Contents Years, a Majority of IT Security Pros the Judges

2013 SC Awards U.S.

Optimistic despite threats When it comes to data protection and risk management planning, information security professionals are feeling more hopeful than ever. According to our annual “Guarding Against a Data Breach” survey, compared to previous Contents years, a majority of IT security pros The Judges ...... 54 say their organizations are taking ap- The Sponsors ...... 55 propriate steps to protect critical data. Word from the co-chair ...... 56 As promising as this feedback is, one has to juxtapose it against the less Reader Trust Awards upbeat happenings of our collective Best Anti-Malware Gateway ...... 56 reality. For starters, advanced persistent threats (APTs) and Best Cloud Computing Security ...... 57 other more methodical and sophisticated cyber crime attacks Best Computer Forensic Tool ...... 57 Best Data Leakage Prevention (DLP) ...... 58 are becoming the norm, according to most experts. Just look to Best Database Security Solution ...... 58 the recent attacks against The New York Times, Twitter or the Best Email Security Solution ...... 59 U.S. Department of Energy to get a sense of things to come. Best Enterprise Firewall ...... 59 Internet-based thieves aren’t as easy to catch in the act or stop Best Fraud Prevention Solution...... 60 altogether nowadays, which means organizations have to stop Best Identity Management Application ...... 60 Best IDS/IPS Product ...... 61 relying on traditional network protections alone and step up Best IPsec/SSL VPN ...... 61 their games with advanced monitoring techniques, application Best Managed Security Service ...... 62 and other endpoint controls, better security awareness training Best Mobile/Portable Device Security ...... 62 and more. Because spear phising, custom malware and targeted Best Multifactor Product ...... 63 attacks are happening at a rate never witnessed before, a data- Best NAC product ...... 63 Best Policy Management Solution ...... 64 centric approach to security now is vital, say experts. Best SIEM Appliance...... 64 And most security pros have to achieve this desired end Best UTM Security ...... 65 with ﬂ at budgets. I suppose, though, it’s telling that CISOs Best Vulnerability Management Tool ...... 65 generally are upbeat despite myriad problems. Improving risk Best Web Application Firewall ...... 66 management plans, bettering policies, strengthening training Best Web Content Management Product...... 66 and bolstering controls, along with constantly educating C-level Excellence Awards executives about data security being a necessary part of day-to- Best Customer Service ...... 67 day activities, are all recurring duties. Yet, survey respondents – Best Emerging Technology ...... 67 Best Enterprise Security Solution ...... 68 SC Magazine readers – are at the ready to tackle these seemingly Best Regulatory Compliance Solution ...... 68 endless challenges with zeal. And, for a fortunate growing Best Security Company ...... 69 number, undertaking them deftly is paying off as more CEOs Best SME Security Solution ...... 69 Feb. 26, 2013 • San Francisco and other business leaders register understanding and embrace Rookie Security Company of the Year...... 70 IT security for what it is – a necessary pillar of good business. Professional Awards It’s that passion and commitment that drives us every year to Best Cyber Security Higher Education Program ...... 70 celebrate these industry leaders, their many achievements and Best Professional Certiﬁ cation Program ...... 71 the varied contributions they make without hesitation to help Best Professional Training Program ...... 71 advance this essential and vibrant industry. Congratulations to Best Security Team ...... 72 CSO of the Year ...... 72 you all. – Illena Armstrong, VP, editorial, SC Magazine Editor’s Choice Award ...... 73

EDITORIAL DESIGN AND PRODUCTION U.S. SALES SALES/EDITORIAL ASSISTANT Roo Howar (646) 638-6104 VP, EDITORIAL Illena Armstrong ART DIRECTOR Michael Strong VP, SALES ACCOUNT EXECUTIVE, LICENSING EXECUTIVE EDITOR Dan Kaplan VP AUDIENCE DEVELOPMENT & David Steifman (646) 638-6008 AND REPRINTS Elton Wong MANAGING EDITOR Greg Masters OPERATIONS John Crewe REGIONAL SALES DIRECTOR AUDIENCE DEVELOPMENT DIRECTOR PRODUCTION MANAGER Mike Shemesh (646) 638-6016 Sherry Oommen 2013 SC AWARDS U.S. Krassi Varbanov WEST COAST SALES DIRECTOR Matthew Allington (415) 346-6460 MANAGEMENT EVENTS DIRECTOR Natasha Mulla EVENT SALES DIRECTOR CEO OF HAYMARKET MEDIA EVENTS COORDINATOR Maggie Keller Mike Alessie (646) 638-6002 Lee Maniscalco SENIOR EVENTS COORDINATOR ACCOUNT MANAGERS EXECUTIVE VICE PRESIDENT Anthony Curry Dennis Koster, Samantha Amoroso Tony Keefe

2013 SC AWARDS U.S. 53 2013 SC Awards U.S. 2013 SC Awards U.S. The Judges The Sponsors

SC Magazine would like to thank all of our sponsors for their generous support of the 2013 SC Awards U.S. Their involvement has made this event possible, which helps raise professional standards in the information security industry worldwide.

Bradford Networks Imperva Bradford Networks enables secure Imperva provides a comprehensive Co-chair Co-chair Philip Agcaoili Rebecca Bace Jennifer Bayuk Bruce Bonsall Dennis Brixius network access for corporate-issued solution for monitoring and con- Illena Armstrong Rich Baich CISO, Cox CEO, Infidel principal, Jennifer senior security VP and CSO, The and personal mobile devices. trolling all data usage and business VP, editorial, CISO, Communications L. Bayuk LLC strategist, BT US&C McGraw-Hill Cos. SC Magazine Wells Fargo transactions across the data center.

Champlain College Qualys Champlain College has been provid- Qualys is a leading provider of Leahy Center for Digital Investigation at ing education in the ﬁ eld of digital cloud security and compliance solu- forensics and cyber security for more tions with more than 6,000 custom- than six years. ers in more than 100 countries.

CipherCloud Schwartz MSL CipherCloud provides cloud encryp- Schwartz MSL helps technology tion and tokenization gateways to companies leverage public relations Chris Camacho Jaime Chanaga Rafael Diaz Rick Doten Gene Fredriksen Stephen Fridakis Pamela Fusco enable organizations to securely to create visibility and tell their information security CEO, CSO, Department CISO, global CISO, senior IT officer, director/CISO, adopt cloud applications. innovative story. officer, The CSO Board of Central Manage- DMI Enterprise Tyco International FAO Apollo Group The World Bank ment Services, state Transformation of Illinois Entrust Solutionary Entrust secures governments, Solutionary reduces the information enterprises and ﬁ nancial institutions security and compliance burden, in more than 5,000 organizations providing ﬂ exible managed security spanning 85 countries. and compliance services.

ForeScout Technologies Splunk ForeScout enables organizations to Splunk software collects, accelerate connectivity by allowing indexes and harnesses the machine- users to access network resources generated big data coming from the John Johnson Cedric Leighton Yonesy Nunez Jim Reavis Ariel Silverstone Ward Chenxi Wang without compromising security. devices that power business. senior security colonel, USAF SVP, Citi executive director, CISO, Spangenberg vice president, program manager, (Ret.); founder and Cloud Security self-employed director, information Forrester Research Halon Symantec John Deere president, Cedric Alliance security, pearl.com Halon Security is a prominent Symantec is a global leader in Leighton Associates technology leader of email security security, backup and availability and ﬁ rewalls, protecting millions of solutions. users worldwide.

HP Enterprise Security West Coast Labs HP Enterprise Security provides West Coast Labs is a leader in in- information security solutions to dependent testing, certiﬁ cation and protect the hybrid enterprise. real-time performance validation for information security products.

Larry Whiteside Spencer Wilcox Dov Yoran IBM CISO, special assistant CEO, Spectrum Health and lead security ThreatGRID IBM Security offers one of the strategist, Exelon world’s broadest portfolios of enterprise security products and services.

54 2013 SC Awards U.S. 2013 SC AWARDS U.S. 55 2013 SC Awards U.S. 2013 SC Awards U.S.

