Demo: Security Rules

By Anne Chen  |  Posted 2005-02-21 Print this article Print

Conference highlights protection, compliance products.

SCOTTSDALE, Ariz.—Enterprises looking for emerging ways to secure their infrastructures and their assets were introduced to several new products at the Demo@15 conference here last week.

Like last year, Demo was again a proving ground for vendors trying to create buzz around security and compliance technologies ranging from a single-sign-on solution from Imprivata Inc., to Audiotrieve LLCs OutBoxer, which analyzes outgoing e-mail messages to reduce liability.

In its 15th year, the Demo conference has served as a launching pad for companies such as Inc., Microsoft Corp. and E-Trade Securities Inc. Products such as Tivo, the Java programming language and the Palm Pilot also emerged from this show.

A number of products showcased this year focused on ensuring that only the right people can access corporate assets. KoolSpan Inc., for example, demonstrated SecurEdge TrustChips, a smart-card-based network security system. Once embedded into a device such as VOIP (voice over IP) gear, servers or gaming devices, TrustChips can secure communications—either wired or wireless—by implementing two-factor authentication and 256-bit AES (Advanced Encryption Standard) encryption. KoolSpan is based in Bethesda, Md.

Looking to make access to applications easier for users, Imprivata, of Lexington, Mass., introduced OneSign, an enterprise-class single-sign-on appliance that allows IT organizations to give users access to an array of applications using one user name and password. The product integrates with authentication methods such as strong passwords and ID tokens.

Still, it doesnt matter how locked down the front door is if applications arent secured. A Web application attack two years ago that cost Cenzic Inc., of Santa Clara, Calif., CEO John Weinschenk more than $500,000 was the impetus behind his decision to create Cenzic Hailstorm 2.0, an application vulnerability management and policy compliance solution launched at Demo. Hailstorm 2.0 automates the process of application penetration testing by emulating hacker behavior and assessing the vulnerability of applications.

"Automated vulnerability testing is cost-effective but not necessarily very reliable," said Chris Shipley, the executive producer of the Demo show. "Manual testing is reliable but not very cost-effective. This product is able to prevent vulnerabilities in Web-based applications."

Next Page: New products focus on compliance.

As a senior writer for eWEEK Labs, Anne writes articles pertaining to IT professionals and the best practices for technology implementation. Anne covers the deployment issues and the business drivers related to technologies including databases, wireless, security and network operating systems. Anne joined eWeek in 1999 as a writer for eWeek's eBiz Strategies section before moving over to Labs in 2001. Prior to eWeek, she covered business and technology at the San Jose Mercury News and at the Contra Costa Times.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel