Enterprise Resource Protection

Entries in this category are designed to ensure that IT data and computing resources are used only by authorized personnel in approved ways. As in previous years, this was a large category, with almost 100 contenders vying for enterprise IT mind share and dollars. The two finalists and winner emphasize proactive security defenses, helping to ensure that vulnerabilities dont degrade into full-blown problems.

WINNER

FoundScan Vulnerability Management System 2.5

Foundstone Inc.s FoundScan Vulnerability Management System 2.5 stood out for its ability to maximize precious human resources. The enterprise security scanner can scan millions of IP addresses and tens of thousands of devices a day, looking for unpatched or newly added systems. When problems are detected, FoundScan takes the critical next step of problem documentation and remediation. It generates a trouble ticket for the security warning (a custom API is available to integrate these tickets into help desk systems), and the ticket cannot be closed until a subsequent scan of the same system verifies that the applied fix was correctly applied.

FINALISTS

InterDO 2.5

KaVaDo Inc.s InterDo 2.5 Web application firewall rose to finalist status for its ability to protect Web applications from a wide variety of attacks. Like StormWatch, the other finalist in this category, InterDo does not use signatures but instead dynamically monitors Web application usage to detect illegal or invalid HTTP requests. The program tracks Web client activity and blocks any requests that are not already known to be possible valid responses to any particular Web page. InterDo automatically checks incoming HTTP form parameters to look for possible attacks and has the ability to dynamically inspect SOAP Web service calls to block suspected attacks.

StormWatch 3.1

Okena Inc.s StormWatch 3.1 was selected as a finalist for its ability to protect servers and client systems from security exploits, even when systems are left unpatched. The kernel-level application firewall provides systemwide buffer overflow protection and prevents critical system files and settings from being changed, even when a security vulnerability provides what would otherwise be system-level access. StormWatch also provides centralized administration, log consolidation and policy creation so that large numbers of systems can be managed from a single location. (Cisco announced its intention in February to buy Okena.)

Excellence Awards Winners and Finalists: