{"global":{"lastError":{},"locale":"de","locales":{"data":[{"id":"de","name":"Deutsch"},{"id":"en","name":"English"}],"loading":false,"error":false},"currency":{"id":49,"name":"EUR"},"currencies":{"data":[{"id":49,"name":"EUR"},{"id":124,"name":"RUB"},{"id":153,"name":"UAH"},{"id":155,"name":"USD"}],"loading":false,"error":false},"translations":{"product":{"reference-bonus":{"_type":"localeString","en":"Offer a reference bonus","ru":"Предложить бонус за референс"},"configurator":{"ru":"Конфигуратор","_type":"localeString","en":"Сonfigurator"},"i-sell-it":{"ru":"I sell it","_type":"localeString","en":"I sell it"},"i-use-it":{"ru":"I use it","_type":"localeString","en":"I use it"},"roi-calculator":{"ru":"ROI-калькулятор","_type":"localeString","en":"ROI-calculator"},"selling":{"_type":"localeString","en":"Selling","ru":"Продают"},"using":{"_type":"localeString","en":"Using","ru":"Используют"},"show-more-button":{"_type":"localeString","en":"Show more","ru":"Показать еще"},"hide-button":{"ru":"Скрыть","_type":"localeString","en":"Hide"},"supplier-popover":{"ru":"поставщик","_type":"localeString","en":"supplier"},"implementation-popover":{"_type":"localeString","en":"deployment","ru":"внедрение"},"manufacturer-popover":{"ru":"производитель","_type":"localeString","en":"manufacturer"},"short-description":{"en":"Pitch","ru":"Краткое описание","_type":"localeString"},"i-use-it-popover":{"ru":"Внесите свое внедрение и получите бонус от ROI4CIO или поставщика.","_type":"localeString","en":"Make your introduction and get a bonus from ROI4CIO or the supplier."},"details":{"ru":"Детальнее","_type":"localeString","en":"Details"},"description":{"ru":"Описание","_type":"localeString","en":"Description"},"product-features":{"ru":"Особенности продукта","_type":"localeString","en":"Product features"},"categories":{"ru":"Категории","_type":"localeString","en":"Categories"},"solutions":{"_type":"localeString","en":" Problems that solves","ru":"Проблемы которые решает"},"values":{"ru":"Ценности","_type":"localeString","en":"Values"},"сomparison-matrix":{"_type":"localeString","en":"Comparison matrix","ru":"Матрица сравнения"},"testing":{"ru":"Тестирование","_type":"localeString","en":"Testing"},"compare":{"_type":"localeString","en":"Compare with competitors","ru":"Сравнить с конкурентами"},"characteristics":{"en":" Characteristics","ru":"Характеристики","_type":"localeString"},"transaction-features":{"en":"Transaction Features","ru":"Особенности сделки","_type":"localeString"},"average-discount":{"ru":"Средняя скидка партнера","_type":"localeString","en":"Partner average discount"},"deal-protection":{"en":"Deal protection","ru":"Защита сделки","_type":"localeString"},"average-deal":{"ru":"Средний размер сделки","_type":"localeString","en":"Average deal size"},"average-time":{"en":"Average deal closing time","ru":"Средний срок закрытия сделки","_type":"localeString"},"login":{"_type":"localeString","en":"Login","ru":"Войти"},"register":{"_type":"localeString","en":"Register","ru":"Зарегистрироваться"},"to-know-more":{"_type":"localeString","en":"To know more","ru":"Чтобы узнать больше"},"scheme":{"en":" Scheme of work","ru":"Схема работы","_type":"localeString"},"competitive-products":{"_type":"localeString","en":" Competitive products","ru":"Конкурентные продукты"},"implementations-with-product":{"ru":"Внедрения с этим продуктом","_type":"localeString","en":"Deployments with this product"},"user-features":{"ru":"Особенности пользователей","_type":"localeString","en":"User features"},"job-roles":{"ru":"Роли заинтересованных сотрудников","_type":"localeString","en":" Roles of Interested Employees"},"organizational-features":{"ru":"Организационные особенности","_type":"localeString","en":"Organizational Features"},"calculate-price":{"ru":"Рассчитать цену продукта","_type":"localeString","en":" Calculate product price"},"selling-stories":{"ru":"Продающие истории","_type":"localeString","en":" Selling stories"},"materials":{"ru":"Материалы","_type":"localeString","en":"Materials"},"about-product":{"_type":"localeString","en":"About Product","ru":"О продукте"},"or":{"ru":"или","_type":"localeString","en":"or"},"program-sends-data":{"en":"Program Sends Data","_type":"localeString"},"calculate-roi":{"_type":"localeString","en":"Calculate Product ROI","ru":"Рассчитать ROI продукта"},"complementary-categories":{"_type":"localeString","en":"Complementary Categories","ru":"Схожие категории"},"program-receives-data":{"_type":"localeString","en":"Program Receives Data"},"rebate":{"en":"Bonus","ru":"Бонус","_type":"localeString"},"rebate-for-poc":{"_type":"localeString","en":"Bonus 4 POC","ru":"Бонус 4 POC"},"configurator-content":{"ru":"Рассчитайте стоимость продукта","_type":"localeString","en":"Calculate price for this product here"},"configurator-link":{"en":"here","ru":"тут","_type":"localeString"},"vendor-popover":{"_type":"localeString","en":"vendor","ru":"производитель"},"user-popover":{"_type":"localeString","en":"user","ru":"пользователь"},"select-for-presentation":{"ru":"выбрать продукт для презентации","_type":"localeString","en":"select product for presentation"},"auth-message":{"ru":"Вам нужно зарегистрироваться или войти.","_type":"localeString","en":"You have to register or login."},"add-to-comparison":{"ru":"Добавить в сравнение","_type":"localeString","en":"Add to comparison"},"added-to-comparison":{"ru":"Добавлено в сравнения","_type":"localeString","en":"Added to comparison"},"roi-calculator-content":{"_type":"localeString","en":"Calculate ROI for this product here","ru":"Рассчитайте ROI для данного продукта"},"not-yet-converted":{"ru":"Данные модерируются и вскоре будут опубликованы. Попробуйте повторить переход через некоторое время.","_type":"localeString","en":"Data is moderated and will be published soon. Please, try again later."},"videos":{"_type":"localeString","en":"Videos","ru":"Видео"},"vendor-verified":{"en":"Vendor verified","ru":"Подтверждено производителем","_type":"localeString"},"event-schedule":{"ru":"Расписание событий","_type":"localeString","en":"Events schedule"},"scheduling-tip":{"en":"Please, сhoose a convenient date and time and register for the event.","ru":"Выберите удобную дату и время и зарегистрируйтесь на ивент.","_type":"localeString"},"register-to-schedule":{"ru":"Для того чтобы зарегистрироваться на ивент пожалуйста авторизируйтесь или зарегистрируйтесь на сайт.","_type":"localeString","en":"To register for the event please log in or register on the site."