“Either it’s a vulnerability in software, which we are all familiar with or configuration changes being made day to day by people within the organization that introduce vulnerabilities,” he said.
Colorado Springs, Co.-based Configuresoft Inc. is making itself stand out by trying to capitalize on organizations upgrading systems to a service oriented architecture and those that are using server virtualization.
Companies such as Lexington, Mass.-based Bladelogic Inc. are filling the need for server configuration management, said Mark Nicolett, research vice president at Stamford, Conn.-based Gartner Inc. “This segment is a bit busier than it had been and I expect this segment to be driven harder,” he said. The vendor is using business intelligence to alert management of any configuration changes that can open holes and increase risk, said Andi Mann, a senior analyst at Boulder, Co.-based Enterprise Management Associates.
George Gerchow, Configuresoft’s technology strategist said merchants seeking compliance with PCI DSS, credit card security standards are driving spending on configuration management tools.
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1252785,00.html