Ticketing systems are essential to today's enterprise IT help desk operations—without them, service requests and issues would end up lost inside a flurry of emails and handwritten notes. Both JIRA's Service Desk and ServiceNow are leading solutions in this category; the latter has a 25% share of the IT service management (ITSM) market, while Atlassian—though more software developer-focused—is a household name when it comes to project management and collaboration tools.
Network and perimeter-based security remains a crucial pillar of enterprise resilience, but with the rise of new computing models like the cloud and mobile, more emphasis is being placed on protecting endpoints than ever before. And with business processes and communications increasingly take place outside of traditional firewall boundaries, vendors like Carbon Black and CrowdStrike are focused on protecting these potential cyber attack entry points wherever they may be, inside or outside the perimeter network.
More often, catastrophic outages and security compromises can be traced back to simple misconfigurations and unpatched systems. This isn't to say that elements like pilot error and the workings of nefarious actors are not common—they certainly are—but IT asset misconfigurations tend to be the lowest common denominator in most of these scenarios. That being the case, a plethora of solutions focus on systems management for maintaining strong security and quality of service. Tanium and Microsoft System Center Configuration Manager (SCCM) are two such solutions competing in this space.
Effective cybersecurity is no longer relegated to deep-pocketed enterprises—a myriad of open source solutions can offer adequate protection to the most cash-strapped of organizations. That said, there are some capabilities free just won't get you, but how critical are they in the grand scheme of cyber resilience and are they worth the price tag? Tripwire and OSSEC are two popular solutions on opposite sides of this spectrum; let's see how they stack up.
When it comes to IT service management (ITSM) platforms, the two main contenders that usually come to mind are ServiceNow and BMC Remedy. Not surprisingly, these two vendors collectively own 50% of the ITSM market, according to Gartner's latest numbers. Let's find out how they compare in helping operations support and deliver enterprise IT services.
To survive in today's cyber threat landscape, enterprises increasingly rely on layered defenses to smooth out attack surfaces. A variety of tools are available to cover all parts of the security continuum: security information and event management (SIEM), security configuration management (SCM), vulnerability detection, and more. Tripwire and RedSeal are two platforms that cover different, but equally important, aspects of enterprise security—let's see how they stack up in this comparison.
It's not uncommon for organizations to encounter hundreds of security incidents on a daily basis—from the trivial poking and prodding of script kiddies to nefarious activities that constitute the inner workings of advanced persistent threats (APTs). Transforming this volume of data into actionable information is impossible without the assistance of security intelligence, specifically, the analytic capabilities of security information and event management (SIEM) tools. AlienVault USM and IBM QRadar are two leading platforms that focus heavily on these areas—let's see how they stack in this comparison.
Log management solutions play a crucial role in an enterprise's layered security framework— without them, firms have little visibility into the actions and events occuring inside their infrastructures that could either lead to data breaches or signify a security compromise in progress. Splunk and ELK (a.k.a BELK or Elastic Stack) are two of the leading enterprise solutions in this category; let's see how they stack up in this comparison.
Fee versus free, how do the two compare when it comes to intrusion detection? Specifically, how does the open source Advanced Intrusion Detection Environment (AIDE)—commonly referred to as the free Tripwire replacement—stack up against Tripwire Enterprise, the longstanding leader in this category?
How does the fourth-largest network security company by revenue hold up against the first cybersecurity firm certified by the U.S. Department of Homeland Security? Fortinet's appliances and next generation firewalls (NGFW) have made it a category leader in unified threat management (UTM); let's see how they stack up against FireEye's comprehensive suite of enterprise security solutions.
When it comes to modern software development, collaboration is the name of the game; to this end, development teams have more than ample selection of tools at their disposal these days. With a user base in the double digit millions, GitHub is the perennial favorite for sharing, collaborating, and repositing code, but the recently revamped Visual Studio Online—now known as Microsoft Visual Studio Team Services (VSTS)—may soon be stealing some of its thunder.