},"comparison-matrix":{"ru":"Матрица сравнений","_type":"localeString","en":"Comparison matrix"},"compare-with-competitive":{"_type":"localeString","en":" Compare with competitive","ru":"Сравнить с конкурентными"},"avg-deal-closing-unit":{"ru":"месяцев","_type":"localeString","en":"months"},"under-construction":{"ru":"Данная услуга всё ещё находится в разработке.","_type":"localeString","en":"Current feature is still developing to become even more useful for you."},"product-presentation":{"_type":"localeString","en":"Product presentation","ru":"Презентация продукта"},"go-to-comparison-table":{"ru":"Перейти к таблице сравнения","_type":"localeString","en":" Go to comparison table"},"see-product-details":{"_type":"localeString","en":"See Details","ru":"Детали"}},"header":{"help":{"de":"Hilfe","ru":"Помощь","_type":"localeString","en":"Help"},"how":{"_type":"localeString","en":"How does it works","de":"Wie funktioniert es","ru":"Как это работает"},"login":{"ru":"Вход","_type":"localeString","en":"Log in","de":"Einloggen"},"logout":{"en":"Sign out","ru":"Выйти","_type":"localeString"},"faq":{"en":"FAQ","de":"FAQ","ru":"FAQ","_type":"localeString"},"references":{"de":"References","ru":"Мои запросы","_type":"localeString","en":"Requests"},"solutions":{"ru":"Возможности","_type":"localeString","en":"Solutions"},"find-it-product":{"_type":"localeString","en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта"},"autoconfigurator":{"ru":"Калькулятор цены","_type":"localeString","en":" Price calculator"},"comparison-matrix":{"_type":"localeString","en":"Comparison Matrix","ru":"Матрица сравнения"},"roi-calculators":{"ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators"},"b4r":{"ru":"Бонус за референс","_type":"localeString","en":"Bonus for reference"},"business-booster":{"_type":"localeString","en":"Business boosting","ru":"Развитие бизнеса"},"catalogs":{"en":"Catalogs","ru":"Каталоги","_type":"localeString"},"products":{"en":"Products","ru":"Продукты","_type":"localeString"},"implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"categories":{"ru":"Категории","_type":"localeString","en":"Categories"},"for-suppliers":{"_type":"localeString","en":"For suppliers","ru":"Поставщикам"},"blog":{"_type":"localeString","en":"Blog","ru":"Блог"},"agreements":{"en":"Deals","ru":"Сделки","_type":"localeString"},"my-account":{"en":"My account","ru":"Мой кабинет","_type":"localeString"},"register":{"ru":"Зарегистрироваться","_type":"localeString","en":"Register"},"comparison-deletion":{"ru":"Удаление","_type":"localeString","en":"Deletion"},"comparison-confirm":{"ru":"Подтвердите удаление","_type":"localeString","en":"Are you sure you want to delete"},"search-placeholder":{"en":"Enter your search term","ru":"Введите поисковый запрос","_type":"localeString"},"my-profile":{"en":"My profile","ru":"Мои данные","_type":"localeString"},"about":{"en":"About Us","_type":"localeString"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4presenter":{"_type":"localeString","en":"Roi4Presenter"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"sub_it_catalogs":{"_type":"localeString","en":"Find IT product"},"sub_b4reference":{"_type":"localeString","en":"Get reference from user"},"sub_roi4presenter":{"_type":"localeString","en":"Make online presentations"},"sub_roi4webinar":{"en":"Create an avatar for the event","_type":"localeString"},"catalogs_new":{"en":"Products","_type":"localeString"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"},"it_our_it_catalogs":{"_type":"localeString","en":"Our IT Catalogs"},"it_products":{"_type":"localeString","en":"Find and compare IT products"},"it_implementations":{"_type":"localeString","en":"Learn implementation reviews"},"it_companies":{"_type":"localeString","en":"Find vendor and company-supplier"},"it_categories":{"_type":"localeString","en":"Explore IT products by category"},"it_our_products":{"_type":"localeString","en":"Our Products"},"it_it_catalogs":{"en":"IT catalogs","_type":"localeString"}},"footer":{"copyright":{"de":"Alle rechte vorbehalten","ru":"Все права защищены","_type":"localeString","en":"All rights reserved"},"company":{"de":"Über die Firma","ru":"О компании","_type":"localeString","en":"My Company"},"about":{"de":"Über uns","ru":"О нас","_type":"localeString","en":"About us"},"infocenter":{"en":"Infocenter","de":"Infocenter","ru":"Инфоцентр","_type":"localeString"},"tariffs":{"de":"Tarife","ru":"Тарифы","_type":"localeString","en":"Subscriptions"},"contact":{"de":"Kontaktiere uns","ru":"Связаться с нами","_type":"localeString","en":"Contact us"},"marketplace":{"de":"Marketplace","ru":"Marketplace","_type":"localeString","en":"Marketplace"},"products":{"ru":"Продукты","_type":"localeString","en":"Products","de":"Produkte"},"compare":{"de":"Wähle und vergleiche","ru":"Подобрать и сравнить","_type":"localeString","en":"Pick and compare"},"calculate":{"_type":"localeString","en":"Calculate the cost","de":"Kosten berechnen","ru":"Расчитать стоимость"},"get_bonus":{"_type":"localeString","en":"Bonus for reference","de":"Holen Sie sich einen Rabatt","ru":"Бонус за референс"},"salestools":{"de":"Salestools","ru":"Salestools","_type":"localeString","en":"Salestools"},"automatization":{"de":"Abwicklungsautomatisierung","ru":"Автоматизация расчетов","_type":"localeString","en":"Settlement Automation"},"roi_calcs":{"en":"ROI calculators","de":"ROI-Rechner","ru":"ROI калькуляторы","_type":"localeString"},"matrix":{"ru":"Матрица сравнения","_type":"localeString","en":"Comparison matrix","de":"Vergleichsmatrix"},"b4r":{"de":"Rebate 4 Reference","ru":"Rebate 4 Reference","_type":"localeString","en":"Rebate 4 Reference"},"our_social":{"de":"Unsere sozialen Netzwerke","ru":"Наши социальные сети","_type":"localeString","en":"Our social networks"},"subscribe":{"_type":"localeString","en":"Subscribe to newsletter","de":"Melden Sie sich für den Newsletter an","ru":"Подпишитесь на рассылку"},"subscribe_info":{"ru":"и узнавайте первыми об акциях, новых возможностях и свежих обзорах софта","_type":"localeString","en":"and be the first to know about promotions, new features and recent software reviews"},"policy":{"_type":"localeString","en":"Privacy Policy","ru":"Политика конфиденциальности"},"user_agreement":{"ru":"Пользовательское соглашение ","_type":"localeString","en":"Agreement"},"solutions":{"_type":"localeString","en":"Solutions","ru":"Возможности"},"find":{"en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта","_type":"localeString"},"quote":{"ru":"Калькулятор цены","_type":"localeString","en":"Price calculator"},"boosting":{"_type":"localeString","en":"Business boosting","ru":"Развитие бизнеса"},"4vendors":{"_type":"localeString","en":"4 vendors","ru":"поставщикам"},"blog":{"_type":"localeString","en":"blog","ru":"блог"},"pay4content":{"ru":"платим за контент","_type":"localeString","en":"we pay for content"},"categories":{"en":"categories","ru":"категории","_type":"localeString"},"showForm":{"ru":"Показать форму","_type":"localeString","en":"Show form"},"subscribe__title":{"ru":"Раз в месяц мы отправляем дайджест актуальных новостей ИТ мира!","_type":"localeString","en":"We send a digest of actual news from the IT world once in a month!"