the internet and licensing the product. After setup, the intuitive web interface is used for all policy and device management.
Aug 10 2006 12:00AM
Review: DFL-M510

Review: DFL-M510

The DFL-M510 is extremely easy to use. Take it out of the box, plug it in, log in to the Java-based web interface and follow the setup wizard for a quick, seamless installation into the network. Once the device is set up, the management interface becomes a one-stop shop for system and policy management, as well as for generating monitors, logs, and reports.
Aug 9 2006 12:00AM
Review: Finjan Vital Security Web Appliance NG-5100

Review: Finjan Vital Security Web Appliance NG-5100

This appliance is in-depth and focused on malware, lacking VPN and IDS/IPS capabilities. The configurations are granular and take a lot of time to put in place. While the setup and installation of the NG-5100 are very simple, configuration is not an easy task. That said, documentation plays a large role in making the configuration process much less arduous.
Aug 9 2006 12:00AM
Review: FortiGate-300A

Review: FortiGate-300A

We found this product reasonably simple to use. The web interface is easy to navigate and is laid out in an organised manner. But configuring the ports properly and setting up the initial configuration and policies was a little confusing.
Aug 9 2006 12:00AM
Review: InstaGate PRO

Review: InstaGate PRO

This product is feature-rich and especially easy to use and administrate. Setting it up is as simple as taking it out of the box and plugging it in. It is then configured using the simple web interface-based setup wizard.
Aug 9 2006 12:00AM

Log In

Email:
Password:
  |  Forgot your password?