The emergence of the cyber risk assessment space marks a strategic shift in how enterprises handle digital threats, from traditional, ineffective security-centric approaches to blended frameworks that combine layered security and risk management. Let's see how Cavirin and RiskRecon stack up when it comes to measuring enterprise cyber risk.
According to the Forbes Insights/BMC second annual IT Security and Operations Survey, 43 percent of enterprises plan on redoubling their patching and remediation efforts in 2017, citing patch automation investments as having the best ROI among security technology purchases in 2016. It's not hard to understand why: the same survey reveals that known security vulnerabilities continue to cause the majority of data breaches and security compromises. Rapid7 and Qualys are two leading cybersecurity vendors in the vulnerability management space—let's see how they stack up in this comparison.
Penetration testing (pen testing) is crucial for developing and maintaining hardened, attack-resilient systems—these can be applications, nodes, or entire networks/environments. Specialized tools are readily available for discovering vulnerabilities and security gaps in these systems; in this comparison, we'll compare Arachni and OWASP Zed Attack Proxy (ZAP), two popular security suites for application-level pen testing.
IT admins managing expansive infrastructures require specialized tools for discovering IT assets living in their environments—no trivial task, considering the myriad of nodes connected at any given time: guest laptops, mobile devices, dev/test servers, virtual machines, old desktops, and more. Cybersecurity suites such as ForeScout and Tanium have made infrastructure discovery and visibility their bread-and-butter; let's see how they stack up in this comparison.
In a recent report by Forbes and BMC, known vulnerabilities were cited as the leading cause of data breaches, accounting for 44 percent of security incidents. These statistics underscore the importance of proper vulnerability management; judging by the continued failure of organizations to properly patch/update their software and systems, the practice is easy in theory but hard in practice. Tripwire and Qualys are two cybersecurity vendors with a keen focus on keeping vulnerabilities in check—let's see how they stack up in this comparison.
You may have heard that perimeter security is dead, but rest assured, IT folks aren't about to do way with their corporate firewalls just yet. The perimeter is just one—albeit critical—dimension of your organization's digital attack surface, and endpoint security is no less important, especially with the continued enterprise adoption of cloud and mobile technologies. Tanium and IBM BigFix are competing solutions in this space that were, interestingly, born from the same progeny.
Data analytics continue to play an integral function in cybersecurity—from SIEM to advanced network-based intrusion detection (NID), today's leading solutions are heavily reliant on data science-backed, actionable threat intelligence to detect and mitigate cyber attacks. Varonis is one such vendor whose platform revolves around cybersecurity data analytics; let's see how it holds up against leading security vendor Tripwire.
Network and perimeter-based security remains a crucial pillar of enterprise resilience, but with the rise of new computing models like the cloud and mobile, more emphasis is being placed on protecting endpoints than ever before. And with business processes and communications increasingly take place outside of traditional firewall boundaries, vendors like Carbon Black and CrowdStrike are focused on protecting these potential cyber attack entry points wherever they may be, inside or outside the perimeter network.
Effective cybersecurity is no longer relegated to deep-pocketed enterprises—a myriad of open source solutions can offer adequate protection to the most cash-strapped of organizations. That said, there are some capabilities free just won't get you, but how critical are they in the grand scheme of cyber resilience and are they worth the price tag? Tripwire and OSSEC are two popular solutions on opposite sides of this spectrum; let's see how they stack up.
To survive in today's cyber threat landscape, enterprises increasingly rely on layered defenses to smooth out attack surfaces. A variety of tools are available to cover all parts of the security continuum: security information and event management (SIEM), security configuration management (SCM), vulnerability detection, and more. Tripwire and RedSeal are two platforms that cover different, but equally important, aspects of enterprise security—let's see how they stack up in this comparison.
It's not uncommon for organizations to encounter hundreds of security incidents on a daily basis—from the trivial poking and prodding of script kiddies to nefarious activities that constitute the inner workings of advanced persistent threats (APTs). Transforming this volume of data into actionable information is impossible without the assistance of security intelligence, specifically, the analytic capabilities of security information and event management (SIEM) tools. AlienVault USM and IBM QRadar are two leading platforms that focus heavily on these areas—let's see how they stack in this comparison.