Welcome from the Reader Trust Awards Reader Trust Awards Reader Trust Awards co-chairman Best Anti-Malware Gateway Best Cloud Computing Security Best Computer Forensic Tool WINNER dynamically allocate resources WINNER and make the most of existing WINNER EnCase Portable. Symantec for as web traffic increases. SSL Juniper Networks for network security investments. Guidance Software for The tool provides security Symantec Web Gateway encryption capabilities provide vGW Virtual Gateway It accomplishes this by provid- EnCase specialists, investigators, com- safe transmission of web traffic ing cloud-enabling, purpose- puter incident-response teams Symantec Web Gateway 5.0 to popular sites that employees vGW is a solution specifically built security and integrating Guidance Software’s En- and litigation specialists with Reflecting back on infor- is a web security solution and companies often use for designed for virtualization virtualization security with Case software is a powerful everything they need to imme- mation security and cyber that protects organizations business purposes. Real-time as opposed to a pale retrofit- physical network security. solution that provides the diately and thoroughly search, threats in 2012 can be quite against all types of web-borne scanning of pages as they load ted alternative. Compared Organizations want to foundation for government collect, preserve and analyze exhausting. The volume of malware. The tool is powered prevents any latency in web to competing solutions, the virtualize to save money. Yet, and law enforcement agen- data from servers, workstations, cyber agitation and threats in by Symantec Insight, which browsing and decreases calls to hypervisor-based vGW deliv- many still hesitate to virtualize cies to conduct thorough and mobile devices and cloud-based the online world is increas- provides proactive protec- the IT helpdesk. ers protection, throughput, because of security concerns. effective digital investigations data sources. With EnCase, ing, and the distribution tion against new, targeted Symantec Web Gateway’s scalability, automated deploy- vGW removes barriers to of any kind, including intel- users can be confident in their continues to evolve. As an or mutating threats. Insight in-depth reporting gives orga- ment, operational efficiencies virtualizing, as well as to lectual property theft, incident ability to complete a compre- industry, we have been busy, and as a result we have seen enhances protection and can’t nizations the detailed view they and value. vGW has a high- implementing large-scale response, compliance auditing hensive analysis of whatever many technologies emerge to help address these complex, be evaded or coded around by need into their network, to performance stateful firewall, virtualized environments and responding to e-discovery evidence they may encounter ever-changing threats to our companies. Innovation and self-mutating malware. Also, ensure they are protected from integrated IDS, compliance for global organizations and requests – all while maintain- for virtually any business tradecraft are the tools needed to align our security ef- Symantec Web Gateway can today’s complex and dangerous monitoring/enforcement, VM cloud service providers. How? ing the forensic integrity of the purpose. Moreover, users of forts to meet regulatory requirements, ensure compliance, integrate with Symantec Data malware related threats. Introspection, reporting, ac- By ensuring security doesn’t data. EnCase allows custom- the EnCase solution have the provide actionable cyber threat intelligence and establish Loss Prevention seamlessly, Symantec Web Gateway’s cess controls, AV protection, impede virtualized workload ers to conduct more complete ability to customize how the proactive techniques to get ahead of the cyber risks. We which allows for a robust web ability to be deployed as a support for IPv6 and ground- performance and, moreover, investigations than its competi- solution functions, adding need to be able to notice indicators of compromise and and data loss prevention solu- proxy or cache helps compa- breaking scalability. maximizing secured VM-to- tors with additional integration capabilities to the product to have good visibility into what is happening within and tion from a single vendor. This nies save money by reducing vGW offers granular host compression ratios. With to CaseCentral’s secure hosted meet their specific needs. beyond our own ecosystem. Timeliness of incident iden- helps stop sensitive data from bandwidth usage, and avoiding customer resource isolation, vGW, businesses can plan review platform and with With EnCase, organizations tification combined with lapse time taken to address the leaving the corporate network the need to purchase another layers of protection, superior to support more VMs on a security information and event can improve effectiveness of incident is a key performance indicator of an organiza- via the web, and also allows solution to perform these func- performance and regulatory host while ensuring security managers (SIEM) for automat- their staff, as processes and tion’s ability to address the new reality we live in today. for users to receive real-time tions. Customers who already compliance mechanisms that and without compromising ed incident response. EnCase procedures associated with the Understanding why an organization is at risk can be even education on company security have a valid subscription of help users trust in the security performance. software includes the EnCase acquisition, analysis and report- more valuable than the forensics of root cause because policies with notifications for Symantec Web Gateway and of their data – and online busi- vGW was built specifically Enterprise platform with ing of a forensic investigation the organization may be able to change a behavior, in- policy violations. Protection Suite Enterprise ness. vGW can help organiza- for virtualized environments software applications EnCase can be automated, eliminating crease operational security or take other actions to deter Symantec Web Gateway 5.0 Edition are also entitled to tions take advantage of cloud and takes a fast-path approach Cyber Security and EnCase redundant manual work. This any possible impact to their business. presents organizations with perform a simple upgrade to computing sooner rather than to security. Thanks to this eDiscovery built on top of the allows examiners to focus on Asymmetric practices, innovative solutions, determi- many business and technical the new version at no addi- later, optimize investments in design, vGW can clearly and platform. The product line also their specialty of completing nation to succeed, creativity and dreams can be found advantages. Companies can tional cost. virtualization infrastructure positively impact budget. includes EnCase Forensic and digital investigations. tonight in this room. You are all the supply chain to those fighting the cyber threats each day. Your efforts, technologies and ideas enable countless information security professionals to do their jobs. The internet world depends on you, needs you to keep innovating and appre- Finalists 2013 ciates your partnership in dealing with the unprecedented Finalists 2013 Finalists 2013 • IBM for IBM Cloud Security • AccessData Group for threats we all face every day. • Dell SonicWALL for Dell SonicWALL TZ 215 Services Forensic Toolkit (FTK) • McAfee for McAfee Web • Juniper Networks for vGW • FireEye for FireEye – Rich Baich, Protection Virtual Gateway Malware Analysis System co-chairman, 2013 SC Awards U.S.; • Symantec for Symantec Web • Sophos for Sophos SafeGuard 6 • Guidance Software for CISO, Wells Fargo Gateway • Symantec for Symantec O3 Cloud EnCase • Trustwave for Secure Web Identity and Access Control • RSA, the security division Gateway • Trend Micro for Trend Micro of EMC, for RSA NetWitness • Websense for Websense Deep Security 9 TRITON Security Gateway • Websense for Websense TRITON • Websense for Websense Anywhere Enterprise Cyber Security Intelligence (CSI) On-Demand

56 2013 SC Awards U.S. 2013 SC Awards U.S. 57 2013 SC Awards U.S. 2013 SC Awards U.S.

Reader Trust Awards Reader Trust Awards Reader Trust Awards Reader Trust Awards Best Data Leakage Prevention (DLP) Best Database Security Solution Best Email Security Solution Best Enterprise Firewall WINNER WINNER book, Twitter and Dropbox. WINNER fully align their security policy tion service lets users encrypt WINNER and status software blade that Symantec for Symantec Data It also secures sensitive data McAfee, an Intel company, administration practices and Barracuda Networks for customized emails – at no Check Point Software provides split-second search Loss Prevention without stopping business or for McAfee Database efficiently maintain regulatory Barracuda Email Security extra cost. Technologies for Check Point results from billions of log personal use. Security Solution compliance. Barracuda Networks R75.40 records. Symantec Data Loss Preven- Protecting IP is a significant By delivering a complete Productivity losses due to leverages 12 defense layers to Check Point R75.40 allows tion delivers a unified solution challenge for organizations Databases store information, family of products, fully spam and other email security provide defense capabilities for Internet use has changed companies to consolidate to discover, monitor and pro- because it is spread out, and the crown jewels of today’s integrated through McAfee issues can cost businesses mil- any email server within large dramatically with the wide security protections with an tect confidential data wherever subtle differences between organizations. For this reason, ePolicy Orchestrator’s dash- lions of dollars each year. The corporate or small business en- adoption of virtualization, mo- integrated solution that can be it is stored or used. Symantec what is sensitive and what is they are targeted in the over- board, McAfee significantly Barracuda Email Security solu- vironments. Online resources bile computing and Web 2.0 in tailored to meet specific secu- offers comprehensive coverage not make finding it time- whelming majority of breach at- simplifies the deployment and tions, including the Barracuda are available and include a the enterprise. Security used to rity and performance needs. of confidential data across consuming and costly. With tempts by external hackers and monitoring of the security in- Spam & Virus Firewall appli- portal for opening a support be handled by simply blocking Because R75.40 is based on endpoint, network and storage ever-increasing amounts of malicious insiders. Perimeter frastructure. McAfee Database ance and Vx appliance and case, a searchable knowledge specific applications, ports or Check Point’s Software Blade systems – whether users are on sensitive data in corporate security and the security fea- Activity Monitoring requires the Barracuda Email Security base, technical support forum websites entirely. However, the Architecture, customers can or off the corporate network. environments and accessed on tures of native database man- no changes to the database Service cloud solution are ex- and more. Web 2.0 also drives communi- expand their security as need- By measurably reducing risk, mobile devices, with or with- agement systems (DBMS) itself and no configuration tremely powerful and provide Without software to install cation through fewer ports and ed without new management Symantec gives organizations out permission from IT secu- prove insufficient as the critical changes to the network, and complete email protection for or modifications required to protocols. or hardware. This significantly confidence to demonstrate rity, traditional DLP detection last line of defense for the yet can provide real-time organizations of all sizes. existing email systems, instal- Check Point R75.40 includes reduces costs. compliance while protecting technologies cannot effectively sensitive, valuable information alerting or session termina- The email security solu- lation of the Barracuda email Check Point ThreatCloud, the The tool’s newest security their customers, brand and and accurately identify and that databases hold. McA- tion with minimal overhead. tion features ease of use and security solutions are quick first collaborative network to appliances are designed to op- intellectual property (IP). protect IP, like source code fee Database Security offers The memory-based sensor deployment for hardware, and painless. fight cyber crime. It gathers timize all of the software blade Symantec Data Loss Pre- documents that change daily. real-time, reliable protection model catches threats from all virtual, cloud and hybrid of- As well, a key technical data from global threat sensors protections available with vention v11.6 is the current Collecting and fingerprinting for business-critical databases potential sources, including ferings with no per-user fees. advantage for enterprises or and distributes threat intel- R75.40 and leverage the com- release of Symantec’s data 100 percent of confidential against external, internal and privileged users, and the fully It provides detailed email SMEs deploying a Barracuda ligence to security gateways pany’s multi-core and accelera- security suite. It introduces data is too time-consuming even intra-database threats. distributed architecture also monitoring; scans outbound email security solution is ac- around the globe. The tool tion technologies – delivering expanded data loss coverage, and expensive, while identify- This non-intrusive, software- can be deployed in virtual- emails and attachments; and cess to Barracuda Central, an also features new anti-bot and outstanding firewall perfor- advanced multidimensional ing the data with keywords only solution requires no ized environments and in blocks disclosure of sensitive operations center that works enhanced anti-virus software mance capable of up to 200 reporting, improved usability sacrifices accuracy. Symantec architectural changes, database the cloud. McAfee Virtual data, such as Social Security 24/7 to capture the latest blades, powered by Threat- Gbps throughput and less than and new security integrations. DLP 11 enables organizations downtime or additional secu- Patching for Databases identi- and credit card numbers. Its data on spam and other email Cloud. Check Point GAiA five-microsecond latency. The It features DLP for Mobile, to easily define and locate rity management silos. With fies and blocks attempts to outbound scanning also blocks threats from a vast network of adds a unified secure operat- result is an integrated firewall which monitors and protects their unstructured data so that this tool, organizations of all exploit known vulnerabilities spam from leaving an email honeypots, as well as submis- ing system for all Check Point solution that keeps businesses sensitive data sent from an they can quickly prioritize sizes can gain complete visibil- on unpatched servers, as well server causing reputation sions from the more than appliances, open servers and safe and information available, iPad and iPhone mail client, which data needs to be fixed, ity into their overall database as common threat vectors of loss and blacklisting. Too, 85,000 Barracuda Networks virtual systems. SmartLog is without impacting network browser and apps, like Face- saving time and money. landscape and security posture, many zero-day attacks. the integrated cloud encryp- customers worldwide. a new feature of the logging performance.

Finalists 2013 Finalists 2013 Finalists 2013 • Dell SonicWALL for Dell • BeyondTrust for PowerBroker • AT&T for AT&T Network-Based Firewall Service SonicWALL E-Class Network Database - Monitor & Audit • Check Point Software Technologies for Check Point R75.40 Security Appliance (NSA) 8510 • DB Networks for Adaptive • Dell SonicWALL for Dell SonicWALL • Identity Finder for Identity Database Firewall ADF-4200 SuperMassive E10800 Finder • IBM for IBM InfoSphere Finalists 2013 • Fortinet for FortiGate-800C • RSA, the security division of Guardium • Barracuda Networks for Barracuda Email Security • Sourcefire for Sourcefire EMC, for RSA DLP • Imperva for Imperva • McAfee for McAfee Email Protection Next-Generation • Symantec for Symantec Data SecureSphere • Proofpoint for Proofpoint Enterprise Protection/Proofpoint Firewall (NGFW) Loss Prevention • McAfee, an Intel company, Enterprise Privacy • Trend Micro for Trend Micro for McAfee Database Security • Symantec for Symantec Messaging Gateway Integrated Data Loss Prevention Solution • Websense for Websense Email Security Gateway Anywhere • Websense for Websense Data Security Suite

58 2013 SC Awards U.S. 2013 SC Awards U.S. 59 2013 SC Awards U.S. 2013 SC Awards U.S.

Reader Trust Awards Reader Trust Awards Reader Trust Awards Reader Trust Awards Best Fraud Prevention Best Identity Management Application Best Intrusion Detection/Prevention Product Best IPsec/SSL VPN

WINNER in both SaaS and on-premise WINNER the context of business roles WINNER identity and application aware- WINNER modes. Juniper’s SSL VPN RSA, the security division deployments, it is scalable CA Technologies for and processes. It helps stream- Check Point Software ness, to provide the highest lev- Juniper Networks for MAG capabilities are also available of EMC, for RSA Adaptive to millions of users, and CA IdentityMinder line the on- and off-boarding Technologies for Check Point els of network IPS protection. Series Junos Pulse Gateways as a virtual appliance, offering Authentication provides login and transaction of users, enables the business IPS Software Blade By quickly filtering 90 percent added flexibility and scalability protection for users accessing Managing the identities and to manage access requests and of incoming traffic without The Juniper Networks MAG and lower cost. As organizations migrate websites, mobile applications/ access of users to key resources automates identity compliance Today’s threat landscape is requiring deep inspection, the Series Junos Pulse Gateways The MAG Series Junos customers and partners to portals, SSL VPN applications is a critical function for IT processes from distributed and dynamic, evolving and includes IPS engine inspects for attacks are a market-leading SSL VPN Pulse Gateways product family the web, they must look at and web access management organizations under increasing mainframe environments. organized groups creating only on relevant sections of the platform that provide secure includes models sized to meet two primary considerations: applications. pressure to cut operating costs The tool provides a highly sophisticated attacks that traffic, thus reducing overhead remote access for both non- the needs of SMBs with limited Implementing flexible security As a risk and policy-based while demonstrating continu- scalable end-to-end solution specifically target the security and increasing accuracy. mobile and mobile devices. IT experience, all the way up that adapts to the ever-evolv- platform with the ability to ous compliance. They must also for automating and improving weaknesses of their business Customers require the flex- The offering secures clientless to high capacity products for ing world of online threats, leverage the depth of the deal with other challenges like the many time-consuming tasks target. Enterprises want to ibility of the Software Blade access to enterprise applica- large enterprises and service and doing so without sacrific- eFraudNetwork, RSA Adap- protecting critical systems, associated with identity man- protect their business against Architecture to enable more tions, data and resources, and providers requiring the utmost ing usability. tive Authentication helps orga- applications and information agement. The CA solutions for the multitude of threats while security functions as needed, ensure best-in-class endpoint authentication, authorization RSA Adaptive Authenti- nizations drastically improve from unauthorized access and identity management also build simplifying their security ultimately migrating toward a security, granular access con- and accounting capabilities for cation is a comprehensive, fraud detection in real-time, use; increasinge efficiency and structure around the complete deployment and reducing their next-generation firewall type of trol and threat prevention. The employee, partner (extranet) risk-based authentication and thus decreasing fraud-related productivity, without sacrificing identity lifecycle, enabling total security costs. deployment. The IPS Software MAG Series are scalable for and customer access. In addi- fraud detection platform that losses. In addition, its flex- security across many platforms; repeatability and the ability to The Check Point IPS Soft- Blade leverages a sophisticated companies of all sizes and sup- tion, a virtual SSL VPN appli- balances security, usabil- ibility lowers operational efficiently prove proving com- leverage standardized processes ware Blade provides complete, engine that uses multiple meth- port BYOD initiatives through ance is available. ity and cost. Powered by the overhead associated with pliance with internal policies, for additional improvement. integrated, next-generation ods of detection and analysis support of all major mobile The solution uses SSL, with RSA risk engine, Adaptive deployment (i.e., there are no regulations and best practices; CA IdentityMinder delivers firewall intrusion prevention to detect bad traffic and IPS OSs. In addition to secure con- no client software deployment Authentication monitors and tokens to deploy and users can and easily adopting new tech- a scalable and configurable capabilities at multi-gigabit Update Service delivers leading nectivity via SSL VPN, MAG required, and offers cross plat- authenticates online activities self-enroll). Most end-users nologies – such as virtualization solution that accommodates speeds, resulting in IPS security IPS coverage including our Series gateways also can deliver form support across any web- in real-time by correlating are authenticated invisibly, and cloud – that support busi- enterprises’ unique needs at and performance. The tool industry leading coverage of NAC and application accel- enabled device and all major behavioral analysis, device causing the end-user little ness initiatives. every level – from leveraging a provides complete threat cover- Microsoft applications. eration, offering a significant OSs, including Windows, Mac, profiling and data feeds from disruption, allowing them to CA IdentityMinder helps im- role foundation that accurately age for clients, servers, OS and Deploying the IPS Software reduction in OpEx and CapEx Linux, iOS, Android and oth- RSA eFraudNetwork. Because access data faster and more prove the operational efficiency represents their organiza- other vulnerabilities, malware/ Blade dramatically reduces the costs, increased deployment ers. Additionally, Host Checker the Risk Engine works behind efficiently. Finally, offering a and effectiveness of IT organi- tional structure to defining worm infections and more. The complexity of customer net- density, extensive scalabil- scans endpoints for compli- the scenes to validate devices solution that does not require zations by providing a scalable and enforcing unique business Multi-Tier Threat Detection work security infrastructure ity and easily reconfigurable ance, including mobile devices and behavior, the vast majority tokens or extra passwords and configurable identity man- and regulatory policies to cost Engine combines signatures, by reducing their hardware “personality” changes between used in BYOD, and the tool of users are authenticated in- means fewer “lost token” or agement foundation that can effectively extend automated protocol validation, anomaly footprint, rack space, cabling, secure mobile and remote enables single sign-on capabili- visibly, without impact to their “forgotten password” calls to organize identity information provisioning to applications detection, behavioral analysis cooling, as well as power SSL VPN access control and ties to clouds and web-based user experience. Available tech support. across the enterprise and within and policies. and other methods, including consumption. network access control (NAC) applications via SAML 2.0.

