Products

RSA Netwitness

Prevent business disruption, safeguard intellectual property and protect shareholder value with RSA NetWitness Suite. CISOs across industries depend on our comprehensive, U.S.-government accredited advanced threat detection and cyber incident response solutions to:

See data across the modern enterprise, whether on-premises, virtualized, or in the cloud.
Empower analysts to be more productive, and resolve threats better and faster.
Integrate with risk management processes and tools to deliver Business-Driven Security.

Benifits:

• Provides unmatched visibility into cyber threats lurking across an organization’s entire IT environment, from on-premise to virtual and cloud.
• Brings best practices and industry standards from NIST, US-CERT, SANS and VERIS to security operations centers; ensures response processes comply with corporate policies and regulatory requirements.
• Slashes the number of incidents to investigate while yielding more accurate alerts, minimizing false positives, and eliminating the “noise” stemming from traditional security monitoring systems.

Cyber Ark

The CyberArk Privileged Account Security Solution is an entire account management platform that combines a password vault with strong controls and real-time threat detection. It provides solid privileged account management and security.

The tool is built with the foundation of a secure vault and master policy with several modules, such as the Enterprise Password Vault, SSH Key Manager, Privileged Session Manager and Application Identity Manager, among others loaded onto the platform. The final layer is a privileged threat analytics engine that uses behavior-based analytics to determine unauthorized access in real-time.

This solution is a software install onto a server that is either virtual or physical. The vault installs separately and is recommended to be on a physical server. After install, all management is done through an intuitive web-based management console and it can integrate directly with Active Directory to pull in users, groups and systems to be managed. From the user side, the web-based user interface is simple and easy to navigate. Users' most employed connections are prominently displayed in a favorites view when the user first logs in. All sessions are easily launched using native applications, such as the Microsoft Remote Desktop Client or by using RemoteApp.

BlueCoat

Blue Coat empowers enterprises to safely and quickly choose the best applications, services, devices, data sources, and content the world has to offer, so they can create, communicate, collaborate, innovate, execute, compete, and win in their markets.

By using Blue Coat’s proxy architecture, enterprises get the highest level of web security possible, and an ideal environment for integration with the latest advanced threat protections from across the industry. ProxySG works seamlessly with the best-of-breed technologies, including dual anti-malware engines from a variety of vendors, the latest blacklist and whitelist engines, static code analysis and sandbox brokering found in our Content Analysis System. This empowers your organization to take advantage of many third party security technologies in an actionable way, versus being traditionally deployed as passive inspection technologies.

McAfee EPO

EPO stands for ePolicy Orchestrator, an integrated security software program designed to integrate the numerous security programs used by companies. McAfee ePO is created to provide real time monitoring of security programs by providing an interactive single console that allows the user to configure each security program. McAfee ePO is security management technology that improves protection and the reduction of the threats corporations face. McAfee ePO makes it easier to protect entire networks, providing the ability to integrate services such as Web browsing and email across your organization.

The McAfee ePO offers a web based console that can be accessed from any computer this eliminates the need to install the software on multiple computers. Because the McAfee ePO is Web-based the dashboard opens in a browser, reports are created and accessed easily and users can customize the dashboard according to need. Managing systems is easier as McAfee ePO improves the usability of directories through synchronization. Automate and create actionable reports as well as export to the required formats for distribution and ease of access. McAfee ePO makes it easier to update security policies and stay in touch with the ongoing security changes.

Guardium

IBM® Security Guardium is a comprehensive data security platform that provides a full range of capabilities – from discovery and classification of sensitive data to vulnerability assessment to data and file activity monitoring to masking, encryption, blocking, alerting and quarantining to protect sensitive data.

Guardium helps secure sensitive data across a full range of environments – from databases to big data, cloud, file systems and more. Guardium also provides automated analysis to quickly uncover internal and external risks to sensitive data. The solution also easily adapts to changes in your IT environment – whether that includes adding new users, requiring more scalability, or adding new technologies.

• Discover and classify sensitive data – and uncover compliance risks – automatically
• Know who is accessing data, spot anomalies, and stop data loss with data activity monitoring across files, databases, Hadoop distributions, NoSQL platforms, and more
• Analyze data usage patterns to rapidly uncover and remediate risks with advanced, automated analytics and machine learning such as outlier detection
• Shield the business from liability with automated data compliance and extensive audit capabilities for data at rest and data in motion
• Protect critical data through encryption, masking, redaction, and dynamic blocking and alerting
• Support your entire data protection journey – from compliance to end-to-end data protection with the same infrastructure and approach
• Reduce costs and improve results using a single data protection infrastructure for your entire environment

HiPAM – Hitachi ID Privileged Access Manager

Privileged Access Manager secures access to elevated privileges. It eliminates shared and static passwords to privileged accounts. It enforces strong authentication and reliable authorization prior to granting access. User access is logged, creating strong accountability. Privileged Access Manager secures access at scale, supporting over a million password changes daily and access by thousands of authorized users. It is designed for reliability, to ensure continuous access to shared accounts and security groups, even in the event of a site-wide disaster.

Privileged Access Manager grants access to authorized users, applications and services. It can integrate with every client, server, hypervisor, guest OS, database and application, on-premises or in the cloud.

• Discovers and classifies privileged accounts and security groups.
• Randomizes passwords and stores them in an encrypted, replicated vault.
• Requires strong authentication before granting access.
• Enforces pre-authorized and one-time access policy, to grant temporary access to privileged accounts and security groups.
• Launches login sessions automatically, through browser extensions and temporary SSH trust.
• Eliminates static embedded and service account passwords.
• Logs access requests and sessions, including video capture and key-logging

PingFedreate

PingFederate, Ping Identity's enterprise identity bridge. PingFederate enables outbound and inbound solutions for single sign-on (SSO), federated identity management, mobile identity security, API security, and social identity integration. Browser-based SSO extends employee, customer and partner identities across domains without passwords, using only standard identity protocols (Security Assertion Markup Language—SAML, WS-Federation, WS-Trust, and OAuth).

