Feeds:
Posts
Comments

Posts Tagged ‘Network’

Giving you a better picture of your Data

It was Ronald Reagan who said “Information is the oxygen of the modern age” and although it was at a time where virtual data was incomparable to what it is now – it has only become more evident how true those words were. In 2010 Verizon’s Data Breach Investigation reported an astounding 92% of all records comprised stemmed from database breaches (which comprised the majority of breaches at 25%), a marginal increase from the 2009’s 75%.

Organizations store data ranging from customer records (credit card numbers, billing information), employe records (salary, PII) and finances (revenue, assets, proprietary data). All of which is highly damaging if in the wrong hands. All of this makes it a highly enticing target for malicious attacks. With the increasing complexity of databases and applications directly interacting with them leading to the people responsible having no idea where their databases are or how secure their configurations are. Another issue on the rise in recent times is the greater demand for uptime of services leads to organizations holding off on patching vulnerabilities in favor of meeting up-time goals.

dbss

McAfee’s Security Scanner (DSS) aims to alleviate the headache for database personnel by providing three key features. DSS acts as a tactical database scanner seeking out database throughout the entirety of your network ensuring a global picture is developed. A clear view into the organization’s security posture with the capabilities to thoroughly check for over 3,500 vulnerabilities, and lastly to provide actionable data to address discovered risks.

DSS’ ability to discover databases provides an unmatched ability to not only seek and discover, but to highlight areas of key critical data such as PII, in-depth information about patch status, and security compliance levels. Its reports are built upon the concept of “less is more”, providing detailed priority levels of each threat based on advice from experts in the database security audit field combined with fix scripts wherever possible.

The entirety of these features are made available through a detailed centralized database browser allowing users to concurrently view hundreds of databases saving hours of work.

Advertisements

Read Full Post »

Simplifying Network Audits

The task of conducting a full network audit has always been a daunting task to any network related personnel. Nipper is a solution to this problem; it aims to painlessly assist in conducting a network audit through automated configuration vulnerability analysis and an agent-less solution. It triumphs over traditional methods such as penetration testing (A thorough but costly and slow process), agent-based (Software must be installed in each device to be tested which is not always possible), and Network Scanners (can cause networks to be bogged down due to the large amount of probes required).

Nipper2

Nipper’s reporting features allow for an audit to be generated that is tailored specifically to what the end user needs.

  • Personalize reports with your company details so all reports are generated automatically with your company’s name, logo, report naming policy

  • Rate with the default Nipper standards or use CVSS (industry standards vulnerability rating). Customize your environmental variables based on priorities (Low to High) – Confidentiality Requirement, Collateral Damage Potential, and more.

  • Exclude whole Issues (EG. Users with Default Passwords) or specific Devices from an issue.

  • Notes for specific issues

  • Save only what you want to save – specific report sections (EG. Filtering Rules) or entire tables (EG. Security Audit Table)

Reports generated contain information that technical staff can utilize to mitigate the issue and graphical information management can digest easily.

nipper1

Such versatility and cost saving is the reason Titania’s Nipper Studio claimed both Computing Security Awards – Network Security Solution and Enterprise Security Solution of the Year in 2012 against well established competitors such as WatchGuard and Fortinet.

Read Full Post »