Finalists 2013 Finalists 2013 • CA Technologies for CA RiskMinder • Check Point Software • Entrust for Entrust TransactionGuard Technologies for Check Point IPS Software Blade • RSA, the security division of EMC, for RSA Adaptive Authentication • Dell SonicWALL for Dell • Symantec for Symantec Code Signing SonicWALL SuperMassive Finalists 2013 • Trusteer for Trusteer Pinpoint E10200 • Barracuda Networks for Barracuda SSL VPN • HP Enterprise Security for HP TippingPoint • Dell SonicWALL for Dell SonicWALL Aventail E-Class SRA EX9000 • IBM for IBM Security Network Finalists 2013 IPS / Network Protection • HOB GmbH & Co. KG for HOB RD VPN • CA Technologies for CA IdentityMinder • Sourcefire for Sourcefire • Juniper Networks for MAG Series Junos Pulse Gateways • Centrify for Centrify Suite 2012 Next-Generation IPS (NGIPS) • NCP Engineering for NCP Secure Enterprise Management 3.0 • Cyber-Ark Software for Privileged Identity Management Suite • IBM Security Systems for IBM Security Identity Manager • NetIQ for NetIQ Identity Manager 4

60 2013 SC Awards U.S. 2013 SC Awards U.S. 61 2013 SC Awards U.S. 2013 SC Awards U.S.

Reader Trust Awards Reader Trust Awards Reader Trust Awards Reader Trust Awards Best Managed Security Service Best Mobile/Portable Device Security Best Multifactor Product Best NAC product

WINNER cies, as well as direct access WINNER Personal data is never stored WINNER the identities of people, devices WINNER Plug-n-Play NAC – Offered Verizon Business for to experts and best practices. Marble Security (formerly on the device, and cannot be RSA, the security division of and applications exchanging Trustwave for Trustwave NAC as an add-on software module Managed Security Services - As a result, organizations have IronKey) for Marble Access stolen or leaked. At the same EMC, for RSA SecurID that information. with Trustwave’s Managed Commercial one consistent view of their time, Marble Access reduces RSA offers a broad range of Trustwave offers full network UTM service for smaller, security and risk management Criminals, hackers, hacktivists IT costs, secures broader use Protecting access to infor- easy-to-use form factors to suit access control protection for distributed enterprises, Plug-n- The continued increase of posture. and hostile governments are of the cloud, achieves compli- mation – and assuring the a variety of organizations and all endpoints, managed and Play NAC automatically detects new technologies and systems Customers leverage Ve- attacking mobile devices and ance and risk management identities of users requesting requirements. These include unmanaged, and works in any and optionally blocks rogue introduced to the workplace rizon’s expertise and global in- desktops to steal information, goals and enables secure use that access – is a core ele- both hardware and software network infrastructure. Trust- devices and network service, results in an ever-wider frastructure to address a wide break into online accounts and of BYOD initiatives. ment of any security initiative. authenticators to support the wave NAC combines agentless providing automatic updates of spectrum of business risks – in range of challenges, includ- humiliate governments and Marble Access differs start- Whether a small organization leading mobile platforms, SMS network access control with firewall rules for access policy addition to the challenge of ing cyber threats, regulatory enterprises. Marble Security’s ing with its virtualized secure or large enterprise, password authenticators and software zero-day threat prevention enforcement. maintaining appropriate tech- compliance and the adoption Marble Access provides an browser. Unlike signature- authentication is not enough to developer kits to custom build and automated policy enforce- Agentless deployment works nical risk levels, which present of cloud-based computing impenetrable layer of mobile, based countermeasures, such protect against today’s security API calls into third-party mo- ment and is available in three for every endpoint regardless themselves as operational services. The SEAM engine is desktop and network security as anti-virus or firewalls that landscape. Aanother layer of bile applications. configurations: of device type or operating challenges, vulnerabilities and Verizon’s intellectual property that protects all endpoints are vulnerable to zero-day protection is required. RSA has more than 400 part- Enterprise NAC – A system, including BYOD assets, evolving internet threats. In and provides the technology to from all threats, both known attacks, the secure browser RSA SecurID is the standard ners to ensure out-of-the-box highly scalable, full-cycle NAC enabling an organization to order to reduce risk, orga- detect security incidents and and unknown, including works with jailbreak detec- for two-factor authentication integrations with the widest solution designed for large quickly start monitoring both nizations must move away to assign a risk rating, which keystroke loggers, viruses, tion, keyboard encryption and solutions. It reliably proves the range of applications that are organizations with thousands of existing and new devices that from standalone and isolated allows the customer to define man-in-the-browser trojans, other technologies to isolate identities of users, devices and jointly tested by each orga- endpoints, providing central- come on and off the network. security products as they only the business impact based on zero-day malware, malicious users inside an invulnerable applications by using a unique nization to ensure a positive ized and unified web-based The solution requires zero provide an incomplete view of their asset information. Secu- Wi-Fi hotspots, network “cocoon.” Marble Access symmetric key combined with a experience that significantly management with unified integration with existing switch enterprise security. rity incident creation is based hackers and poisoned DNS at- delivers a unified user experi- proven algorithm to generate a reduces deployment, testing configuration and reporting fabrics or a lengthy implemen- In order to reduce risk on threat information gener- tacks. Marble Access provides ence on all platforms: iPhones, one-time password that changes and integration costs. support, deployed virtually tation process for discovery exposure, businesses need ated by the security devices. a unified user experience iPads, Android, BlackBerries, every 60 seconds. RSA SecurID RSA SecurID is a cost- inline. or enforcement. Trustwave a methodology and a secu- Verizon can help determine across PC, Mac, Android and PCs or Macs. Another major helps legitimate users gain effective way for organizations Managed NAC – Trustwave’s NAC operates virtually inline rity platform to manage risk risk and its impact by taking iOS mobile devices. Marble differentiator, the Marble Ac- secure access to VPNs, wireless to address authentication MSS operation offers full-func- as needed with a fail-open exposure which allows them into account threat, vulner- Access combines a virtualized cess, uses encryption, authen- access points, applications and compliance concerns tion NAC as a managed service, architecture and self-contained to anticipate problems, take ability, and assets through its secure browser with encryp- tication, whitelists, blacklists in the cloud, on the web and and provide an extra level of including the same feature/ enforcement, with zero latency. corrective action and demon- proprietary SEAM engine, and tion, mutual authentication, and other technologies to mobile, and network operat- security for networks, VPNs, function support as Enterprise Any device on the network is strate results. Verizon offers a can provide valuable insight URL whitelisting and Marble protect against phishing and ing systems. Adding in that and other business assets. RSA NAC, while maintaining sen- detected, and patented technol- process framework and global on recommending correc- Access technology to isolate network-level attacks, such as additional layer, RSA SecurID SecurID offers a broad array of sor integrity and health, and ogy further identifies rogue infrastructure for consistency tive action when mitigating users from any threats on DNS poisoning or malicious helps organizations protect form factors and authentication providing reduced cost with no devices as well as unauthorized in handling threats and poli- threats. the device or the internet. hotspots. private information and assure mechanism to meet all budgets. capital expense. routers and gateways.

