Latest News
Hack at UnitedHealth's tech unit impacted 192.7 million people
ATO considers AI coding assistance for 800 core developers
Suncorp deploys Duck Creek at AAMI
"BitUnlocker" full-volume encryption bypass found by Microsoft researchers
Orro: Hyper connected consumers drive intelligent network investments
Recent articles by Peter Stephenson
Review: Technology Pathways ProDiscover Incident Response 7.4
ProDiscover Incident Response (IR) from Technology Pathways is a computer security tool that allows users to preview, image, view, search, analyze and report. ProDiscover also provides solutions for corporate policy compliance investigation, e-discovery and computer forensics.
May 14 2013 5:00PM
Security
Review: CRU WiebeTech Forensic ComboDock v5
The Forensic ComboDock is a read/write blocker. It makes it impossible to unintentionally turn off write-blocking. Every time it is turned on, it asks the user to choose either write-blocking or read/write mode, avoiding problems that can occur when the user forgets to change the mode to write-blocking. Its LED indicator light and a screen menu also clearly identify the work mode.
May 14 2013 4:57PM
Security
Review: AlienVault Unified Security Management (AV-USM) v4.1
AlienVault's Unified Security Management (AV-USM) platform combines open source technologies for asset discovery/inventory, vulnerability assessment, threat detection, behavioral monitoring and security intelligence/event correlation.
May 14 2013 4:55PM
Security
Review: eIQnetworks SecureVue v3.6.3
SecureVue provides all of the elements one would expect in a SIEM - log consolidation, threat correlation, incident management (including ticket issuance), event analytics, forensic analysis, compliance reporting, change auditing, event alerting, an array of user definable/customizable alerting and reporting options, and more.
May 14 2013 4:47PM
Security
Review: GFI EventsManager 2013
GFI EventsManager collects, centralizes, normalizes, consolidates and analyzes a wide range of log types, such as World Wide Web Consortium (W3C) and any text-based formats, Windows events, SQL Server and Oracle audits, and syslog and simple network management protocol (SNMP) traps generated by devices, such as firewalls, servers, routers, switches, sensors, SQL server systems, PCs and custom devices.
May 9 2013 5:43PM
Security
Review: HP ArcSight Express
The HP ArcSight Express appliance features a full set of SIEM capabilities, including security event correlation, log management, IT search, NetFlow monitoring and compliance reporting. Using this tool, security professionals and system administrators can identify and investigate many security events and rule violatations - all from a single interface. Along with the usual monitoring and reporting functions of a SIEM, this offering also features user activity and role monitoring, which provides a more complete picture of certain security events and how they occurred.
May 9 2013 3:58PM
Security
Review: LogRhythm
The LogRhythm appliance goes way beyond traditional security event monitoring and management. This appliance features log and event management functions as with any SIEM, but beyond that it includes advanced correlation and pattern recognition driven by its onboard Advanced Intelligence Engine, with host activity and file integrity monitoring, and drill-down capabilities to get to the raw log data for analysis and forensics.
May 9 2013 3:50PM
Security
Review: McAfee Enterprise Security Manager
The McAfee Enterprise Security Manager is back this year after a full transformation from its former self, the NitroView ESM. Many of the obvious differences are skin deep, and much of the robustness of the previous product remain intact, including the familiar management console, but more on that shortly. For those who do not know this product, the Enterprise Security Manager is the ultimate high-powered SIEM. This tool uses a proprietary backend database that allows it to collect more than 18,000 events per second from a single receiver and feed them through an advanced correlation engine for deep analysis.
May 9 2013 3:44PM
Security
Review: NetIQ Sentinel
Sentinel from NetIQ offers a lot of robust SIEM features and functions. This product features log collection, aggregation, correlation and analysis and reporting - all from one single point that is easy to use and manage. Administrators and security personnel can use this tool to gain a great amount of insight into security events, as well as prevent threats that may be unseen without the use of Sentinel's powerful log correlation engine.
May 9 2013 3:41PM
Security
Review: SolarWinds Log & Event Manager
The SolarWinds Log & Event Manager, also known as the LEM, is a virtual appliance capable of collecting logs and events from almost any network-connected device and then correlating that data for further analysis. The LEM virtual appliance can be deployed in either a VMware ESX or Microsoft Hyper-V virtual environment and can provide insight into security events, as well as help with performance monitoring and compliance management.
May 9 2013 3:37PM
Security
Review: Panda GateDefender Integra eSeries eSB
Panda Security's GateDefender Integra eSeries eSB is both easy to set up and offers a rich feature set, with a great deal of flexibility. To get the most out of the product however, administrators should be familiar with a number of open-source technologies.
May 7 2013 10:52AM
Security
Review: Sophos UTM 220
Perhaps best known for its anti-virus products, Sophos has produced a stellar UTM with its 220. Targeting small to mid-sized offices with up to 150 users, it combines standard UTM offerings with a few features we did not expect, making it something definitely worth looking at.
May 7 2013 10:47AM
Security
Review: aXsGuard Gatekeeper
Administrators of smaller environments on a fixed budget could do very well by the aXsGuard Gatekeeper by Vasco. While a little more complicated to use than some of the more expensive products, a little attention to detail and the device performs well.
May 7 2013 10:45AM
Security
Review: WatchGuard XTM 830
While best known for its firewalls, WatchGuard is no slouch in the UTM space. As we detail below, its XTM 830, while somewhat pricey, provides an excellent enterprise-grade perimeter defence against viruses, spam and other unwelcome traffic - and includes a number of other features all in one easy-to-administer device.
May 7 2013 10:42AM
Security
