Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


CA Move Takes on IT Risk, Security



 By: Brian Prince
2007-10-05
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
CA pulls the covers off two products to help organizations manage risk and compliance.

CA took another step into the IT risk and compliance market Oct. 4 by unveiling two products—one still in beta—aimed at helping organizations meet business-critical governance, risk and compliance objectives.

CA Security Vulnerability Manager, now in beta, is the companys bid at ensuring organizations can identify vulnerabilities in software and configuration settings as part of an overall risk management strategy.

"CA SVM runs an asset inventory service on the host that provides the details of all software—down to release and patch levels—installed on that host," said David Hurwitz, CAs chief marketing officer for its Clarity products. "It then correlates that asset data with our vulnerability database. Vulnerabilities can be identified in operating systems, applications, devices and databases."

Resource Library:
Scans can be set to run on a schedule or on demand from the management system, Hurwitz said.

"The outcome is a risk-prioritized task list that allows the security team to focus their remediation efforts on vulnerabilities that present the highest risk to their organization," he said.

CA has a tool that fights zero-day exploits. Read more here.

CA also unveiled CA GRC Manager. Built on the companys Clarity PPM platform, the product combines project, resource and financial management capabilities into one system.

"It provides visibility into the resources needed for and the costs associated with compliance of a particular control and offers the ability to view all of this information in a single solution," Hurwitz said.

CA is the only company to offer a visual portfolio-based approach to IT risk management, rather than the tabular-based approach offered by competitors that fails to provide customers with a singular view of the facts required to efficiently manage risk, he added. The approach will be integrated with CA SVM so information about controls related to system vulnerabilities can be passed to GRC Manager without having to be uploaded manually.

CA GRC Manager also allows users to align their IT risks and controls with specific corporate policies and regulatory and legal requirements. The product includes the Unified Compliance Framework, which maps a set of more than 4,000 control objectives to 280 standards and regulations including the Sarbanes-Oxley Act and PCI.

"Every organization knows that it has serious GRC [governance, risk and compliance] issues, but no organization has unlimited resources to devote to those issues," said Richard Ptak, managing partner at Ptak, Noel & Associates, in a statement. "The tools that CA is providing to help managers maintain alignment between resource allocation and business risk are therefore extremely crucial to the success of its customers GRC initiatives."

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.



  Reader Comments: CA Move Takes on IT Risk, Security
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Brian Prince
 