},"subscribe__email-label":{"ru":"Email","_type":"localeString","en":"Email"},"subscribe__name-label":{"en":"Name","ru":"Имя","_type":"localeString"},"subscribe__required-message":{"ru":"Это поле обязательное","_type":"localeString","en":"This field is required"},"subscribe__notify-label":{"_type":"localeString","en":"Yes, please, notify me about news, events and propositions","ru":"Да, пожалуйста уведомляйте меня о новостях, событиях и предложениях"},"subscribe__agree-label":{"ru":"Подписываясь на рассылку, вы соглашаетесь с %TERMS% и %POLICY% и даете согласие на использование файлов cookie и передачу своих персональных данных*","_type":"localeString","en":"By subscribing to the newsletter, you agree to the %TERMS% and %POLICY% and agree to the use of cookies and the transfer of your personal data"},"subscribe__submit-label":{"ru":"Подписаться","_type":"localeString","en":"Subscribe"},"subscribe__email-message":{"ru":"Пожалуйста, введите корректный адрес электронной почты","_type":"localeString","en":"Please, enter the valid email"},"subscribe__email-placeholder":{"ru":"username@gmail.com","_type":"localeString","en":"username@gmail.com"},"subscribe__name-placeholder":{"_type":"localeString","en":"Last, first name","ru":"Имя Фамилия"},"subscribe__success":{"ru":"Вы успешно подписаны на рассылку. Проверьте свой почтовый ящик.","_type":"localeString","en":"You are successfully subscribed! Check you mailbox."},"subscribe__error":{"_type":"localeString","en":"Subscription is unsuccessful. Please, try again later.","ru":"Не удалось оформить подписку. Пожалуйста, попробуйте позднее."},"roi4presenter":{"ru":"roi4presenter","_type":"localeString","en":"Roi4Presenter","de":"roi4presenter"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"}},"breadcrumbs":{"home":{"_type":"localeString","en":"Home","ru":"Главная"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"products":{"ru":"Продукты","_type":"localeString","en":"Products"},"implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"login":{"_type":"localeString","en":"Login","ru":"Вход"},"registration":{"ru":"Регистрация","_type":"localeString","en":"Registration"},"b2b-platform":{"en":"B2B platform for IT buyers, vendors and suppliers","ru":"Портал для покупателей, поставщиков и производителей ИТ","_type":"localeString"}},"comment-form":{"title":{"_type":"localeString","en":"Leave comment","ru":"Оставить комментарий"},"firstname":{"_type":"localeString","en":"First name","ru":"Имя"},"lastname":{"ru":"Фамилия","_type":"localeString","en":"Last name"},"company":{"_type":"localeString","en":"Company name","ru":"Компания"},"position":{"_type":"localeString","en":"Position","ru":"Должность"},"actual-cost":{"_type":"localeString","en":"Actual cost","ru":"Фактическая стоимость"},"received-roi":{"ru":"Полученный ROI","_type":"localeString","en":"Received ROI"},"saving-type":{"_type":"localeString","en":"Saving type","ru":"Тип экономии"},"comment":{"_type":"localeString","en":"Comment","ru":"Комментарий"},"your-rate":{"ru":"Ваша оценка","_type":"localeString","en":"Your rate"},"i-agree":{"ru":"Я согласен","_type":"localeString","en":"I agree"},"terms-of-use":{"en":"With user agreement and privacy policy","ru":"С пользовательским соглашением и политикой конфиденциальности","_type":"localeString"},"send":{"ru":"Отправить","_type":"localeString","en":"Send"},"required-message":{"ru":"{NAME} - это обязательное поле","_type":"localeString","en":"{NAME} is required filed"}},"maintenance":{"title":{"ru":"На сайте проводятся технические работы","_type":"localeString","en":"Site under maintenance"},"message":{"ru":"Спасибо за ваше понимание","_type":"localeString","en":"Thank you for your understanding"}}},"translationsStatus":{"product":"success"},"sections":{},"sectionsStatus":{},"pageMetaData":{"product":{"title":{"_type":"localeString","en":"ROI4CIO: Product","ru":"ROI4CIO: Продукт"},"meta":[{"content":"website","name":"og:type"},{"content":"https://roi4cio.com/fileadmin/templates/roi4cio/image/roi4cio-logobig.jpg","name":"og:image"}],"translatable_meta":[{"name":"og:title","translations":{"ru":"Конкретный продукт","_type":"localeString","en":"Example product"}},{"translations":{"ru":"Описание для конкретного продукта","_type":"localeString","en":"Description for one product"},"name":"og:description"},{"name":"title","translations":{"ru":"Продукт","_type":"localeString","en":"Product"}},{"translations":{"ru":"Описание продукта","_type":"localeString","en":"Product description"},"name":"description"},{"name":"keywords","translations":{"ru":"Ключевые слова продукта","_type":"localeString","en":"Product keywords"}}]}},"pageMetaDataStatus":{"product":"success"},"subscribeInProgress":false,"subscribeError":false},"auth":{"inProgress":false,"error":false,"checked":true,"initialized":false,"user":{},"role":null,"expires":null},"products":{"productsByAlias":{"carbon-black-cb-protection":{"id":3827,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/carbon_black.png","logo":true,"scheme":false,"title":"Carbon Black (CB) Protection","vendorVerified":0,"rating":"0.00","implementationsCount":1,"suppliersCount":0,"supplierPartnersCount":2,"alias":"carbon-black-cb-protection","companyTitle":"Carbon Black","companyTypes":["supplier","vendor"],"companyId":4070,"companyAlias":"carbon-black","description":"Highly targeted assets demand perfect security, but can’t afford loss in performance. Critical systems are increasingly targeted because they contain the most valuable information. These systems cannot afford a moment of unscheduled downtime or performance degradation as they are the lifeblood of the organization. They often run on out-of-date or unsupported operating systems, which are costly to secure and support. The most common approach to defending these systems typically relies on layering multiple, ineffective security products, which is costly, creates risk and jeopardizes performance.