Federated identity management (or “identity federation”) enables enterprises to exchange identity information securely across domains, providing browser-based SSO. Federation is also used to integrate access to applications across distinct business units within a single organization. As organizations grow through acquisitions, or when business units maintain separate user repositories and authentication mechanisms across applications, a federated solution to browser-based SSO is desirable.

This cross-domain, identity-management solution provides numerous benefits, ranging from increased end-user satisfaction and enhanced customer relations to reduced cost and greater security and accountability.

Syslog-ng

Syslog-ng is an open-source implementation of the syslog protocol for Unix and Unix-like systems. It extends the original syslogd model with content-based filtering, rich filtering capabilities, flexible configuration options and adds important features to syslog, like using TCP for transport. As of today syslog-ng is developed by Balabit IT Security Ltd. It has two editions with a common codebase.

• The ability to format log messages using Unix shell-like variable expansion (can break cross-platform log format compatibility)
• The use of this shell-like variable expansion when naming files, covering multiple destination files with a single statement
• The ability to send log messages to local applications
• Support for message flow-control in network transport
• Logging directly into a database (since syslog-ng OSE 2.1)
• Rewrite portions of the syslog message with set and substitute primitives (since syslog-ng OSE 3).

FireEye

FireEye cyber security products combat today's advanced persistent threats (APTs). As an integral piece of an Adaptive Defense strategy, our state-of-the-art network security offerings protect against cyber attacks that bypass traditional signature-based tools such as antivirus software, next-generation firewalls, and sandbox tools.

• Email Security: Defends against email-borne threats such as ransomware, phishing and malicious links and attachments.
• Endpoint Security: Detects threats and exploits against network-connected devices.
• Content Security: Detects and blocks malware in network file shares.
• Threat Analytics Platform: Provides actionable alerts on real threats based on log data and FireEye Intelligence.

Rapid 7 nexpose

Rapid7’s on-premise vulnerability management solution, Nexpose, helps you reduce your threat exposure by enabling you to assess and respond to changes in your environment real time and prioritizing risk across vulnerabilities, configurations, and controls.

Data breaches are growing at an alarming rate. Your attack surface is constantly changing, the adversary is becoming more nimble than your security teams, and your board wants to know what you are doing about it. Nexpose gives you the confidence you need to understand your attack surface, focus on what matters, and create better security outcomes.

QRADAR

IBM® QRadar® SIEM detects anomalies, uncovers advanced threats and removes false positives. It consolidates log events and network flow data from thousands of devices, endpoints and applications distributed throughout a network. It then uses an advanced Sense Analytics engine to normalize and correlate this data and identifies security offenses requiring investigation. As an option, it can incorporate IBM X-Force® Threat Intelligence which supplies a list of potentially malicious IP addresses including malware hosts, spam sources and other threats. QRadar SIEM is available on premises and in a cloud environment.

• Sense and detect fraud, insider and advanced threats
• Perform immediate event normalization and correlation
• Sense, track and link significant incidents and threats
• Deploy QRadar SIEM on premises or in cloud environments
• Quickly and inexpensively add more storage and processing
• Provide enforcement of data-privacy policies
• Bring in threat intelligence expertise from IBM X-Force
• Enable threat-prevention collaboration and management

F5

F5's BIG-IP depth of understanding about your network’s application traffic and control over how it’s handled. It transforms the chaotic volume of network traffic into logically assembled streams of data, and then makes intelligent traffic management decisions, selecting the right destination based on server performance, security, and availability.

Local Traffic Manager (LTM): Local load balancing based on a full-proxy architecture.

Application Security Manager (ASM): A web application firewall.

Access Policy Manager (APM): Provides access control and authentication for HTTP and HTTPS applications.

Advanced Firewall Manager (AFM): On-premises DDoS protection, data centre firewall.

Application Acceleration Manager (AAM): Accelerates and optimizes application performance through technologies such as compression and caching.

IP Intelligence (IPI): Blocking known bad IP addresses, prevention of phishing attacks and botnets.

SiteMinder

SiteMinder is a centralized web access management system that enables user authentication and single sign-on, policy-based authorization, identity federation, and auditing of access to Web applications and portals.

Liferay has out of box SiteMinder integration as of version 5.1.2. The integration is based on CAS integration and only supports authenticating with screenName. It also knows how to properly terminate SiteMinder session. SiteMinder is usually connected to a LDAP so this integration is also able to import users from LDAP.

McAfee ESM

McAfee Enterprise Security Manager provides continuous visibility into threats and risk, actionable analysis to guide triage and speed investigations, and orchestration of security remediation.
Prioritized alerts surface potential threats before they occur while analyzing data for patterns that may indicate a larger threat. Built-in security use case content packs simplify analyst and compliance operations.

IBM Resilient

Respond to incidents faster, more efficiently, and more intelligently with the IBM Resilient Incident Response Platform Enterprise

IBM Resilient’s mission is to help organizations thrive in the face of cyberattacks and business crises. IBM Resilient helped create the market more than five years ago by building the industry-leading Incident Response Platform.

By using the Resilient Incident Response Platform, security teams can create a central hub for response that orchestrates the full response process dynamically, enabling faster, more intelligent response and mitigation. The Resilient Incident Response Platform (IRP) is one of the industry's only platforms that enables complete incident response orchestration across people, process, and technology.