x}r㶲s\@♵MR-ƶ,8:U*$ɐm%g~u~|.d3S%lh|Gλ$i9cr3ݩkj΢.w߽ ![f8iTE[ ]ߤ~Am;t =4mFNHB~}@~sfwD%x_'Щѩ&€wɄZIКؕ>}~qlv .pvLQm5xuGpnFA|QCѺQQy$pm<$Q}# QTLNZ]@ZSˆ辥{$)5< \g4"1lp2rH n>, шyiVpA'ס,jO`U[۾xwgy@ffrt KJzcnć!LjZ L|:j/EӝF3l˸-:4 PS+}(Z+{1ك;ho>;W)EsvU ! mݹඒk%ms|uO}~N6ox9vtx/ȯ0wFD_jQEVKi/LZHWP u.jzQҏ[F-_ Kj%ɥ~hY̞o fV҈ 'UUX:lji_Wם^gGם)7b٘XC ji@U$\]FHwAբsyҽ59i{H ݙOtHM Wh:s0+N[_nG_C燩M[CEC0ʾ~Fb{|&޺xt9&IoJDz|?!/ !}_w nr@ i/],,Y`M`IpL2Xc]N2ߜ>o4C+D_x0Nu>cfI5 (,eg MH5Ŧ]`)exFS{m̗W/b`(AK/g ڊ5t*転(if1;A0<^f&/_\D 1 p 3d{".ӰervZn֖͉*YX[u5jZlY?iYwθyn?^OH{⧋vzǫ$ # EHYf7-vI09긦ժ+YEe_U^q-Aqb2B c=&M:gvXY8`;}JwϧԴfPwӈ<: M/G˥yf1@ Lna 8V8; u#uә=U45(h`GI l"&q3)к`&oAY@[SaP#[ѽ:z?@6 =2/?>fCxwݐ,P}@=XS9;ݲeǀԜ:0$w2J}#>] #RRR$S]Pv9DB B!B0 HV(V쎄J9mW*LOD:Rt{B#RyM4aGe-n^ d3#Cdd0U Q򍜘e{4l` -z'$': 5$!.*T*|zS.z8؍8r!O5kb$`CO eg puYKnuo?յ݋pz9Tۥi]hk%R?!d[}aa6E]QYRKPD@BR) ҊiY^`(tMLТg?mM `5}pöV/UKW+@-tX)Z-a5sV@6d@7h`?L DlVCax5ZǮAwm<_D.>q  cp6X2ĂM ' [BSjj3Ä烄7@ƅ/Љk`{:ߟ{ ҋCמO=Kwaﴽ.J-.jFh>n GC=1ɉV*a0Y6؋T,{}ݛtļZA_@iTW+JIUӨckLĽf2,rGmAuF֝9BQZ>-B.,g \jpj ZLpsAqA0,]y.*?wVV0\n}єa˘;|qףm*IHrIQ)kMf9oLq3 iȐ0ҁq_HEy[kpp\U.)L,:z  [ Hg [QzoSCz+n @zK& GqӞrVyCfYa0K=y2kR^K? aYjP3)'@S,f0Ɓ;T|Moũ1FtYJo/m^J39X>>: '012& z-Cv0 ʌJ4dP.Q8ufjtiﭢz8_n'?:!sԳлMklsGq3`S"mLtu_+'E&GlE6Xil q ivK|g~Gq{?I jf?}T*JZӳ(*+H@:erz埍8jKCwUU^SG;:&ߐ@hO ]k8ỨbRvQLv迌2KGɭTSV8<V6ZZaoaqVZF3HU5dEM#/ ސOZ[GC^$}#W>U ˏPU*J5yVp8{Rn?mVVW`j-Y2ǽa n.E[& 4˷ʨKu-,sK"hJg؋_r[rn)ty4ņ5ѣ(4CrK{]w޺\8c̞ÒfFs,.ҞI"G: -e4Cnƭj}U]%T/IjYxn:0nȘُYD[x$tpM\&B05AE6vkIV~ZgZq t(+?wHIcԧ˾tں>3>&(=~f?Н :uaAvY?0+οH iïRX|xxy"u.Zlb4 LAIP 4t=$!&}ׇ́{5geUs^Fۧ(F@FusѺ~߹_>wQCr޹lK^'+֓!w"yKrBVë=uti)qfm2XG<2u\8$ D8 m̀@ c^9`B4c-MgSA0u0aVxyF_aݪ,$"0) Iku:=>   cJ=!Vo8[#Y9LB `E/ԩ #ADrIGzZFijqʼnπ/`Ea1:*:{_Qkᷜo5?Oů1Ok7tAh[(ktNz< \1[iN:|"=Br^'18;=h1Iec]Zqm} zs@&iR'D[3pq*hKhwIe ޜ,Hu9Ym@yjZӽM3%[/GGX ;[ .ViH_8_`w[",G7<mt!}6PR4jշΫV~DC6OY̓`(9+rq]ȩ_uwX̧{E~"rFntL7ÝԎ+^@(NEVu2kx'_YN.t0o 89]cΓdtWcT1;>^h9GR r0&xf&4NlEwy'("KxQESrc]O}0]vY8zd2 ,f}x3D?.yiҒ91>onR;-4z4ݷP%( >I.=]awQ;]x͞6vYiEU9.r\ -"nǸZYཤ|>O90)7=E$/Af} mD.Ekg[D:*tcxO||ng~‡i<&Kmxm`1 \VOSf,GtB`ΐ6acy_>EYC`Qu6m4/хVaЩ890w@t {JXwDru$$xwuc|YxN]t +-cyk!]