\r\nCB Protection is an industry-leading application control product, used to lock down servers and critical systems, prevent unwanted changes and ensure continuous compliance with regulatory mandates. Leveraging cloud reputation services, IT-based trust policies and multiple sources of threat intelligence from the CB Predictive Security Cloud, CB Protection ensures that only trusted and approved software is allowed to execute on an organization’s critical systems and endpoints.<br />\r\nCB Protection combines application whitelisting, file integrity monitoring, full-featured device control and memory/tamper protection into a single agent. CB Protection watches for behavioral indicators of malicious activity and conducts continuous recording of attack details to provide rich visibility into everything suspicious that attackers attempt to do. With the addition of the File Delete feature, CB Protection is now a direct control for requirement 5 of PCI DSS, enabling customers to remove traditional antivirus without the need for undergoing the compensating control process.<br />\r\nSecurity teams can harden their new and legacy systems against all unwanted change, simplify the compliance process, and provide the best possible protection for corporate systems at enterprise scale. CB Protection is available through MSSPs or directly through on-premise.<br />\r\n<span style=\"font-weight: bold;\">Key Capabilities</span><br />\r\nCB Protection is a powerful positive security solution for data centers and critical systems that allows server admins to control change while consolidating agents. Using a ‘Default Deny’ approach, CB Protection reduces your attack surface and downtime by automating approval of trusted software and eliminating the burden of whitelist management.<br />\r\n<span style=\"font-style: italic;\">Lock Down Critical Systems</span><br />\r\nStop malware and non-malware attacks by preventing unwanted changes to your applications and files, providing you with the control over your environment that you need.<br />\r\n<span style=\"font-style: italic;\">Ensure Continuous Compliance</span><br />\r\nAccelerate compliance by meeting many of the requirements in regulatory standards and frameworks, such as PCI-DSS, HIPAA/HITECH, SOX, NERC CIP, GDPR and NIST 800-53.<br />\r\n<span style=\"font-style: italic;\">High Performance and Low Touch Application Control</span><br />\r\nBe confident that your solution is blocking the “bad” and allowing the “good” without interrupting daily operations.","shortDescription":"Carbon Black (CB) Protection: Application Control and Critical Infrastructure Protection","type":"Software","isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":13,"sellingCount":19,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Carbon Black (CB) Protection","keywords":"","description":"Highly targeted assets demand perfect security, but can’t afford loss in performance. Critical systems are increasingly targeted because they contain the most valuable information. These systems cannot afford a moment of unscheduled downtime or performance deg","og:title":"Carbon Black (CB) Protection","og:description":"Highly targeted assets demand perfect security, but can’t afford loss in performance. Critical systems are increasingly targeted because they contain the most valuable information. These systems cannot afford a moment of unscheduled downtime or performance deg","og:image":"https://old.roi4cio.com/fileadmin/user_upload/carbon_black.png"},"eventUrl":"","translationId":3828,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"characteristics":[],"concurentProducts":[{"id":5377,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Limelight_Networks.jpg","logo":true,"scheme":false,"title":"Limelight Networks Cloud Security","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"limelight-networks-cloud-security","companyTitle":"Limelight Networks","companyTypes":["supplier","vendor"],"companyId":6796,"companyAlias":"limelight-networks","description":"Limelight's cloud security services offer a layered defense against malicious website attacks and unauthorized content access without impacting the performance of your web applications and content delivery. Limelight DDoS Attack Interceptor protects against denial of service attacks intended to overload online services with large volumes of malicious traffic. Limelight Cloud WAF (Web Application Firewall) protects your web sites and web applications against malicious HTTP application layer attacks that are intended to compromise your web site and steal data. TLS/SSL capabilities encrypt data so it cannot be intercepted in transit, and multiple content security methods are available so only authorized users have access to your valuable content. Limelight offers a scalable range of cloud security solutions that protect your infrastructure and your content without impacting performance. \r\n<b>Features:</b>\r\n<b>Distributed Denial of Service (DDoS) Protection </b>\r\nLimelight’s Distributed Denial of Service (DDoS) Attack Interceptor ensures your web site remains open for business by defending against even the largest attacks intended to flood your web site with malicious traffic. Limelight's cloud-based, comprehensive multi-layer solution offers protection from even the largest and most complex DDoS attacks before they can impact website performance. Unlike on-premise DDoS solutions that need to be constantly maintained and updated and can be overwhelmed by large-scale volumetric attacks, Limelight DDoS Attack Interceptor is a scalable and cost-effective cloud-based protection service that is always up to date and doesn't require a team of in-house security experts. Limelight provides layers of DDoS defense, including detection of malicious traffic, proactive notification in the event of an attack, and mitigation of attacks through on-network globally positioned high-capacity scrubbing. \r\n<b>Web Application Firewall (WAF) Protection </b>\r\nLimelight Web Application Firewall (WAF) protects your web sites and web applications against malicious HTTP application layer attacks such as cross-site scripting and SQL injection that are intended to steal data. Limelight Cloud WAF provides high-performance protection ensures that only dynamic content requests need to be forwarded to the WAF for inspection. This minimizes the performance impact of WAF protection and locks down IP traffic, as the WAF only accepts traffic from the CDN. \r\n<b>TLS/SSL </b>\r\nSecuring the transmission of sensitive customer data using strong encryption has become increasingly important. Limelight has one of the world's largest TLS/SSL enabled networks, providing the capacity to deliver secure traffic without performance bottlenecks. \r\n<b>Content Security </b>\r\nLimelight offers several integrated content security methods such as IP address whitelisting and blacklisting, geolocation access control, tokenization, and digital rights management that allow you to prevent unauthorized access to your content. Limelight makes it easy to secure your valuable digital content so you can maximize revenue. ","shortDescription":"Comprehensive suite of services to secure your digital assets and protect your infrastructure\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":13,"sellingCount":7,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Limelight Networks Cloud Security","keywords":"","description":"Limelight's cloud security services offer a layered defense against malicious website attacks and unauthorized content access without impacting the performance of your web applications and content delivery. Limelight DDoS Attack Interceptor protects against de","og:title":"Limelight Networks Cloud Security","og:description":"Limelight's cloud security services offer a layered defense against malicious website attacks and unauthorized content access without impacting the performance of your web applications and content delivery. Limelight DDoS Attack Interceptor protects against de","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Limelight_Networks.jpg"},"eventUrl":"","translationId":5376,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":6401,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Sonrai_Security.jpg","logo":true,"scheme":false,"title":"Sonrai Security Platform","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"sonrai-security-platform","companyTitle":"Sonrai Security","companyTypes":["vendor"],"companyId":8963,"companyAlias":"sonrai-security","description":"<b>Identity Risk Monitoring and Access Graphing </b>\r\nUncover all identity and data relationships between people and non-people identities (admins, roles, compute instances, serverless functions, and containers) across multi-cloud accounts and 3rd-party data stores. Sonrai Dig, our identity and data governance platform, graphs all access paths to enforce Least Privilege, and workflow enables certification of identities. Risks eliminated include: \r\n<ul> <li>Separation of duties </li> <li>Privilege escalation </li> <li>Toxic Combinations </li> <li>Dormant identities </li> <li>Who/what has access rights? </li> </ul>\r\n<b>Discover, Classify, Lock Down, and Monitor “Crown-Jewel” Data </b>\r\nInside Sonrai Dig, our critical resource monitor relentlessly monitors your critical data sitting inside object stores (e.g. AWS S3, Azure Blob) and database services (e.g. CosmosDB, DynamoDB, RDS). Suspicious access activity or undesirable changes in access rights are flagged. \r\n<ul> <li>What is normal access behavior? </li> <li>What or who can access this resource and from where? </li> <li>What is accessing this resource? </li> <li>What has changed? </li> <li>What is the blast-radius? </li> </ul>\r\n<b>Unify Compliance and Platform Configuration Monitoring </b>\r\nPrivacy and compliance controls are monitored across multiple cloud providers and 3rd party data stores. Resolutions are coordinated with relevant DevOps teams. Capabilities include: \r\n<ul> <li>GDPR, HIPAA, PCI dashboards and more </li> <li>Data sovereignty monitoring </li> <li>Data asset inventory </li> <li>Customizable controls and compliance dashboards </li> <li>Monitoring PII data movement </li> </ul>\r\n<b>Governance Automation Engine Helps Companies Shift Left and Integrate Teams </b>\r\nSonrai Dig’s Governance Automation Engine helps companies shift left and integrate teams via organized analysis, alerts, and actions that align with how your organizations use public cloud. The platform allows customized monitoring and views for development, staging, or production workloads and an API architecture that can be integrated into a CI/CD process. Dig also automatically dispatches prevention and remediation bots and provides safeguards in the form of code promotion blocks to help to ensure end-to-end security in public cloud platforms. \r\n<ul> <li>Workflow Automation </li> <li>Context-based alerting </li> <li>Automate DevSecOps </li> <li>Remediation & Prevention Bots </li> <li>Code Promotion Blocking </li> </ul>\r\n<b>Cloud and Data Integrations </b>\r\nWe work hard with our cloud partners to leverage the capabilities that they have. However, Sonrai Dig delivers an identity and data governance platform that is the basis of a cloud security and risk operating model that spans clouds, data stores, key stores, and container platforms. Sonrai Dig does all of this in a beautiful cross-platform way. Example integrations: \r\n<ul> <li>Public Cloud Platforms: AWS, Azure, Google Cloud (GCP) </li> <li>IAM: AWS IAM, Azure AD, GCP IAM </li> <li>Audit: AWS CloudTrail, Azure activity logs, GCP Stackdriver </li> <li>Data Stores: DynamoDB, RDS, Cosmos DB, Data Lake, SQL, Big Table </li> <li>Key Stores: KMS, HashiCorp Vault </li> <li>Infrastructure: Kubernetes, WAF, Cloudfront, ELB Compute: ECS, Lambda, Azure Serverless </li> </ul>","shortDescription":"Identity and Data Governance for AWS, Azure, Google Cloud, and Kubernetes\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Sonrai Security Platform","keywords":"","description":"<b>Identity Risk Monitoring and Access Graphing </b>\r\nUncover all identity and data relationships between people and non-people identities (admins, roles, compute instances, serverless functions, and containers) across multi-cloud accounts and 3rd-party data s","og:title":"Sonrai Security Platform","og:description":"<b>Identity Risk Monitoring and Access Graphing </b>\r\nUncover all identity and data relationships between people and non-people identities (admins, roles, compute instances, serverless functions, and containers) across multi-cloud accounts and 3rd-party data s","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Sonrai_Security.jpg"},"eventUrl":"","translationId":6401,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":5379,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Link11.jpg","logo":true,"scheme":false,"title":"Link11 DDoS Protection","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"link11-ddos-protection","companyTitle":"Link11","companyTypes":["supplier","vendor"],"companyId":5490,"companyAlias":"link11","description":"<b>Your Benefits of the Link11 DDoS protection</b>\r\n<b>No additional hardware </b>\r\nConcentrate on what matters. You do not need to make expensive investments in additional hardware and cumbersome staff training. Link11 DDoS protection is fully cloud-based and is subject to ongoing improvement. \r\n<b>Intelligent architecture </b>\r\nThe self-learning technology duly fends off all types of modern attacks. Depending on the connection, Link11 offers reliable protection against DDoS attacks on all layers and is ready to use within a few minutes. \r\n<b>Individual packages </b>\r\nAs you grow and need to upsize your infrastructure, your DDoS protection grows with you. Special packages custom-tailored to your needs facilitate the overview of the services you have booked. \r\n<b>Self-learning AI Shield </b>\r\nAll attacks fended off by Link11 are stored in a sequence database. The self-learning AI of the DDoS protection analyzes every attack sequence and compares it with the existing data. This benefits all protected companies, as it facilitates the predictability of similar incidents, resulting in an even faster reaction. \r\n<b>Fingerprint Technology </b>\r\nLike every human, a user in the network leaves a digital fingerprint. This fingerprint can be created from hundreds of properties. The fingerprint identification of Link11 analyzes the behavior and the mark left by the user's browser and computer. On this basis, it creates the digital DNA of every user, which is compared in real time with known threat patterns. \r\n<b>Instant protection in the event of an attack </b>\r\nAt the customer's request, all unwanted traffic variants, such as UDP or ICMP, can be blocked. In the event of an attack, the Link11 Security Operation Center informs you immediately and initiates all required protection measures. If an enterprise opts for the always-on variant via BGP, Link11 offers 24/7 support and detects and acts automatically in the event of an attack. \r\n<b>Your Link11 Dashboard </b>\r\n<b>Reporting </b>\r\nThe reports enable the scheduled generation of customized reports in a management overview. The reports can automatically be sent at regular intervals. All settings configured by the administrators in the user interface can be tracked and corrected ad hoc. \r\n<b>Diagnosis Dashboard </b>\r\nThe Diagnosis Dashboard features general DDoS information and draws attention to current threats. Additionally, a DDoS alert system and a DDoS traffic display provide a quick overview of the current security status. The settings area enables the adjustment of the granularity of the smart DDoS filter and the configuration of settings for approved and unwanted access by means of blacklists and whitelists. \r\n<b>Whitelist </b>\r\nThe whitelist makes it possible to setup permanent access for systems whose behavior deviates greatly from that of a normal user. For example, approved Internet crawlers are identified, and the compatibility with standard search engines, approved advertising bots, and administrators is guaranteed. \r\n<b>Alert Function </b>\r\nAn alert function can notify the user about urgent threats by means of text messages. For every blocked connection, the blocking list indicates the reason for the filtering, the place of origin, and the duration of the connection. In this blocking list, blocked connections can also be unblocked for future connection attempts. ","shortDescription":"DDoS Protection Guaranteed\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":8,"sellingCount":15,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Link11 DDoS Protection","keywords":"","description":"<b>Your Benefits of the Link11 DDoS protection</b>\r\n<b>No additional hardware </b>\r\nConcentrate on what matters. You do not need to make expensive investments in additional hardware and cumbersome staff training. Link11 DDoS protection is fully cloud-based and","og:title":"Link11 DDoS Protection","og:description":"<b>Your Benefits of the Link11 DDoS protection</b>\r\n<b>No additional hardware </b>\r\nConcentrate on what matters. You do not need to make expensive investments in additional hardware and cumbersome staff training. Link11 DDoS protection is fully cloud-based and","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Link11.jpg"},"eventUrl":"","translationId":5378,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":5381,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Neustar.png","logo":true,"scheme":false,"title":"Neustar NetProtect","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"neustar-netprotect","companyTitle":"Neustar, Inc.","companyTypes":["supplier","vendor"],"companyId":5507,"companyAlias":"neustar-inc","description":"NetProtect ensures that no matter where your organization is located, in a major metro area or smaller city, or how demanding your performance requirements are, we can connect our dedicated multi-terabit scrubbing centers to one or more global data centers. This allows us to seamlessly return clean traffic to your organization and enables you to maintain an exceptional online customer experience.\r\n<b>Features:</b>\r\n<b>Dedicated Global Multi-Terabit DDoS Mitigation Network </b>\r\nNeustar has the industry’s largest network, with 14 global data centers and 11.8+ Tbps of scrubbing power to deliver unmatched DDoS mitigation and application layer security. This means that no matter where an organization is located, we have a Neustar scrubbing center strategically located to ensure minimal latency. \r\n<b>Direct Connection at 500+ Data Centers Around the World </b>\r\nNeustar has strategic relationships with data center and network providers with a presence in more than 500 on-net data centers around the world. This means we can directly connect our dedicated multi-terabit scrubbing centers to one or more of these global data centers, allowing us to seamlessly return clean traffic to organizations in both major metropolitan centers and smaller cities. \r\n<b>Industry Leading 100 Gbps Connectivity </b>\r\nOnce traffic is cleaned at one of our dedicated scrubbing centers, the next step is to get the traffic back to you as quickly and efficiently as possible. Since many of our customers have high-performance requirements to ensure a seamless customer experience, we can provide connectivity to over 100 Gbps of clean data bandwidth. This means there is no need to rely on complicated-to-configure, bandwidth-limited tunneling protocols to return clean data. \r\n<b>24/7 Security Operations Center Support </b>\r\nNeustar’s SOC is always available, staffed by senior-level DDoS mitigation professionals who have the expertise, skills and tools to thwart even the most sophisticated cyberattacks. \r\nBenefits:\r\n<ul> <li>Industry’s Largest Carrier-Grade Dedicated DDoS Mitigation Network </li> <li>Direct Connection at 500+ Data Centers Around the World </li> <li>Multiple Tier-1 Data Center Partners </li> <li>Industry-Leading 100Gbps Connectivity </li> <li>Extensive Technology and Expertise </li> </ul>","shortDescription":"High Performance DDoS mitigation\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":10,"sellingCount":18,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Neustar NetProtect","keywords":"","description":"NetProtect ensures that no matter where your organization is located, in a major metro area or smaller city, or how demanding your performance requirements are, we can connect our dedicated multi-terabit scrubbing centers to one or more global data centers. Th","og:title":"Neustar NetProtect","og:description":"NetProtect ensures that no matter where your organization is located, in a major metro area or smaller city, or how demanding your performance requirements are, we can connect our dedicated multi-terabit scrubbing centers to one or more global data centers. Th","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Neustar.png"},"eventUrl":"","translationId":5380,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":5383,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/NeuVector.png","logo":true,"scheme":false,"title":"NeuVector Complete Run-Time Security","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"neuvector-complete-run-time-security","companyTitle":"NeuVector Inc.","companyTypes":["supplier","vendor"],"companyId":5754,"companyAlias":"neuvector-inc","description":"<b>Visibility and Security: The NeuVector 'Kubernetes Container Security Platform' </b>\r\nNeuVector provides a highly automated complete run-time container security solution that adapts easily to your changing environment and secures containers at their most vulnerable point – during run-time. The declarative security policy ensures that applications scale up or scale down quickly without manual intervention. The NeuVector solution is a Red Hat and Docker Certified container itself which deploys easily on each host, providing a container firewall, container process/file system monitoring, security auditing with CIS benchmarks, and vulnerability scanning. Protect sensitive data with Container DLP and secure service mesh workloads with NeuVector. \r\n<b>Discover Application Behavior and Detect Violations </b>\r\nNeuVector discovers the normal behavior of container processes, file system, and network activity and automatically builds a security policy to protect container based services. Using Layer 7 network inspection, unauthorized connections between containers or from external networks can be blocked without disrupting normal container sessions. \r\n<ul> <li>Behavioral learning discovers behavior of applications and services to isolate them from attacks </li> <li>Creates a declarative security policy based on built-in support for applications & protocols, even custom ones </li> <li>Prevents unauthorized connections without disrupting running containers using network firewall technology </li> </ul>\r\n<b>Detect and Mitigate Application Threats </b>\r\nWith Layer 7 network inspection, application level attacks such as DDoS and DNS on containers are detected and prevented. Real-time detection and alerting adds a layer of network security to the dynamic container environment, even for trusted or encrypted connections in a service mesh. \r\n<ul> <li>Protects containers against attacks from internal and external networks </li> <li>Prevent data stealing attacks which use DNS and ICMP tunneling techniques </li> <li>Automatically captures packet used in an attack </li> </ul>\r\n<b>Run-Time Vulnerability Scanning & CIS Benchmarks </b>\r\nNeuVector automates security for the entire CI/CD pipeline, from Build to Ship to Run, with the fastest image scanner available. Run-time vulnerability scanning automatically scans all new containers and hosts. \r\n<ul> <li>Run-time vulnerability scanning for containers, hosts, and orchestration platforms </li> <li>Auto-container scanning triggered upon any changes in container file system </li> <li>Audits host and container security with Docker Bench and Kubernetes CIS Benchmark for security tests </li> </ul>\r\n<b>Review and Reduce Container Security Run-Time Risk </b>\r\nRisk Scores and Reports help container security teams better assess the security posture of deployed services in production. Widgets and downloadable reports provide security risk scores for the most critical run-time attack risks: network-based attacks and vulnerability exploits in containers, including east-west attacks, ingress/egress connections, and damaging vulnerability exploits. \r\n<ul> <li>Review overall and individual risk scores for vulnerability exploits and network attacks, complete with advice on how to improve score </li> <li>Generate pdf risk reports, security incident details, and vulnerability scanning </li> <li>Evaluate all application protocols including network usage for each protocol in gigabytes </li> </ul>\r\n<b>Integrate with Orchestration Tools, Reporting Tools, and other Enterprise Infrastructure </b>\r\nNeuVector simplifies deployment and management with