Finalists 2013 • CA Technologies for CA AuthMinder • Entrust for Entrust IdentityGuard • PhoneFactor, a Microsoft company, for PhoneFactor Finalists 2013 Finalists 2013 • RSA, the security division of EMC, for RSA SecurID • Dell SecureWorks for Dell SecureWorks Managed • AirWatch for AirWatch Enterprise Mobile Management • Symantec for Symantec VIP Security Services • AVG for AVG AntiVirus FREE for Android Finalists 2013 • IBM for IBM Managed Security Services • Marble Security (formerly • Bradford Networks for Network Sentry • Mandiant for MCIRT Managed Defense IronKey) for Marble Access • ForeScout Technologies for ForeScout CounterACT • Verisign for Verisign MalDetector Service • Sophos for Sophos Mobile Control 2.5 • StillSecure for StillSecure Safe Access • Verizon Business for Managed Security Services – • Symantec for Symantec Mobile Management Suite • Trustwave for Trustwave NAC Commercial

62 2013 SC Awards U.S. 2013 SC Awards U.S. 63 2013 SC Awards U.S. 2013 SC Awards U.S.

Reader Trust Awards Reader Trust Awards Reader Trust Awards Reader Trust Awards Best Policy Management Solution Best Security Information/Event Management Best UTM Security Best Vulnerability Management Tool (SIEM) Appliance WINNER company-specific rules and best WINNER for real-time monitoring and WINNER compliance data. Organiza- SolarWinds for SolarWinds practices. Users also can create WINNER to traditional SIEM use cases, Symantec for Symantec blocking of malware. Symantec Qualys for QualysGuard tions report 50 to 90 percent Network Configuration their own checks from scratch. Splunk for Splunk the Splunk App for Enterprise Endpoint Protection Endpoint Protection protects Vulnerability Management lower costs and can more Manager (NCM) Both customized and entirely Enterprise Security comes with out-of-the- both physical and virtual efficiently remediate vulner- new checks can be shared on box reports, dashboards, inci- Last year, attackers unleashed systems. QualysGuard Vulnerability abilities using the solution’s SolarWinds Network Con- thwack, the SolarWinds online Splunk is a Big Data security dent workflow and correlation more than nine new mutated By tracking nearly every Management (VM) automates powerful tools and features, figuration Manager (NCM) IT management community. intelligence platform that is searches for SIEM use cases. viruses every second of every program file on the internet, network auditing and vulner- including centralized reports, simplifies managing network NCM combines powerful used by more than 1,500 Splunk can ingest any type day, resulting in more than 403 Symantec can identify new or ability management across or- verified remedies and risk configuration files in multi- network configuration manage- customers to search and of machine data from any million distinct threats. This rapidly mutating files. Leverag- ganizations, including network rankings to prioritize remedia- vendor network environments ment features, rapid time-to- investigate, proactively monitor source, whether from files, huge volume and variety of ing, Insight and SONAR tech- discovery and mapping, asset tion steps, and full remedia- by backing up configuration value, an easy-to-use web-based user and machine behavior, syslog, a script, and more. threats has made it virtually im- nologies, Symantec Endpoint management, vulnerability tion workflow capabilities files, as well as continuously interface, and affordability into perform statistical analysis Splunk stores this data in a flat possible for security companies Protection blocks new and reporting and remediation with trouble tickets. monitoring device configura- one package. NCM is part of to identify anomalies and file data store, not a fixed- to protect users. Traditional unknown threats missed by tracking. Driven by a com- QualysGuard VM delivers a tions and providing immediate SolarWinds’ IT management unknown threats, and create schema SQL database, so is security software is reactive, traditional signature, heuristic, prehensive knowledge base powerful, scalable solution at notification of configuration suite, which includes solutions dashboards and visualiza- not limited to indexing and looking for digital fingerprints behavioral and HIPS-based of known vulnerabilities, it en- a low cost. It requires no infra- changes to help resolve prob- for network, application and tions for executives. Splunk’s searching only data that fits of viruses after they have been security solutions. ables cost-effective protection structure to deploy or manage, lems before they impact users. server, log and security informa- architecture makes all machine a database schema. Splunk discovered. But today’s crimi- Symantec Insight provides against vulnerabilities without saving time and resources, SolarWinds NCM can check tion, virtualization, storage, IT data in an organization useable leverages a powerful search nals work differently, mutating performance advantages. Be- substantial resource deploy- providing a continuous view regulatory compliance of all help desk, remote support and and valuable to the IT security technology and language that their malware and creating new, cause Insight knows the secu- ment. It is used by more than of security across the organi- network devices, including mobile IT management, and team. It can index any type of enables fast, advanced searches unique threats for each user. rity status of most of the files on 5,800 customers in more than zation. routers, switches and firewalls, real-time troubleshooting and machine or log data without against terabytes of data to Symantec Endpoint Protec- a system before it scans them, 100 countries, including a Qualys also maintains the and generate detailed reports diagnostic tools. upfront normalization, and find threats. Searches can tion v12 offers advanced it eliminates up to 70 percent majority of each of the Forbes industry’s largest vulnerabil- from a single instance. These Additionally, SolarWinds’ allows users to create correla- leverage Boolean and statisti- protection while improving of scan overhead – providing Global 100 and Fortune 100. ity database, updated daily reports can be launched on- unique Thwack.com com- tions and reports on the raw cal logic to identify outliers system performance to busi- performance so fast users won’t Delivered as a cloud solu- for more than 35,000 unique demand or scheduled on a munity of more than 100,000 data. The platform is agile, and abnormal behavior that nesses of all sizes. It includes know it is there. tion accessible from any web vulnerabilities. Automated periodic basis and emailed to members is extremely active. flexible and lets security cus- may represent an advanced, a new detection system that Symantec Endpoint Protec- browser, QualysGuard VM is signature regression testing security personnel. In particular, the NCM section, tomers address a wide range of unknown threat. Also, Splunk includes Symantec Insight, a tion 12 provides unrivaled easy to deploy and manage – ensures quality/accuracy, scor- The compliance checks one of the most active areas of security use cases – from basic is software-only and installs on cloud-based technology that security, blazing performance even across globally distrib- ing six sigma accuracy (fewer available cover many different thwack, receives on average log management and incident commodity hardware, thus is tracks more than three billion and optimization for virtual uted environments – enabling than 3.4 defects per million standards, including HIPAA, dozens of postings per day – investigation/forensics to fraud cheaper and easier to upgrade. files from more than 200 mil- environments. The tool offers organizations to accurately scanned). Updates are rolled SOX, PCI, DISA STIG and questions and answers, shared detection and correlation/ Lastly, Splunk enables the fast lion systems to identify new and comprehensive defense against scan their networks and ap- out immediately, and users can FISMA, and can be customized content, blog postings, feature alerting – to find known and creation of new reports and rapidly mutating threats, as well all attacks on physical and plications to identify and fix scan globally without requir- by the users based on their requests and tips. unknown threats. In regards dashboards. as SONAR, Symantec’s system virtual systems. vulnerabilities and collect ing additional infrastructure.

Finalists 2013 Finalists 2013 • Check Point Software • GFI Software for GFI LanGuard 2012 Technologies for Check • Qualys for QualysGuard Vulnerability Management Point 2200 and 4000 Series • Rapid7 for Rapid7 Nexpose Appliances • Tenable Network Security for Tenable Security Center • Dell SonicWALL for Dell SonicWALL TZ 215 • Trustwave for TrustKeeper Vulnerability Manager • Fortinet for FortiGate-100D • Sophos for Sophos UTM 9 Finalists 2013 Finalists 2013 • Symantec for Symantec • IBM for IBM Endpoint Manager • HP Enterprise Security for HP ArcSight Endpoint Protection 12 • AirWatch for AirWatch Enterprise Mobile Management • IBM for IBM Security Q Radar SIEM • NetIQ for NetIQ Secure Configuration Manager • LogRhythm for LogRhythm • SolarWinds for SolarWinds Network Configuration • NetIQ for NetIQ Sentinel 7 Manager (NCM) • SolarWinds for SolarWinds Log & Event Manager (LEM) • Tripwire for Tripwire Enterprise 8.2 • Splunk for Splunk Enterprise

64 2013 SC Awards U.S. 2013 SC Awards U.S. 65 2013 SC Awards U.S. 2013 SC Awards U.S.

Reader Trust Awards Reader Trust Awards Excellence Awards Excellence Awards Best Web Application Firewall Best Web Content Management Product Best Customer Service Best Emerging Technology

WINNER plications, the Barracuda Web WINNER site appliances with cloud WINNER phone trees and no automated WINNER recognized means to ensure that Barracuda Networks for Application Firewall proxies Websense for Websense Web security for web security and Barracuda Networks for service. CipherCloud for CipherCloud sensitive data remains private Barracuda Web Application traffic and inspects it for access Security Gateway Anywhere content management – with Barracuda Customer Service Also, Barracuda Networks Gateway and always in control of the Firewall by hackers. For added security, a unified console and policy and Support customers are provided with enterprise. Gartner estimates the solution provides full PKI Web access opens the door for employees in all locations. telephone support. Since incep- CipherCloud is helping busi- that by 2016, 25 percent of all A recent study by Forrester integration for use with client to malware, data theft, legal WSGA offers TruWeb DLP for Barracuda Networks of- tion, Barracuda Networks has nesses and governments that enterprise will use Research found that 67 percent certificates to verify identities liabilities, productivity issues data theft and loss protection, fers multiple hard copy and prided itself on the “IT Guy could otherwise not adopt the a cloud encryption gateway. of vulnerabilities can be found of clients accessing the web and bandwidth loss. In early and Advanced Classification online tools to make setup and Next Door” mentality – mak- cloud because of data privacy, CipherCloud launched its at the web application layer. applications. 2012, 42 percent of Facebook Engine (ACE) to provide real- installation quick and easy ing sure that there is always a residency, compliance and se- first product in February 2011. The Barracuda Web Applica- The Barracuda Web Ap- activity was streaming media, time security and data analysis. for customers. This includes live person available to help curity concerns. Using real-time As of September 2012, Cipher- tion Firewall is a complete and plication Firewall performs many with video lures to Websense ThreatSeeker Net- quick-start guides and installa- with any customer issues 24 format and operations preserv- Cloud has more than 40 large powerful security solution for deep inspection of all web malware. Also, there’s been an work inspects three billion to tion manuals, as well as more hours a day, seven days a week. ing encryption, CipherCloud enterprise customers in produc- web applications and websites. traffic, enabling it to provide increase in spear phishing with five billion requests from 900 detailed administration guides. This is included as part of the ensures that customers are the tion with more than one million The tool quickly protects web a wide range of intrusion embedded links to advanced million endpoints daily. This documentation outlines purchase price /at no additional only ones that can access data users. This includes two of the servers from data breaches, prevention capabilities at both threats. Too, Osterman Re- The tool offers a single step-by-step processes to get charge. in the cloud while preserving top five U.S. banks and two of and websites from defacement, the network and application search says the costs associated management console and up and running quickly and ef- Too, Barracuda Networks the native user experience the top five Canadian banks. without administrators waiting layers. It provides protection with a malware infection are policy that manages defenses ficiently, as well as tips and best customers are provided with of cloud applications across CipherCloud encryption for clean code or even knowing from common attacks on web approximately $110 per user. for office, remote and mobile practices to make our products web-based downloads at no ad- browser, desktop, and mobile gateways are delivered as how an application works. applications, including SQL Clearly, new technology is users. It’s part of the TRITON most effective. ditional charge. This includes a interfaces. virtual appliances and can run Additionally, it can increase injections, cross-site script- needed to reduce these costs. solution that unifies web, Barracuda Networks variety of overview information CipherCloud addresses the across virtualization systems the performance and scalability ing attacks, session tampering Websense Web Security Gate- email, data and mobile security provides documentation that (whitepapers, best practice tips, top six cloud computing threats from VMware, Microsoft, and of these applications. Content and buffer overflows. As a full way Anywhere meets that need across on-premise and cloud is easy to understand and is user guides), as well as set-up as identified by the Cloud Secu- Citrix as well as IaaS platforms caching, data compression proxy, the Barracuda Web with zero-day malware preven- platforms for a lower cost. effective. In fact, SC Magazine quickstarts, admin guides and rity Alliance: insecure interfaces from Amazon, Microsoft, and and SSL acceleration optimize Application Firewall blocks or tion and DLP to address risks ACE protects against conducted a review of its flag- more. and APIs, malicious insiders, Google. CipherCloud encryp- application performance while cloaks attacks, while preventing not covered by basic URL malicious scripts and zero-day ship email security offering in Barracuda Networks custom- shared technology issues, data tion gateways can quickly be reducing impact on servers. In- sensitive outbound data leaks filtering, anti-virus and firewall threats that circumvent anti- September 2012 and said, “We ers are provided with online loss or leakage, account or enabled and disabled and tegrated load balancing further of information. solutions. virus products. It analyzes web found deployment of this prod- forums and FAQ sections service hijacking and unknown scaled with simple load balanc- optimizes performance and Overall, customers benefit Websense Web Security traffic in real-time, categoriz- uct to be quick and easy.” online at no additional charge. risk profile. ing. A production deployment provides high availability. significantly from ensuring Gateway Anywhere (WSGA) ing dynamic web content/ Barracuda Networks strives Additionally, it provides Live For those using the cloud, supporting more than 100,000 Unlike traditional network data, applications and websites offers complete protection threats offering detection of to provide awesome customer Chat directly on the website, significant data privacy, resi- users is deployed with two gate- firewalls or intrusion detection are secure – and that band- against malware and data advanced payloads, exploited service with live people always LinkedIn User Groups with dency, compliance and security ways always running and two systems that simply pass HTTP width and performance are theft. It uses TruHybrid documents, mobile malware on the receiving end to help best practice sessions, and challenges exist. Encryption is more on standby to support or HTTPS traffic for web ap- optimized. technology to combine on- protection and much more. trouble shoot – there are no more. the most widely and universally additional load.

Finalists 2013 Finalists 2013 • Barracuda Networks for Barracuda Web Application Firewall • Barracuda Networks for Barracuda Web Security • Dell SonicWALL for Dell SonicWALL SRA Web Application • EdgeWave for iPrism Web Security Firewall Service • Websense for Websense Web Security Gateway Anywhere • Fortinet for FortiWeb-400C • IBM for IBM Security Network IPS/Network Protection • Imperva for SecureSphere Web Application Firewall Finalists 2013 • Black Lotus for Human Behavior Analysis Finalists 2013 • CipherCloud for CipherCloud Gateway • Barracuda Networks for Barracuda Customer Service and Support • CloudPassage for CloudPassage Halo • eSoft for eSoft Customer Support • Microsoft for Enhanced Mitigation Experience Toolkit (EMET) 3.0 • Kaspersky Lab Americas for Kaspersky Business Products • Pindrop Security for Fraud Detection System • Qualys for QualysGuard Technical Support • Webroot Software for Webroot SecureAnywhere Business - • Vanguard Integrity Professionals for Vanguard Customer Service Endpoint Protection

66 2013 SC Awards U.S. 2013 SC Awards U.S. 67 2013 SC Awards U.S. 2013 SC Awards U.S.

Excellence Awards Excellence Awards Excellence Awards Excellence Awards Best Enterprise Security Solution Best Regulatory Compliance Solution Best Security Company Best SME Security Solution

WINNER and scale, and comes stocked WINNER than 50 countries with approxi- WINNER in advanced threat detec- WINNER granular policy controls, all Tenable Network Security for with hundreds of prebuilt Websense for Websense Data mately two million users. Mandiant tion and response, along with Kaspersky Lab Americas for of which help administrators SecurityCenter dashboards and reports that Security Suite All customers receive special- Mandiant’s proprietary network Kaspersky Endpoint Security customize Kaspersky’s solution automate audits, vulnerability, ized support from technical Founded in 2004, and named intelligence, provides customers for Windows Workstations to their own organizations’ With more than 15,000 custom- attack path, threat analysis and Due to the increased fines engineers in support centers “Best Security Company” by with effective incident insight unique needs, thus simplify- ers, more than 1,000 of the information sharing across the levied by agencies for non-com- worldwide, which regularly SC Magazine in 2012, Mandi- – from host to network – along The core challenge in today’s ing the user experience while world’s largest organizations organization – saving enter- pliance and new regulatory re- average 8.91 (out of 10) in ant solutions, services and with actionable intelligence. environment isn’t that there providing extensive security and a community of more than prises hundreds of thousands of quirements, organizations have satisfaction surveys. An online expertise set the standard in The company’s R&D efforts are no tools available, it’s that and management. one million users, Tenable is dollars annually. reprioritized their approach to knowledge base, a forum of advanced threat detection and are evidenced by eight free each individual tool adds to In addition to anti-malware, a leader in the vulnerability Tenable maintains one of audits. Organizations recognize more than 19,000 individu- incident response. Mandiant forensic software offerings to the complexity users face when Kaspersky Lab’s solution man- and compliance management the industry’s largest research the need for a solution that can als, technical alerts, monthly counts more than 30 percent improve incident response and trying to implement security ages software vulnerabilities, market. teams, staffed by award-win- monitor and ensure sensitive training webinars and personal of the Fortune 100 as clients, forensics technology. policies. Businesses need to re- provides data encryption in Its company founders are ning security experts delivering data is not transmitted to unau- myWebsense.com accounts are many referred by law enforce- In July, Mandiant an- duce the number of tools used case laptops are lost or stolen widely recognized technology updated security content daily. thorized users, while being able also available. ment agencies. nounced its new research and number of consoles man- and provides security for smart- leaders – CEO Ron Gula (IDS/ During 2012, Tenable intro- to walk through the incident Websense Data Security Its products and services division, Mandiant Labs, to aged, so they can get back to phones and tablets. Kaspersky IPS innovator), Chief Research duced new features including details and generate reports for Suite offers more than 1,600 help guide customers through bring together reverse engi- focusing on their core business Endpoint Security 8 provides Officer Renaud Deraison advanced malware detec- audits. policies and templates out the process of detecting, neers, malware analysts and competencies. With Kaspersky all this functionality from a (creator of Nessus), and Chief tion, patch and configuration The latest report by The of the box, many of which responding and containing researchers onto a single team Endpoint Security 8, customers single pane of glass and is built Security Officer Marcus Ranum management integration, and Corporate Board Member/FTI are regulatory requirements. an attack. Its responders and to drive innovation and auto- can protect data, improve over- from the same code-base to (developed the first commercial mobile device detection helping Consulting, “Legal Risks on the These extensive built-in forensic investigators are mation across the company all efficiency and secure mobile work together, providing a sig- proxy firewall) – who spend customers stay ahead of threats. Radar,” ranked data security regulatory policies enable directed by the latest technical and support products and computing with encryption and nificantly easier user experience time daily responding to ques- Tenable’s unique combina- as the top concern of corpo- customers to quickly deploy and investigative intelligence services via intelligence gather- device management. and true value to the customer. tions. Tenable also provides de- tion of vulnerability scanning, rate America. With increasing the necessary controls for from the front lines. ing and analysis and advanced By combining multiple Kaspersky Lab continues tailed white papers, webinars, network monitoring, log and external threats from hack- regulatory compliance. Mandiant Intelligent Re- analytics and service delivery technologies into a single, to make major investments in videos, and blog posts designed event analysis, and analytics ers using advanced malware, With the constant release sponse (MIR) is today a leading automation. centrally-managed solution, R&D to develop in-house new to help customers with detailed helps customers eliminate organizations realize they need of new and updated regula- incident response technol- The company offers clients Kaspersky Endpoint Security technologies to strengthen its instructions for achieving com- vulnerabilities, identify attack to account for both accidental tions, Websense provides new ogy for combating advanced training program built on real- 8 for Windows Workstations portfolio. All its technologies pliance initiatives. paths and respond to attacks data loss from employees and regulatory policies monthly. threats. The company’s MCIRT world consultant experiences. offerns an extensive set of tools are built from the same code Tenable’s SecurityCenter has even from new technologies: deliberate attacks from external Websense also offers a custom Managed Defense product Through incident response, to ensure security and control base and work together seam- a low total cost of ownership mobile, cloud and virtual infra- entities. In 2011, the number of policy service for free, if combines the technology of malware analysis and memory over an array of applications, lessly, not cobbled together and a rapid return on invest- structure, the fastest growing customers with Websense DLP customers are challenged with MIR with its Computer Inci- forensics tracks, students learn devices and web content. on the backend. The result is ment. The solution is quick sources of theft, disruption, and exceeded 2,000. Websense crafting a regulatory policy for dent Response Team (MCIRT) the skills necessary to solving Kaspersky features range from solutions that are more efficient and easy to deploy, manage compliance violations. DLP is now deployed in more their specific needs. whose combined experience crime in the field. a ready-to-use template to and easier to manage.

Finalists 2013 Finalists 2013 • CA Technologies for CA Content-Aware IAM Solution • AirWatch for AirWatch Enterprise Mobile Management • FireEye for FireEye Malware Protection System • Kaspersky Lab Americas for Kaspersky Endpoint Security • Qualys for QualysGuard Enterprise for Windows Workstations • Qualys for QualysGuard Express • Sourcefire for Sourcefire Next-Generation IPS (NGIPS) Finalists 2013 • Tenable Network Security for Tenable SecurityCenter • Sophos for Sophos UTM 9 • Cyber-Ark • Varonis Systems for Varonis Data Governance Suite • SpectorSoft for SPECTOR 360 • Dell SonicWALL • Mandiant Finalists 2013 • Sophos • Agiliance for Agiliance RiskVision with Agiliance Compliance • Sourcefire Manager Application • Verizon • Qualys for QualysGuard Policy Compliance • RSA, the security division of EMC, for RSA Archer eGRC • Symantec for Symantec Control Compliance Suite 11 • Websense for Websense Data Security Suite

68 2013 SC Awards U.S. 2013 SC Awards U.S. 69 2013 SC Awards U.S. 2013 SC Awards U.S.

Excellence Awards Professional Awards Professional Awards Professional Awards Rookie Security Company of the Year Best Cyber Security Higher Education Program Best Professional Certification Program Best Professional Training Program

WINNER reliable and can be done prior WINNER risk management plans. More WINNER tion candidates demonstrate WINNER applicable in order to increase to the call center. With Pindrop Champlain College for than 90 percent of graduates Information System Audit up-to-date skills, job practices (ISC)2 for The (ISC)2 retention, transfer and recollec- Pindrop Security Security solutions, the call Computer Forensics and have job offers within 30 days and Control Association for ISACA certifications are Education Program tion on the job; and includ- center can return to focusing on Digital Investigation Degree of graduation, and many even (ISACA) for Certified in Risk closely monitored, analyzed and ing value-added, real-world Originally, the belief was that satisfied customers.Its products Programs well before graduation. and Information Systems updated within every five years. (ISC)2 delivers efficiency in application activities to increase Pindrop Security technology combine techniques to provide Champlain students are Control (CRISC) To determine how to best serve certification for individuals motivation for learning the would provide call analysis for a multi-layered defense against Through its on-campus, online highly encouraged to par- the IT security professional, by tapping into innovative skills and concepts necessary recorded calls to identify poten- fraud, using blacklisting and and graduate degree programs, ticipate in internships and the With more than 100,000 ISACA conducts a “Member technologies and learning for success. tial fraud. However, improve- anomaly detection to uncover Champlain offers more than 35 college offers assistance in members in 180 countries, Needs” survey annually. strategies. (ISC)2 Education The (ISC)2 common body of ments to accuracy and the abil- fraudsters. computer forensics and digital those placements. The Leahy ISACA provides a vast pool of The CRISC certification Program engages current and knowledge (CBK) defines the ity to detect specific niche cases, Pindrop Security provides investigation courses – more Center for Digital Investigation knowledge and research that is was developed by a nonprofit, future students and young and expertise needed in a frame- such as “dead air” calls and services and solutions to the than any other college in the hires a large number of interns shared globally with members independent global leader in experienced professionals to work that provides standard- call forwards, have significantly largest financial institutions in country. Students can jump to work on projects supervised and nonmembers through security, risk, governance and support workforce initiatives ized information security expanded applicability to cover the world, including systems into digital forensic courses im- by professional investigators on conferences (both in-person compliance. It provides a tool and inspire a continuous supply principles. This framework all areas of phone security. used inline in their call centers. mediately, taking advantage of active cases. and virtual settings), webinars, to help assess the proficiency of of knowledgeable professionals. establishes a way to assess a The process of authenticating Pindrop Security was leading-edge courses, like mo- This year, Champlain con- a bimonthly journal, training a professional’s IT-related risk Technology is evolving candidate’s mastery of certain customers through knowledge- founded out of research initi- bile device forensics, network ducted an “Imagine College” courses, social media groups, management skills. CRISC is a rapidly. (ISC)2’s Education domains of knowledge and based authentication questions ated at Georgia Tech’s Informa- forensics, file systems forensics, program for under-served blogs and research publica- highly desired certification be- Program reflects this change includes the most relevant, is an unsatisfactory solution. It tion Security Center (GTISC) and many more. students. They were able to ex- tions. Additionally, ISACA cause it is the only certification through updated review semi- current topics of the profession reduces satisfaction by treating by Vijay Balasubramaniyan Courses are developed and plore college as an opportunity offers a network of nearly 200 that positions IT professionals nars. The goal is to promote today. The (ISC)2 Education customers like criminals, and (below) and the director of taught by industry experts who they may not have considered chapters worldwide, offer- for future career growth by and increase a candidate’s Program aims to change the by putting the burden on them GTISC, Mustaque Ahamad. bring current industry best to be within their reach. ing IT security professionals linking IT risk management to ability to retain and transfer landscape by helping profes- to remember secret answers, Balasubramaniyan is now CEO practices and techniques to local training, professional enterprise risk management. the knowledge gained in the sionals foster this. passwords and more. It increas- of Pindrop Security and Aha- the classroom. And, its Leahy (below) Champlain College networking, certification review Nearly 17,000 professionals certification training course by Virtual and in-person es call length, therefore adding mad is chief scientist. National Center for Digital Investigation President David Finney and courses and opportunities across a range of job functions improving the study material, security leadership events cost. And it’s ineffective since a Science Foundation grants have enables students to get to work Sen. Patrick Leahy, D-Vt., at the for the exchange of ideas and – including IT risk, security, training experience and refining offer exclusive access (free to fraudster can find most answers continued to fund ongoing re- on active investigations, gaining opening of The Patrick Leahy information. Members are audit and compliance – have performance on the job. Recent 86,000 members) and continu- to these questions online. search into Balasubramaniyan’s valuable real-world experience, Center for Digital Investigation, also provided opportunities earned CRISC since it was es- changes include measuring ing education opportunities to Pindrop Security’s technology original research, and Pindrop including developing and writ- a new Center of Excellence at to take on leadership roles, tablished two years ago. This knowledge gain through the use industry professionals looking allows companies to reduce or Security continues to grow its ing response plans. the college offering students an participate in the development number includes more than of pre- and post-test analytics; for timely, relevant and “hot eliminate this process. Authen- research in order to continually Champlain graduates are up-to-date facility in which to of research publications and 1,200 CIOs, CISOs and chief restructuring course content to topic” content featuring expert tication is transparent to the cus- improve accuracy and capabili- extremely well prepared to cre- learn and practice digital forensic speak at worldwide confer- compliance, risk and privacy be both practical in knowledge speakers and unique network- tomer. Detection of fraudsters is ties of the technology. ate and manage ever-evolving investigation techniques. ences. To ensure that certifica- officers. needed for exam study and ing opportunities.