ÝH60>r]+0Iٛ4@o΂W 9p#b5`yk I.eJ&yR3 oReLZ<:,˰93^-$fI^#M\`]*iY3޵8kg:&%ā0 8+8bS&60K* / N5VJn,גrMejJd^I?xG^\Uk{K‚tJ xJi"9֤ucHH,o§/rc4PllP<^&Tv3吆F#Ϥ'٠< qsIfReeBąLSURgEtݢI"~`$= ,BHlh $3蛯;~Imex邟Af$@Y&D#Y?K`ɞl8nI@c xbǃs)%&BxP< db^"vqD ,M;&hp2@ً1eXMSrYkAXO%,*6z[R4IUަ搭tAl~2루855ϴ^}`vL TͧP5REHVLBQ' 8N8T1עWRNDEsW@U)R3U$ZW1febO,@hLI%gTexDp2# b0re$eL,zGA+fةhf3[C&}wCY -LM1վ Tߐ<"4ٞ3~#J) "WF>O$z!g`&6usR‹D?ex%i0'>Y ')_!|1Pi%ֱs; rM-'L朚㉶^=E 4ꆔb^O *-pb:P{Ew&$P Q@% T"~=rxZ'LRZ5b:W=LN?xm *Lxt/ųrHxUh~9];ɣi''''rd]Q*_{rm;Ew;UV֕k`4K_JWZ̴ܿ8*&[=B!uN(_f&.ztD\_*nE#[?ڢw 0쩊ˉ՜GƤYS1kfg<@*u?u؍ OmҁOC-ܼe,k7MuRی$OS*3 xwm NbAm3#mz^CGJk&t];xVy ۭk+mLt!W8OX_q=o7ݝC57:QSId ;v:bOnH OWp찌s?17w҂LЭq0e_F ?'3*Omt{&`6 jUwZE=4|/]YkJMU0}jfo,V #Y\ko\=g`ҧE2jɣv#/'#wyKjfmݷD  kPу%S;M}kOa\gV(؛L~v/[aD1ǖC0ۏUKzt׳c,܁; ٩k qL/XC@W&Hm#nAMXtɰO}NL톫$õ6nOt@EP]'Qx9~:h1tVpWlfm>ڊRo4Jv (ALO@99ݱ=X :Iϣb?6b~m>+sYu?x#jϊ/P]Lm5jjGh-hdti25q{)<1^*Z@(YYr' o.'>Tov/>VHՕݷoh}extJ"茯r[-%^iB#:&)0* >hwAG>p<|SR=U%=hp ̋(HKt4*:a>m;ȭ*2zވqp5: roEVIv# ,@E슍BcKG" p77V\oz~}C@>ܝ^Z<+uh }i 0: _CRO⺢t-,a]ĵ0!(V?fC.7,M}C< l  \ZP4eϷF}+% cDTw.sOaHP=SabX"`Z1ֈQ(Vpxi|wv$"&(9a kE$06kFII!5Q"U5,ǰgL#|- R"1K{Ss9zKqE Ļ.W@tQř[.z=,D "}fA=bAa~L#[C1P/Rfjs# a/xGƋZ4`y.Yef xpƧX<>we~t:& Z!f 5KfltQQ({b:M u?.t,nNL rH$`x=9~ita~X{dO 0 Ka1c~Po֔J$2 >(%3ʰLXU+ʗJͪW2qJV J`xFA dhz߃;cHIPʵ?ѝ?5iv>;WNϻ7x Zѷhlԭs=|ܽ|ڹl_]w.&hL湾xQ(X7KGYFufvʌTN:c.ͅdUx,ys9,tG_1}4ev3#U6üjWzuL[ǼCOA~iJjm8Gj:ٙEG]3G 98nzVh9n0CP܄ @1@C|k{.4#z_m99B9P~sʻP)GJ/?sʏx})4?s#\_~)4:;'f$g:9NN? Py}9?ρڮy3?0_<ߋ^~.rsE}^}^'e/?A3(?)#/ra~/s2.a.s # _9 *>~s匿匿ϡ/P@_s+}'ߧ@M^9M@79_ZIRVpv*esS^)4rRy~ )P9P#Ϫ z2*RϜW~>'{'sg#q$]a芫-5nk ǤZu36 4xW /Byeo2#AQFgG6+.ȭ-'Hl]= g%%x=0?Mu{2پWߕ\~UnE+tq2<#s"qDZJ5BfaO@DUω(s#h0 .Ǒr剹?|K2YwI8> { pm`LeW-Ah0.: 7W=Mv\ڎwڝGf{ueePsvdmo߆rH_':+;PxZLܸpoQ^" #"@>u VqF`^u= !:i>[x9c6Du_,mBfH6T<'u~m't^`iB0H'!^) T`a\m8k]ȦL/u 11njq=M-̸2_bva]3&2A o§On3 &ycƠֽT#iZc7Xn΄`ð@n=,6"4Σof۞35t[/~m@-\Yƶp1d`6gG|םۈ^ufpɯ RO^ێ6DpK ;6  b2Oty'0<_Ox''4WB)*3Up& i#:4%.mo+N甽aCm+F2}jSo:h}r;W3eƂ)møL]Px_IpaHzBG=Xϑt(E,Ma-fY{6Dπj gyyU (p6d+p <Щ1T\bգJʶ)E9b릍\ ѨipKTؖE'nd3^m'oymDmY>mЍ5O1ngNbk*χŀ𞭞{̾^f#9uVOR6ȴ{ ePCik5ZK (Dq] XâȖWITR6!;دD?8- ciĬ ;fcXJ ,oԟN*)Asa#El [ApN7WmsS<"YÐy6xL -2VjwVVtƦI21qz륍.yQ'b"mR? ۔̡r&s.c MW\e\)֦O*L +&|&R2ֱeRZ`l/Z6w?BL^)