As security attacks continue to increase, security management software makers are delivering more products they say can help customers better identify threats, process data and prepare networks for potential trouble.
Software from companies such as GuardedNet, Q1 Labs, TriGeo Network Security and Visionael is not designed to secure networks as a firewall or intrusion-detection system (IDS) would, but to help IT staff automatically manage those multi-vendor security devices and make intelligent use of the data the devices produce.
"Security management products do a good job of more quickly answering the question, 'Now what?'" says Pete Lindstrom, research director at Spire Security. "Security managers need an integrated, consolidated view of their potential vulnerabilities. Today's security management is still reactive and piecemeal."
GuardedNet next week is expected to announced upgrades to its neuSecure software, which provides a centralized view of security devices across a corporate network. The software has been upgraded to also give users a security dashboard that lets managers view events from multiple devices in one portal.
GuardedNet competes with ArcSight, e-Security and NetForensics. Each provides products that automatically collect security events from disparate devices and correlate the data to reduce the number of false alerts and deliver more intelligent security events to security managers. Because the language of security events and alerts varies from vendor to vendor, software such as neuSecure normalizes events. That means the software translates Cisco and Check Point alerts, for example, into a common format so the data can be correlated to determine the potential risk.
GuardedNet will face new competition from TriGeo, which plans to upgrade its Contego software next month. Contego, a centralized security event management platform, includes expanded policy coverage for more than 275 security event types and thousands of signatures. TriGeo says the latest release will address small to midsize companies looking to manage security data across their networks.
Visionael, a maker of asset and inventory software, next week is expected to introduce its Security Audit software that performs vulnerability scans, correlates potential risks and automates filling security holes. Company executives say the software can pinpoint the source of a security breach sooner than a security administrator could manually.
Q1 Labs last week upgraded its QVision product to identify application content in Internet and internal network traffic to identify patterns and prevent intellectual property security breaches.
Lindstrom says customers remain skeptical of management tools being able to tighten security on their networks, but the software can reduce the time it takes to filter through security logs and find meaning in the data.
He says security management tools can help IT managers determine if a security event is malignant or benign. But enterprise security managers still rely most heavily on antivirus software, firewalls and access control tools to secure their networks.