SCOTTSDALE, Ariz.—Enterprises looking for emerging ways to secure their infrastructures and their assets were introduced to several new products at the Demo@15 conference here last week.
Like last year, Demo was again a proving ground for vendors trying to create buzz around security and compliance technologies ranging from a single-sign-on solution from Imprivata Inc., to Audiotrieve LLCs OutBoxer, which analyzes outgoing e-mail messages to reduce liability.
In its 15th year, the Demo conference has served as a launching pad for companies such as Salesforce.com Inc., Microsoft Corp. and E-Trade Securities Inc. Products such as Tivo, the Java programming language and the Palm Pilot also emerged from this show.
A number of products showcased this year focused on ensuring that only the right people can access corporate assets. KoolSpan Inc., for example, demonstrated SecurEdge TrustChips, a smart-card-based network security system. Once embedded into a device such as VOIP (voice over IP) gear, servers or gaming devices, TrustChips can secure communications—either wired or wireless—by implementing two-factor authentication and 256-bit AES (Advanced Encryption Standard) encryption. KoolSpan is based in Bethesda, Md.
Looking to make access to applications easier for users, Imprivata, of Lexington, Mass., introduced OneSign, an enterprise-class single-sign-on appliance that allows IT organizations to give users access to an array of applications using one user name and password. The product integrates with authentication methods such as strong passwords and ID tokens.
Still, it doesnt matter how locked down the front door is if applications arent secured. A Web application attack two years ago that cost Cenzic Inc., of Santa Clara, Calif., CEO John Weinschenk more than $500,000 was the impetus behind his decision to create Cenzic Hailstorm 2.0, an application vulnerability management and policy compliance solution launched at Demo. Hailstorm 2.0 automates the process of application penetration testing by emulating hacker behavior and assessing the vulnerability of applications.
“Automated vulnerability testing is cost-effective but not necessarily very reliable,” said Chris Shipley, the executive producer of the Demo show. “Manual testing is reliable but not very cost-effective. This product is able to prevent vulnerabilities in Web-based applications.”
Next Page: New products focus on compliance.
Demo: Security Rules – Page 2
A number of products introduced also focused on the ability of corporations to ensure compliance in areas ranging from the Sarbanes-Oxley Act to internal human resources policies.
For example, Fortiva Inc., in Toronto, announced the Fortiva Archiving and Compliance Suite, an e-mail archiving and compliance product that enables enterprises to manage their e-mail and meet compliance regulations at the same time. The hosted solution integrates with Microsofts Active Directory and Exchange. The message archiving solution addresses data privacy by enabling users to encrypt and index data—using Fortivas DoubleBlind Encryption technology—before sending it to Fortivas network for archiving.
Another product that may help keep enterprises out of hot water is OutBoxer 1.0, from Audiotrieve, in Boxboro, Mass. By using advanced language technology to analyze outgoing mail messages, OutBoxer can ensure e-mail doesnt violate privacy or harassment laws and that messages meet government regulations such as HIPAA (Health Insurance Portability and Accountability Act) and the Gramm-Leach-Bliley Act.
Cloudmark Inc., in San Francisco, introduced a beta of Cloudmark SafetyBar. The solution, which supports Microsoft Outlook and Outlook Express, provides users with a rating that gauges a Web sites trust based on feedback from a community of more than 1.2 million Cloudmark users.
“This company, known for smart anti-spam technology, is now taking that and applying it to e-mail fraud,” said Demos Shipley. “While we tend to think [e-mail fraud] is affecting individuals, it costs corporations a great deal of money and time.”
The Cloudmark SafetyBar for IE is in beta and will be widely available for free next month. The beta is available at www.cloudmark.com/iebeta.
Anne Chen is a senior writer for eWEEK Labs.
Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.