Security Management Strategies for the CIOAccess "Who's who in IT risk management vendors 2003"
This article is part of the July 2003 issue of Balancing act: Security resource planning helps manage IT risk
One of the difficulties in evaluating solutions in the nascent security resource planning market niche is selecting a representative sample of vendors. Identifying and addressing IT risk isn't a linear process, and for every step in the risk lifecycle, there are multiple solutions. While the three providers examined in this article (Archer, TruSecure, Xacta) offer the most complete solutions for addressing the SRP process, several other IT and infosecurity vendors market products and services that target parts of the process on both technical and infrastructural levels. Vulnerability assessment solutions identify vulnerabilities on specific platforms--operating systems, databases and applications. These solutions can probe for weaknesses from the network with no knowledge of the environment or with administrator privileges and full access to system information. They seek out exposures and weaknesses, both active and latent. But their strength is in identification, which is only half the battle. Among others, Internet Security Systems, Symantec, NetIQ, ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
IT risk assessment: Using security resource planning products to improve
by Pete Lindstrom, Contributor
Enterprise risk management is a delicate balancing act. A look at three "security resource planning" products that seek to bring order to the process.
-
Using decision-tree modeling to determine paths of attack
by Pete Lindstrom, Contributor
Learn how one startup leverages decision-tree modeling to identify unwanted outcomes.
-
Infosec professional profile: Ron Gula
by Anne Saita, Senior Editor
Ron Gula rocked the IDS market with Dragon. Now he's trying to catch Lightning in a bottle.
-
Review: Configuresoft ECM 4.5 prevents security configuration errors
by Scott Sidel, Contributor
Review: Configuresoft ECM 4.5 improves security and automated compliance by preventing common configuration errors.
-
How to address SAN architecture security weaknesses
by Vijay Ahuja, Contributor
SAN technology has burst out of the data center, exposing the world to SAN architecture security weaknesses.
-
IT risk assessment: Using security resource planning products to improve
by Pete Lindstrom, Contributor
-
-
SRP evaluation criteria: Tools to enable security as a process
by Pete Lindstrom, Contributor
We evaluated three security resource planning (SRP) products based on this list of key criteria.
-
Who's who in IT risk management vendors 2003
by Pete Lindstrom, Contributor
Several IT risk management vendors market products and services that target parts of the enterprise risk management process.
-
Honeypot technology: How honeypots work in the enterprise
by Lance Spitzner, Contributor
The founder of the Honeynet Project explains how honeypots work and how they complement other technologies.
-
How to avoid federal Wiretap Act issues with a honeypot network security system
by Richard P. Salgado, Contributor
Hackers have rights, too. How can you deploy honeypots without running afoul of the law?
-
SRP evaluation criteria: Tools to enable security as a process
by Pete Lindstrom, Contributor
-
Columns
-
Opinion: 2003 Gartner Hype Cycle for infosec is wrong on IDS
by Andrew Briney
Et tu, Gartner? The research firm's pronouncement that IDS is dead is just the latest Hype Cycle gone awry.
-
Opinion: 2003 Gartner Hype Cycle for infosec is wrong on IDS
by Andrew Briney
More Premium Content Accessible For Free
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...
Emerging threat detection techniques and products
E-Handbook
Advanced persistent threat (APT) has been a used and abused term in the security industry, but security experts say targeted attacks are a growing ...
The rapid evolution of MDM solutions
E-Zine
Mobile device management (MDM) continues to grow at a feverish pace, both in terms of adoption and mobile security features. BYOD policies, and the ...