Fee versus free, how do the two compare when it comes to intrusion detection? Specifically, how does the open source Advanced Intrusion Detection Environment (AIDE)—commonly referred to as the free Tripwire replacement—stack up against Tripwire Enterprise, the longstanding leader in this category?
How does the fourth-largest network security company by revenue hold up against the first cybersecurity firm certified by the U.S. Department of Homeland Security? Fortinet's appliances and next generation firewalls (NGFW) have made it a category leader in unified threat management (UTM); let's see how they stack up against FireEye's comprehensive suite of enterprise security solutions.
In our previous piece 10 Essential Steps for Configuring a New Server we walked through some of the best practices to follow when setting up a new Linux server. But how can you tell if your server is setup correctly? More importantly, how can you ensure those initial configurations don’t drift over time? With UpGuard, you can do both at any scale, so we’ve created a policy within our cyber resilience platform to match our 10 essential steps as an example of how we can help organizations control their IT environments.
Effective cybersecurity these days is a complex and multifaceted affair involving a myriad of approaches: intrusion detection/prevention, vulnerability detection, malware mitigation, security configuration management (SCM), security information and event management (SIEM), patch management, file integrity monitoring (FIM), and more. For most organizations, however, the shortest path of least resistance means deploying a consolidated platform combining a multitude of these approaches. Tenable SecurityCenter Continuous View (CV) and Symantec Endpoint Protection are two such offerings.
Cyber security compliance standards exist to protect devices, data and people connected to the internet from the myriad threats facing them every day. For example, regulations like the North American Electric Reliability Corporation’s (NERC) Critical Infrastructure Protection (CIP) standards ensure businesses operating in the power industry follow certain guidelines with regard to cybersecurity in order to keep the service they provide reliable. Typically, devices that fall within the scope of these regulations include computers, network devices, and other network-connected devices, such as industry-specific tools, card scanners, etc. But what happens when everything is connected to the network?
When it comes to compliance, passing audits means providing adequate documentation that you've taken the necessary steps to secure your environment. Sometimes creating this documentation can be just as difficult as enacting the security measures themselves, so software solutions exist that are supposed to streamline the compliance documentation process and make it easy for both companies and auditors to determine compliance. Tripwire offers a compliance solution with their suite of products, while Industrial Defender, now owned by defense contractor Lockheed Martin, offers their Automated Systems Manager (ASM) product.
Continuous security and vulnerability detection—both Tenable and Qualys have built industry-leading suites around these two cybersecurity disciplines. The latter in particular serves as a focal point for both vendors, with Tenable SecurityCenter and Qualys Enterprise going head-to-head for the top slot in the vulnerability management category. Let's see how the two stack up in this comparison.
Who provides better continuous security: the world's largest maker of networking equipment or the first cybersecurity firm certified by the U.S. Department of Homeland Security? Due to key acquisitions over the years, both Cisco and FireEye possess a comprehensive suite of enterprise security solutions. In this article, we'll find out how they stack up against each other when it comes to continuous enterprise cyber threat protection.
Users of Intel Security’s McAfee Vulnerability Manager (MVM) have a choice to make before that product hits end-of-life in early 2018. They can either follow Intel Security to Rapid7’s Nexpose vulnerability monitor, or reassess their needs and choose a new direction all together. Either way, IT operations for those customers should plan on a migration away from MVM within the next two years, which in most cases is enough work to justify at least examining the field of vulnerability management products. Tenable, with their SecurityCenter, has been a major competitor in this field, piggybacking on the success of their industry-standard Nessus vulnerability scanner.
Cyber resilience is a fundamental change in understanding and accepting the true relationship between technology and risk. IT risk (or cyber risk, if you prefer) is actually business risk, and always has been. And the cybersecurity industry, for what it's worth, has generally avoided this concept because it goes against the narrative that their respective offerings—whether it's a firewall, IDS, monitoring tool, or otherwise—would be the one-size-fits-all silver bullet that can keep businesses safe. But reality tells a different story.