Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Recent Releases: Security product briefs, January 2006

Learn about the security products that launched in January 2006.

This article can also be found in the Premium Editorial Download: Information Security magazine: How to stop data leakage


@exe Breach Security's BreachGate WebDefend provides comprehensive application-specific security against Web-based threats, without inline deployment. It also protects Web applications by integrating with existing inline network devices such as network firewalls and load-balancers. WebDefend automatically builds and maintains a profile of acceptable application behavior that is used to validate all communication with the Web application; outbound traffic is also monitored for data leaks.

WebDefend pricing starts at $20,000.

Rapid7's NeXpose Appliance for vulnerability management scans devices, systems, software and Web server applications to locate threats, assess risk, devise remediation plans and implement the ticketing process. NeXpose builds a vulnerabilities knowledgebase and models potential attacks. The reporting capabilities aid compliance with government regulations and corporate security policies. Rapid7 offers a line of three appliances in addition to NeXpose software.

Pricing for the NeXpose appliances starts at $14,000 for 64 IP addresses.

Computer Associates offers six integrated Protection Suites, all aimed at organizations with 500 or fewer users. The suites include the same basic services--anti- virus, antispyware, server backup, desktop backup and data migration. Server-only, client-only, and centrally managed data suites are available, as are comprehensive suites for Microsoft Small Business Server Standard Edition and Premium Edition, and Windows Server 2003 Standard Edition.

Starting prices range from $325 to $7,000 for a five-user license, depending on the suite.

GraniteEdge Networks' Enterprise Security Platform (ESP) is an appliance-based secu- rity analysis tool that inspects network traffic to build patterns of anomalous behavior and reveal attacks, particularly untraceable network events including zero-day exploits and low-and-slow attacks. ESP passively monitors network traffic, recording, analyzing and showing relationships of every interaction between nodes. Over time, it builds a baseline of normal activity, depending on what it has seen on the network rather than predefined patterns or thresholds.

ESP pricing starts at $120,000.

Imperva's SecureSphere Database Security Gateway inspects SQL calls, building profiles of user/group activities and "query groups" based on the type of query. Policies are highly modifiable, and rules and exceptions can be based on users/groups down to the individual table level. The gateway can generate detailed and flexible audit information, and supports MS SQL Server, Oracle, Sybase and DB2. A common console correlates information from disparate databases, and can manage both the gateway and Imperva's application firewall through a common interface.

Pricing starts at $30,000.

Utimaco Safeware's SafeGuard PDA Enter-prise Edition protects data on portable devices, including PocketPC phones. Enterprises can encrypt data on devices, in memory and in transit, transparent to the user. Biometric, PIN, password and symbol authentication are all supported. Optionally, Bluetooth, WLAN, infrared port and phone capabilities can be blocked by central management, as can ActiveSync with unauthorized devices. Central management controls via Microsoft Management Console include security settings, encryption and password rules.

Pricing for SafeGuard PDA Enterprise Edition starts at $87 for a single-user license.

Guardian Digital's EnGarde Secure Linux: Community, a free version of its open-source security suite of application, includes Web, e-mail, DNS and FTP capabilities, gateway firewall, network and host intrusion detection, remote system access and management, system auditing and reporting.

This was last published in January 2006

Dig Deeper on Web application and API security best practices

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.