According to the Forbes Insights/BMC second annual IT Security and Operations Survey, 43 percent of enterprises plan on redoubling their patching and remediation efforts in 2017, citing patch automation investments as having the best ROI among security technology purchases in 2016. It's not hard to understand why: the same survey reveals that known security vulnerabilities continue to cause the majority of data breaches and security compromises. Rapid7 and Qualys are two leading cybersecurity vendors in the vulnerability management space—let's see how they stack up in this comparison.
Penetration testing (pen testing) is crucial for developing and maintaining hardened, attack-resilient systems—these can be applications, nodes, or entire networks/environments. Specialized tools are readily available for discovering vulnerabilities and security gaps in these systems; in this comparison, we'll compare Arachni and OWASP Zed Attack Proxy (ZAP), two popular security suites for application-level pen testing.
IT admins managing expansive infrastructures require specialized tools for discovering IT assets living in their environments—no trivial task, considering the myriad of nodes connected at any given time: guest laptops, mobile devices, dev/test servers, virtual machines, old desktops, and more. Cybersecurity suites such as ForeScout and Tanium have made infrastructure discovery and visibility their bread-and-butter; let's see how they stack up in this comparison.
In a recent report by Forbes and BMC, known vulnerabilities were cited as the leading cause of data breaches, accounting for 44 percent of security incidents. These statistics underscore the importance of proper vulnerability management; judging by the continued failure of organizations to properly patch/update their software and systems, the practice is easy in theory but hard in practice. Tripwire and Qualys are two cybersecurity vendors with a keen focus on keeping vulnerabilities in check—let's see how they stack up in this comparison.
You may have heard that perimeter security is dead, but rest assured, IT folks aren't about to do way with their corporate firewalls just yet. The perimeter is just one—albeit critical—dimension of your organization's digital attack surface, and endpoint security is no less important, especially with the continued enterprise adoption of cloud and mobile technologies. Tanium and IBM BigFix are competing solutions in this space that were, interestingly, born from the same progeny.
Data analytics continue to play an integral function in cybersecurity—from SIEM to advanced network-based intrusion detection (NID), today's leading solutions are heavily reliant on data science-backed, actionable threat intelligence to detect and mitigate cyber attacks. Varonis is one such vendor whose platform revolves around cybersecurity data analytics; let's see how it holds up against leading security vendor Tripwire.
Network and perimeter-based security remains a crucial pillar of enterprise resilience, but with the rise of new computing models like the cloud and mobile, more emphasis is being placed on protecting endpoints than ever before. And with business processes and communications increasingly take place outside of traditional firewall boundaries, vendors like Carbon Black and CrowdStrike are focused on protecting these potential cyber attack entry points wherever they may be, inside or outside the perimeter network.
More often, catastrophic outages and security compromises can be traced back to simple misconfigurations and unpatched systems. This isn't to say that elements like pilot error and the workings of nefarious actors are not common—they certainly are—but IT asset misconfigurations tend to be the lowest common denominator in most of these scenarios. That being the case, a plethora of solutions focus on systems management for maintaining strong security and quality of service. Tanium and Microsoft System Center Configuration Manager (SCCM) are two such solutions competing in this space.
Effective cybersecurity is no longer relegated to deep-pocketed enterprises—a myriad of open source solutions can offer adequate protection to the most cash-strapped of organizations. That said, there are some capabilities free just won't get you, but how critical are they in the grand scheme of cyber resilience and are they worth the price tag? Tripwire and OSSEC are two popular solutions on opposite sides of this spectrum; let's see how they stack up.
To survive in today's cyber threat landscape, enterprises increasingly rely on layered defenses to smooth out attack surfaces. A variety of tools are available to cover all parts of the security continuum: security information and event management (SIEM), security configuration management (SCM), vulnerability detection, and more. Tripwire and RedSeal are two platforms that cover different, but equally important, aspects of enterprise security—let's see how they stack up in this comparison.
