Features

Review: AZScan

Review: AZScan

AZScan has a way to go to become a world-class vulnerability assessment tool – the product is not intuitive. First, one needs to know quite a bit about the product being audited. Second, there is no online help or tool tips. Third, the menu choices don’t always behave as expected. Set-up seems easy at first, but details often don’t work.
Peter Stephenson,CeRNS, Feb 1 2006 12:00AM Security
Review: BindView Control Compliance Suite

Review: BindView Control Compliance Suite

The BindView Compliance Control Suite includes bv-Control for Windows, bv-Control for Internet Security and Compliance Center. This is a very complex suite of products and is part of a complete compliance and assessment toolkit that offers virtually every view necessary of the security compliance status of an enterprise. This very strength makes configuration and use of the product difficult at first.
Peter Stephenson,CeRNS, Feb 1 2006 12:00AM Security
Review: Core Impact

Review: Core Impact

Core Impact is different in that while it performs vulnerability assessment, it is primarily a penetration testing tool. It behaves like a hacker, performing vulnerability and port scans then attempting to penetrate the target using the vulnerabilities it finds. There are real benefits to this approach.
Peter Stephenson,CeRNS, Feb 1 2006 12:00AM Security
Review: GFI LANGuard Network Security Scanner

Review: GFI LANGuard Network Security Scanner

This is a straightforward vulnerability scanner that also manages patch deployment. It can push patches and service packs out to target computers by means of a patch agent installed on the target. We found it generally competent and straightforward to install on our Windows 2000 notebook.
Peter Stephenson,CeRNS, Feb 1 2006 12:00AM Security
Review: Nessus/NeWT

Review: Nessus/NeWT

Nessus has been a mainstay of vulnerability scanning since the Nessus Project was started by Renaud Deraison in 1998. The Nessus website claims that over 75,000 organizations worldwide use the program.
Peter Stephenson,CeRNS, Feb 1 2006 12:00AM Security
Review: NeXpose

Review: NeXpose

As an appliance, NeXpose fits into our category of fully featured products, but it is also available as software only. Uniquely, Rapid 7 also offers a managed service for organizations with limited resources.
Peter Stephenson,CeRNS, Feb 1 2006 12:00AM Security
Review: SAINT Scanner

Review: SAINT Scanner

Saint is a venerable product with its roots in the earliest days of automated vulnerability assessment. It has been dressed up in a new suit of clothes since becoming a commercial product, but retains its strong Unix roots.
Peter Stephenson,CeRNS, Feb 1 2006 12:00AM Security
Review: RSA SecurID Appliance

Review: RSA SecurID Appliance

This appliance is aimed at SMEs wanting two-factor authentication, but which cannot manage their own authentication server. It supports up to 250 users, and automates much of the normal hassle of configuration and management. Despite the SME focus, a larger enterprise might use it to give a core group of users strongly authenticated access to intranet resources.
Jon Tullett Feb 1 2006 12:00AM Security
Review: BlackSpider MailControl

Review: BlackSpider MailControl

BlackSpider’s services have performed well in our previous, more filtering-oriented tests. The company is focused on mail and web filtering, and unlike other services, it has no plans to offer long-term mail archival, claiming limited demand — surprising, but there are good arguments for separating email management from archiving.
Jon Tullett Feb 1 2006 12:00AM Security
Review: Mimecast Online

Review: Mimecast Online

Mimecast offers its technologies as an appliance and a managed service for smaller enterprises, run from three data centers. The service is almost wholly automated, with clients not expected to do much admin work at all beyond reporting.
Jon Tullett Feb 1 2006 12:00AM Security
Review: MIMEsweeper Email Managed Service

Review: MIMEsweeper Email Managed Service

Clearswift is well-known for its MIMEsweeper filtering software, but entered two new markets in 2005. First, it introduced an appliance format of the product, and then launched a managed service with no fanfare.
Jon Tullett Feb 1 2006 12:00AM Security
Review: SoftScan

Review: SoftScan

SoftScan services clients around the world, but while its support hours are European, 24x7 telephone support is available for a fee.
Jon Tullett Feb 1 2006 12:00AM Security
Review: ReadyARM

Review: ReadyARM

Avanton’s ReadyARM is an IDS appliance aimed at SMEs. It is based on open-source IDS and vulnerability-scanning software and has custom wrappers to hold it together, a web GUI and prepackaged reports.
Jon Tullett Feb 1 2006 12:00AM Security
Endpoint security reaches across the network perimeter

Endpoint security reaches across the network perimeter

The economy may be on the upswing, but increasing global competition combined with a multitude of compliance issues such as regulatory audits continue to pose a costly problem for organizations.
Alan Bentley Jan 27 2006 1:20PM Security
It can be better to be needed than wanted

It can be better to be needed than wanted
Ron Condon Jan 25 2006 4:19PM Security
Debate: Anti-virus products just don’t work and vendors are not helping their customers

Debate: Anti-virus products just don’t work and vendors are not helping their customers
Andy Campbell Jan 25 2006 3:56PM Security
A changing profession

A changing profession

Information security people are rising rapidly through the ranks as the profession matures and their role gains greater recognition outside the confines of the IT department.
Ron Condon Jan 25 2006 2:45PM Security
Dan Newman, Instructor and hacking expert on the Ethical Hacking course (CEH) at The Training Camp

Dan Newman, Instructor and hacking expert on the Ethical Hacking course (CEH) at The Training Camp
Staff Writers Jan 25 2006 2:36PM Security
Are your systems just too old?

Are your systems just too old?

Legacy systems are resilient and cost-effective… but were never designed for today’s security needs
Staff Writers Jan 25 2006 2:13PM Security
We all need open standards

We all need open standards

The latest SANS "Top 20" vulnerability list was released recently. While it needs to be taken with a pinch of salt, it did come up with an interesting observation. It seems the focus is shifting, from holes in OSs to those in applications.
Nick Barron Jan 25 2006 1:59PM Security

Log In

  |  Forgot your password?