Category: Product

The new offering is designed to work in concert with Akamai’s offering across joint customers’ web environments in real-time to detect and block attacks, prevent unauthorised data leakage, improve performance and identify and remediate web application coding errors, Breach Security said.

According to Breach Security, the distributed cloud and data centre offering provides enterprises and web properties with the capabilitie to visualise and monitor security, compliance and health of their entire web application development environment from the cloud to the customer data centre.

http://security.cbronline.com/news/breach_security_releases_webdefend_global_event_manager_091214

When LogLogic was founded in 2002, log management was a nascent technology, and the security and business intelligence contained in logs went largely untapped by businesses.

Logs contain virtually everything that administrators need to know about their networks, their systems and devices that connect to the network.

The business and technology challenge is how to capture the terabytes of raw log data produced each day by the average enterprise data center and, in near real-time, drill down to surface only the most important business information.

http://newsblaze.com/story/2009120206312800002.bw/topstory.html

LogLogic’s unique multi-vendor solution leads the industry’s move towards consolidating security event and change management giving customers better security through improved IT infrastructure visibility and control across collaborating teams.

LogLogic’s Security Change Manager is designed to benefit medium to large enterprises, MSSP, ISP and service providers who need to automate security policy management and change management across large or complex networks of routers, firewalls, switches, VPNs and IPSs in homogenous or heterogeneous vendor environments, including Checkpoint, Cisco, Fortinet and Juniper. A single console can automate the design and implementation of rules for large networks or small networks with complex policies and frequent changes.

“While it is good to identify security incidents using correlation of LogLogic Security Event Manager, it is even better to respond to security incidents and prevent future attacks by rolling out firewall policy changes through pre-defined response plans with LogLogic Security Change Manager,” said Dominique Levin, EVP of Marketing and Strategy, LogLogic.

Research shows that organizations experience more security breaches because of manual errors in routine daily networking management tasks than from any external threat. LogLogic Security Change Manager automates the often time-consuming and error-prone manual process of designing and generating network security rule changes.

According to Forrester Research’s July 2009 report titled “TechRadar For Security & Risk Professionals: Network Threat Mitigation, Q3 2009”: “PCI DSS Requirement 1.1.6 mandates that firewall and router configurations be reviewed at least every six months.

The latest release of LogLogic Security Change Manager simplifies and improves email notification integration with any third party CRM or ticketing solution, enabling visibility to multi-tiered approval, change request approval and deployment status.

According to Forrester Research’s July 2009 report titled “Market Overview: Firewall Auditing Tools”: “With its acquisition of Exaprotect, LogLogic is the first vendor to directly tie firewall auditing capability into its SIM technology.

LogLogic’s open log management platform enables customers to collect, search and store massive amounts of IT log data from a myriad list of devices and applications for a comprehensive fingerprint of past and current activity, through one convenient, easy-to-use web-based user console.

http://www.darkreading.com/security/management/showArticle.jhtml;jsessionid=HQVORXCLBU4A3QE1GHRSKHWATMY32JVN?articleID=219501102

We deploy different collection mechanism strategies on different pages to evade detection, as well as evolve our system with new strategies,” says Sanjay Sehgal, CEO of Pramana, who is keeping the details of the inner workings of HumanPresent close to the vest so as not to tip off the bad guys. “We are in the abuse and fraud detection and prevention part of the security space, not network security,” he says.

In addition, Pramana’s technology doesn’t use device fingerprinting to identify a bot or rogue activity like other online fraud firms, such as Iovation and 41st Parameter.

Pramana offers both a Linux-based virtual appliance that handles the fraud detection on-site or a software-as-a-service model.

Among Pramana’s customers so far are financial services firms, social networking sites, online gaming sites, and Webmail sites.

Pricing for the HumanPresent SaaS ranges from 50 cents to $2 per user or per transaction; the company has not yet determined pricing for its appliance, which is based on a hardened version of Linux.

http://www.darkreading.com/securityservices/security/attacks/showArticle.jhtml;jsessionid=DREA5TXWFFJSYQSNDLRSKH0CJUNN2JVN?articleID=217300733

BeCrypt (Booth 2231) offers a USB key with a complete operating environment as a way to run a secure session on an unmanaged PC. Insert the drive in a USB port and configure the laptop to boot from the USB, and the hard drive is bypassed altogether in favor of the software on the USB stick. The USB drive, called the BeCrypt Trusted Client, contains a stripped-down version of Linux, along with any applications you want to run. This setup would allow a government worker to run a secure session from anywhere by using the basic secure OS along with downloadable applications provided by Citrix software or some other client. The material on the drive is encrypted with either 128 bit or 256 bit Advanced Encryption Standard (AES). The drive itself has a shock rating of 300 Gs operating and 900 Gs when not in use, it can work in temperatures ranging from 20 degrees below zero to 75 degrees centigrade.

What makes this drive bootable is that it comes with backup and recovery software called BounceBack. When the hard drive fails, plug this portable drive in to the USB port and you can boot directly into the backup. If you don’t need rugged, you could just buy the BounceBack software and back everything up to your own USB key or portable hard drive.

For the security-conscious, MXI Security (booth 2223) does these offerings one better with a couple of bootable USB drives that use Common Access Card-level user authentication out of the box. The Access CAC is a USB drive with fingerprint reader, as well as the ability to hold CAC public key infrastructure credentials. The user can set up the device to allow access to its files only by a combination of a fingerprint biometric and a password. Or, if that drive is attached to a computer with a CAC reader on a Defense Department network, access can be granted through CAC authentication. A worker who wants to sign onto a Defense Department network from a public machine would just insert a USB drive, and attach a smart card reader into another USB port.

Booting from CD is another option, and increasingly, we are seeing a number of what is known as live CDs, or CDs that contain an entire OS that can be loaded into working memory without touching the hard drive at all. With one of these live CDs, you simply insert the disk and set the computer BIOS to boot from the optical disk player, and the entire Linux desktop environment comes up.

http://gcn.com/Articles/2009/03/12/FOSE-bootable.aspx

“ITR sees that more vendors are entering the Japanese market with the growth in demand based on J-SOX compliance, and the competition becomes tighter…. Working together, we help customers reduce the costs and complexity associated with compliance auditing and security investigations, as well as monitoring privileged user activity and sensitive data use.”

The company has further evolved its technology to create advanced event data warehouse solutions, which are optimized for precise querying and correlation across complex event data sources to address new emerging use cases driving the need for a security data warehouse.

“Japan is a very large and competitive market, where product quality, ease of use, innovation and strong local relationships are highly valued,” said Jim Pflaging, president and chief executive officer of SenSage.

http://news.prnewswire.com/DisplayReleaseContent.aspx?ACCT=ind_focus.story&STORY=/www/story/02-18-2009/0004974583&EDATE=