It's not uncommon for organizations to encounter hundreds of security incidents on a daily basis—from the trivial poking and prodding of script kiddies to nefarious activities that constitute the inner workings of advanced persistent threats (APTs). Transforming this volume of data into actionable information is impossible without the assistance of security intelligence, specifically, the analytic capabilities of security information and event management (SIEM) tools. AlienVault USM and IBM QRadar are two leading platforms that focus heavily on these areas—let's see how they stack in this comparison.
Log management solutions play a crucial role in an enterprise's layered security framework— without them, firms have little visibility into the actions and events occuring inside their infrastructures that could either lead to data breaches or signify a security compromise in progress. Splunk and ELK (a.k.a BELK or Elastic Stack) are two of the leading enterprise solutions in this category; let's see how they stack up in this comparison.
Fee versus free, how do the two compare when it comes to intrusion detection? Specifically, how does the open source Advanced Intrusion Detection Environment (AIDE)—commonly referred to as the free Tripwire replacement—stack up against Tripwire Enterprise, the longstanding leader in this category?
How does the fourth-largest network security company by revenue hold up against the first cybersecurity firm certified by the U.S. Department of Homeland Security? Fortinet's appliances and next generation firewalls (NGFW) have made it a category leader in unified threat management (UTM); let's see how they stack up against FireEye's comprehensive suite of enterprise security solutions.
It's been said that to defeat cyber attackers, you must think like them. For most organizations, this seldom is the case; efforts to bolster cybersecurity measures rarely go beyond implementing stronger controls, training employees to be vigilant, and—on occasion—hiring outside firms to assist in security testing efforts. However, for firms intent on staying one step ahead of nefarious actors, penetrating their own network defenses on a regular basis is crucial to maintaining continuously effective security. To this end, Metasploit and Nmap are two popular tools that enable firms to diagnose critical security gaps before they lead to data breaches.
Cylance and Tanium—both firms are in the billion dollar valuation club, but what does this buy in terms of cybersecurity? Tanium claims 15 seconds to visibility and control, while Cylance combines AI and machine learning with endpoint protection. Let's find out if these security vendors' solutions can give organizations a fighting chance in a digital world fraught with cyber threats.
15 second visibility versus three decades of infosec experience, which will ultimately prevail? Tanium claims it can provide security teams with visibility and control over every endpoint in 15 seconds or less, regardless of network size; Intel Security is of course the venerable McAfee, rebranded/repositioned after being acquired by its current namesake in 2011. Find out how these two compare when it comes to protecting today's enterprises against cyber threats.
Effective cybersecurity these days is a complex and multifaceted affair involving a myriad of approaches: intrusion detection/prevention, vulnerability detection, malware mitigation, security configuration management (SCM), security information and event management (SIEM), patch management, file integrity monitoring (FIM), and more. For most organizations, however, the shortest path of least resistance means deploying a consolidated platform combining a multitude of these approaches. Tenable SecurityCenter Continuous View (CV) and Symantec Endpoint Protection are two such offerings.
Despite espousing a common, layered approach to security these days, most enterprise security suites have taken markedly divergent paths to essentially arrive at the same location. For example, some solutions started out as intrusion detection and protection systems (IDPS) and gradually added on vulnerability detection and security information and event management (SIEM). Others began as penetration testing (pentesting) tools—or have built their offerings around pen testing—and similarly expanded their solutions to include other security mechanisms like endpoint protection and anomaly detection. Core Security and Rapid7 are two such enterprise security suites; let's see how they stack up in this comparison.
Continuous security and vulnerability detection—both Tenable and Qualys have built industry-leading suites around these two cybersecurity disciplines. The latter in particular serves as a focal point for both vendors, with Tenable SecurityCenter and Qualys Enterprise going head-to-head for the top slot in the vulnerability management category. Let's see how the two stack up in this comparison.
Cyber resilience is a fundamental change in understanding and accepting the true relationship between technology and risk. IT risk (or cyber risk, if you prefer) is actually business risk, and always has been. And the cybersecurity industry, for what it's worth, has generally avoided this concept because it goes against the narrative that their respective offerings—whether it's a firewall, IDS, monitoring tool, or otherwise—would be the one-size-fits-all silver bullet that can keep businesses safe. But reality tells a different story.