Finalists 2013 Finalists 2013 Finalists 2013 • Guidance Software for Guidance Software Training • Appthority • Champlain College for • Inspired eLearning for Security Awareness Training Computer Forensics and • Pindrop Security • (ISC)2 for The (ISC)2 Education Program Digital Investigation Degree • Seculert Programs • Secure Ninja for SecureNinja Cyber Security Training Program • Vaultive • Iowa State University for • The SANS Institute for SANS Training • viaForensics Cyber Security Education Program • Kennesaw State University for Bachelor of Business Adminis- Finalists 2013 tration in Information Security • GIAC for GIAC Security Expert (GSE) and Assurance (BBA-ISA) • GIAC for GIAC Exploit Researcher and Advanced Penetration Tester • University of Maryland (GXPN) University College for Cyber Security Degrees and Certifi- • ISACA for Certified in Risk and Information Systems Control (CRISC) cate Programs • ISACA for Certified Information Security Manager (CISM) • ISACA for Certified Information Systems Auditor (CISA)

70 2013 SC Awards U.S. 2013 SC Awards U.S. 71 2013 SC Awards U.S. 2013 SC Awards U.S.

Professional Awards Professional Awards Professional Awards Best Security Team CSO of the Year EDITOR’S CHOICE

WINNER response for asset owners and WINNER With this foundation, South WINNER DefCon – promotes educa- all of the sites encrypted with up the gaymers, arguing that ICS-CERT Security Team operators; and partnering with John South, CSO, Heartland empowers his team to take Electronic Frontier tion, stands ready to prepare HTTPS on the web. The goal the term had been in use for for U.S. Department of the control system community Payment Systems ownership of security initiatives Foundation (EFF) legal defenses and carries on of the EFF SSL Observatory several years prior to the ad- Homeland Security to coordinate risk management and lead the application of se- public programs to ease the aided by a substantial gift from versary’s claim and therefore efforts and serve as the focal John South has established a curity principles and guidelines In an environment that path forward for technological entrepreneur Mark Cuban and belongs in the public domain. The Industrial Control Systems point for information exchange. best-in-class IT security team to mitigate risks that face the primarily measures achieve- innovation, including the work game developer Markus Pers- “Trademarks have one Cyber Emergency Response The ICS-CERT Security at Heartland Payments Systems enterprise. ment in net sales or visibility, of hackers and others on the son, is to uncover vulnerabili- primary purpose: To protect Team (ICS-CERT) Security Team has received national and by hiring the most talented By aligning Heartland’s secu- it’s particularly rewarding for edges of digital exploration. In ties; substantiate the practices consumers from confusion Team responds to incidents, international recognition as an practitioners to manage the rity program with the company’s us to call out the work of an addition, the group has a pres- of certificate authorities, the about the source of goods or vulnerabilities and threats that essential element for coordinat- various elements defined in corporate objectives, South and organization that can prioritize ence on Capitol Hill, provid- organizations delegated to services,” said EFF Staff Attor- can impact those industrial ing cyber security risk reduc- the security program. Seeking his team have won the support ideals – particularly privacy ing policy advice to legislators sign cryptographic certificates ney Julie Samuels at the time control systems (ICS) which tion efforts among the nation’s team members that have strong of corporate leaders and col- protection in our new age of operate critical infrastructure critical infrastructure asset communicative and technical leagues. In doing so, South has digital connectivity. across the United States. These owners. Through its incident capabilities, he stresses the established the business of se- The nonprofit Electronic systems are vital for the pro- response, situational awareness importance of compatibility be- curity at Heartland as a vehicle Frontier Foundation (EFF) cesses used throughout many and recommended practices tween the company’s risk/needs to support the organization’s takes on those who hold the critical sectors that the nation efforts, the team is recognized and individuals’ strengths. various business units. reins – whether in government depends on every day. as a national resource for cyber Once team members are Coming to the table with or industry – large, intimidat- The ICS-CERT Security security guidance. identified and on-boarded, solutions that help leaders ing forces which, and can of- Team’s mission is to reduce It is also a key functional South ensures they have ample securely accomplish their ten, abuse their privilege, such cyber security risks by offering element of the DHS National opportunities to continually objectives, and being able to as in overzealous prosecutions, four core products and services Cyber Security and Commu- expand their knowledge with effectively communicate these as was just evidenced in the to the nation’s critical infra- nications Integration Center access to a variety of security measures, South and his team case of Aaron Swartz. The structure sectors: Providing (NCCIC) and is integral to training resources. Further, have solidified their roles as true EFF has put its weight behind situational awareness to govern- the department’s capability to South challenges his team business partners for groups Aaron’s Law, a proposed ment and the private sector coordinate national-level cyber members to grow their exper- across the organization. Look- update to the Computer Fraud through national alerts and events. ICS-CERT Security tise by pursuing professional ing out for the best interests of and Abuse Act that, among advisories that warn of cyber Team presence in the NCCIC development opportunities. business units and merchant other principles, aims to make threats and vulnerabilities; Operations Center provides He encourages his staff to earn customers, South and his certain that questionable conducting technical analysis of synergistic information-sharing both CISSP and CISA cre- staff have earned respect and innovations are not treated involved in deciding new trusted by browsers; and help of the filing. “This registration malware, system vulnerabilities value to the various public dentials, as well as at least one even converted once-skeptical as criminal offenses and that computer crime legislation. those further developing the isn’t being used to protect and emerging exploits; per- and private sector partners additional expertise-specific business leaders into internal penalties are proportionate to The group’s advocacy for underlying encryption infra- consumers – it’s being used to forming cyber security incident participants. certification. champions for the group. allegations of wrongdoing. privacy protections extends structure of the web. threaten free speech.” Another initiative the into many areas touching tech- Too, the EFF recently Whether it is there with an ar- technology watchdog group nological progress. Just last became involved in a case in gument for what it believes is a has recently undertaken is month, the EFF filed an am- San Francisco that pitted a dangerously narrow view of fair Finalists 2013 Finalists 2013 the Coders’ Rights Project. icus brief in a Maryland case group of Reddit “gaymers” – use, or debating in court with • Go Daddy Security Team • Bobby Dominguez, director, This effort aims to safeguard to voice its concern about the members of the lesbian, gay, police departments to challenge IT security and GRC, PSCU • Teleperformance Security Team programmers and developers Financial Services collection of DNA from those bisexual, and transgendered the use of invasive technology, • ICS-CERT Security Team for U.S. Department of Homeland Security as they perform their work. arrested for a crime, insisting community active in video such as GPS tracking devices on • Nikk Gilbert, vice president and chief information security As many of these security and that warrants must be served games – against a website a suspect’s car, the EFF stands officer, CUNA Mutual Group encryption researchers come by law enforcement before operator who had registered up to the overseers – alleged • John South, CSO, Heartland up against a slew of state, anyone is required to provide the term as a trademark. and in place – to insist that Payment Systems federal and international legal a genetic sample. The point, it The trademark registration powerful interests must not • Bruce Wignall, CISO, limitations, the EFF advo- argued, is that the accessibility should be canceled, the group shun the rule of law. In doing Teleperformance cates that the momentum of of advanced technology should stated in its petition to the so, it smooths the path for tech- these innovators should not not undermine traditional U.S. Patent and Trademark nological innovation and those be hindered. On their behalf, privacy protections. Office, so that the term can whose thinking outside the box the group – which maintains Further, last year, the group be used worldwide. The EFF, transgresses ordinary boundar- an active presence at confer- began a project to delve into in association with the law ies that only serve the privileged ences, like Black Hat and the certificates in use to secure firm Perkins Coie, is backing and powerful.

72 2013 SC Awards U.S. 2013 SC Awards U.S. 73