It's been said that to defeat cyber attackers, you must think like them. For most organizations, this seldom is the case; efforts to bolster cybersecurity measures rarely go beyond implementing stronger controls, training employees to be vigilant, and—on occasion—hiring outside firms to assist in security testing efforts. However, for firms intent on staying one step ahead of nefarious actors, penetrating their own network defenses on a regular basis is crucial to maintaining continuously effective security. To this end, Metasploit and Nmap are two popular tools that enable firms to diagnose critical security gaps before they lead to data breaches.
Cylance and Tanium—both firms are in the billion dollar valuation club, but what does this buy in terms of cybersecurity? Tanium claims 15 seconds to visibility and control, while Cylance combines AI and machine learning with endpoint protection. Let's find out if these security vendors' solutions can give organizations a fighting chance in a digital world fraught with cyber threats.
As the dominant cloud vendor by market share, AWS—in efforts to rein back control of its public cloud ecosystem—has expanded its plethora of built-in console offerings to go head-to-head with leading 3rd party-developed tools. For example, Amazon Inspector now enables native automated security assessments while AWS CodePipeline offers continuous delivery and release automation services, all from within AWS. And for keeping a keen eye on EC2 instances and application, there's Amazon CloudWatch for native monitoring of AWS cloud resources. Let's see how it stacks up against Nagios, the leading open source infrastructure monitoring platform.
When it comes to public cloud offerings, few vendors can hold a candle to AWS and Microsoft Azure's dominance in the infrastructure as a service (IaaS) space. However, neither have offered much in terms of hybrid/private cloud platforms and tools—until now. OpenStack has long filled this void with its open source cloud computing platform, but Azure Stack's arrival may finally spell an end to its dominance in the category.
In our previous piece 10 Essential Steps for Configuring a New Server we walked through some of the best practices to follow when setting up a new Linux server. But how can you tell if your server is setup correctly? More importantly, how can you ensure those initial configurations don’t drift over time? With UpGuard, you can do both at any scale, so we’ve created a policy within our cyber resilience platform to match our 10 essential steps as an example of how we can help organizations control their IT environments.
15 second visibility versus three decades of infosec experience, which will ultimately prevail? Tanium claims it can provide security teams with visibility and control over every endpoint in 15 seconds or less, regardless of network size; Intel Security is of course the venerable McAfee, rebranded/repositioned after being acquired by its current namesake in 2011. Find out how these two compare when it comes to protecting today's enterprises against cyber threats.
Linux admins have always relied on the command line to manage their systems. While not as immediately intuitive as a GUI, command line interfaces (CLIs) open up the real power of computing with a slew of versatile commands that can be chained together for nearly any purpose. GUIs, on the other hand, are limited to the nearly always reduced functionality developers built into the buttons and screens. This model makes sense, since only some people will need the “advanced” capabilities of the command line, while others perform only a few tasks over and over with a minimum of knowledge about the software. Regular command line users develop a sense of how to best use the commands over time, but with this UpGuard primer, even dabblers can take advantage of some quick tricks using these five basic Linux commands.
Effective cybersecurity these days is a complex and multifaceted affair involving a myriad of approaches: intrusion detection/prevention, vulnerability detection, malware mitigation, security configuration management (SCM), security information and event management (SIEM), patch management, file integrity monitoring (FIM), and more. For most organizations, however, the shortest path of least resistance means deploying a consolidated platform combining a multitude of these approaches. Tenable SecurityCenter Continuous View (CV) and Symantec Endpoint Protection are two such offerings.
Cyber security compliance standards exist to protect devices, data and people connected to the internet from the myriad threats facing them every day. For example, regulations like the North American Electric Reliability Corporation’s (NERC) Critical Infrastructure Protection (CIP) standards ensure businesses operating in the power industry follow certain guidelines with regard to cybersecurity in order to keep the service they provide reliable. Typically, devices that fall within the scope of these regulations include computers, network devices, and other network-connected devices, such as industry-specific tools, card scanners, etc. But what happens when everything is connected to the network?
Cyber resilience is a fundamental change in understanding and accepting the true relationship between technology and risk. IT risk (or cyber risk, if you prefer) is actually business risk, and always has been. And the cybersecurity industry, for what it's worth, has generally avoided this concept because it goes against the narrative that their respective offerings—whether it's a firewall, IDS, monitoring tool, or otherwise—would be the one-size-fits-all silver bullet that can keep businesses safe. But reality tells a different story.