Review: Security Expressions

This is a very interesting application which enables you to monitor compliance with policies via audits against your IT infrastructure. This alone would represent valuable functionality, but Security Expressions does not stop there.

In addition to an unambiguous OK or not OK against every item, a summary is available for every policy audit with a weighted score.

A detail pane is also available for every item, which enables you to quickly toggle between a preamble description, rule detail, summary and configure, which enables you to configure the policy file.

Even more interesting, right-clicking an item in the audit results pane enables you to edit the policy rule, configure a new rule, or fix the item in question to make it compliant with the existing rule. Such fixes can be rolled back if you change your mind.

In practice, all these functions performed exactly as expected. Audits can be quickly performed against individual workstations or entire workgroups without the use of agents. Everything is simply orchestrated from the central host position. Similarly, fixes can be undertaken remotely, which is an intuitive and quite powerful way of working.

The reports section is just as interesting and especially valuable in the context of creating policy documents. A comprehensive range of reports are available, which can be easily run against target machines to produce attractive pre-formatted reports that serve as currently enforced policy statements. The reports can be exported if desired in PDF format, ensuring widespread accessibility.

Security Expressions makes the often nightmare concept of devising, maintaining and enforcing security policies an achieveable and straightforward task.

Full marks then to Pedestal Software for providing an intuitive and genuinely useful tool, which will help busy administrators automate tedious, but necessary, everyday jobs.

For:

Intuitive operation.

A slightly busy interface.

A comprehensive policy management tool.