PRO+ Premium Content/Information Security

Thank you for joining!
Access your Pro+ Content below.
June 2007

SIMs maturing and suitable for mid-market

Security Information Management (SIM) tools have come a long way. When Information Security reviewed them three years ago, they were still relatively immature and expensive, requiring significant time and effort to return much value. SIMs promised to help security managers better handle overwhelming amounts of data from IDSes, firewalls and other devices but the results were a little fuzzy. Since then, SIM vendors have been hard at work tuning and improving their products and the picture is becoming clearer. Some of the directions are inevitable and obvious: better storage techniques for more information, faster CPUs to cope with higher loads, and tweaks to reporting and archiving to deal with specific compliance requirements. Other innovations and developments show a maturity of the marketplace and products responding to the needs of security managers. We identified six new directions in SIM technology, ranging from a greater emphasis on visualization tools to stronger active response techniques. This broadening of SIM ...

Access this PRO+ Content for Free!

Features in this issue

  • SIMs maturing and suitable for mid-market

    Security information management systems (SIMs) tools have expanded with more capabilities such as active threat response. The broadening of the technology will provide security managers with a sharper view of their overall security posture.

  • Product review: nCircle Configuration Compliance Manager

    nCircle Configuration Compliance Manager brings policy compliance and secuirty management into one centralized software suite. It provides vulnerability scanning via third-party scanners such as Nessus. This product review rates the software's ease of installation, features and effectiveness.

  • Encryption key management blunders can render deployments useless

    Encryption sounds like an ideal way to protect data but key management, including accountability, training, and enforcement of password complexity, are challenging.

Columns in this issue