the most extensive integration with orchestration and other enterprise tools. Enforce admission controls and RBACs with Kubernetes integration or automatically integrate with Red Hat OpenShift RBACs. Use existing SIEM and monitoring tools with NeuVector. \r\n<ul> <li>Prevent vulnerable images from being deployed with admission control integration </li> <li>Supports SYSLOG and webhooks for notifications into SIEM, Slack and other alerting systems </li> <li>Map user roles with LDAP integration and single sign-on (SSO) with SAML support </li> </ul>","shortDescription":"The Industry’s First Run-Time Container Security Platform with Deep Network Visibility and Protection\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":20,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"NeuVector Complete Run-Time Security","keywords":"","description":"<b>Visibility and Security: The NeuVector 'Kubernetes Container Security Platform' </b>\r\nNeuVector provides a highly automated complete run-time container security solution that adapts easily to your changing environment and secures containers at their most vu","og:title":"NeuVector Complete Run-Time Security","og:description":"<b>Visibility and Security: The NeuVector 'Kubernetes Container Security Platform' </b>\r\nNeuVector provides a highly automated complete run-time container security solution that adapts easily to your changing environment and secures containers at their most vu","og:image":"https://old.roi4cio.com/fileadmin/user_upload/NeuVector.png"},"eventUrl":"","translationId":5382,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":6407,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Soterion.png","logo":true,"scheme":false,"title":"Soterion","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"soterion","companyTitle":"Soterion","companyTypes":["vendor"],"companyId":8966,"companyAlias":"soterion","description":"<b>Access Risk Manager </b>\r\nSoterion’s Access Risk Manager will provide customers with the ability to identify their SAP access risk exposure using a user-friendly web application. Additional functionality besides access risk identification includes risk remediation recommendations, as well to make use of the “What-if” Allocation Simulator. The Simulator will allow you to pre-empt risk bearing access prior to applying the change request in SAP, thus ensuring a pro-active approach to SAP access risk management. \r\n<b>SAP License Manager </b>\r\nSoterion’s SAP Licensing Manager provides you with the insight you need to tailor your SAP license agreement to your organisation’s specific requirements; ensuring optimal contract management and complete compliance whilst reducing unplanned and excess costs. \r\n<b>Periodic Review Manager </b>\r\nPeriodically reviewing your SAP user access, analysing the associated risks and evaluating the necessary controls will coordinate your GRC capacity with your individual business targets. Besides this process being an audit and statutory requirement in many business environments, it also significantly enhances insight into your GRC environment. \r\n<b>Reasons to believe </b>\r\n<ul> <li>Instant GRC access risk visibility. Move from no GRC access risk visibility to full visibility, within 24 hours. With our seamless data extraction process and intuitive interface, you won’t require any technical knowledge getting set up. </li> <li>Insights As You Need Them. Avoid external audit surprises by viewing easy-to-understand access risk reports as and when you need to. </li> <li>Pay As You Go. Benefit from lower cost of ownership by avoiding the expense of a full time on premise solution and the staff to support it. No fixed term contract requirements. </li> <li>Easy to Use. Our platform is extremely intuitive, and requires no GRC technical knowledge. Our business-friendly reporting tools allow focussed reports by business area. </li> <li>Guided, Step By Step GRC Maturity Process. Use our proprietary GRC Maturity Model to benchmark your current GRC maturity level. Enhance your GRC capability by following the provided recommendations. </li> <li>Simulate changes before applying them. Play it safe with our Allocation Simulator which runs pre-emptive “what-if” analyses, showing you the impact before making changes in SAP. </li> </ul>","shortDescription":"Soterion's SAP Compliance Cloud gives you what you need, when you need it.\r\n\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Soterion","keywords":"","description":"<b>Access Risk Manager </b>\r\nSoterion’s Access Risk Manager will provide customers with the ability to identify their SAP access risk exposure using a user-friendly web application. Additional functionality besides access risk identification includes risk reme","og:title":"Soterion","og:description":"<b>Access Risk Manager </b>\r\nSoterion’s Access Risk Manager will provide customers with the ability to identify their SAP access risk exposure using a user-friendly web application. Additional functionality besides access risk identification includes risk reme","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Soterion.png"},"eventUrl":"","translationId":6407,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":52,"title":"SaaS - software as a service","alias":"saas-software-as-a-service","description":"<span style=\"font-weight: bold;\">Software as a service (SaaS)</span> is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. It is sometimes referred to as "on-demand software", and was formerly referred to as "software plus services" by Microsoft.\r\n SaaS services is typically accessed by users using a thin client, e.g. via a web browser. SaaS software solutions has become a common delivery model for many business applications, including office software, messaging software, payroll processing software, DBMS software, management software, CAD software, development software, gamification, virtualization, accounting, collaboration, customer relationship management (CRM), Management Information Systems (MIS), enterprise resource planning (ERP), invoicing, human resource management (HRM), talent acquisition, learning management systems, content management (CM), Geographic Information Systems (GIS), and service desk management. SaaS has been incorporated into the strategy of nearly all leading enterprise software companies.\r\nSaaS applications are also known as <span style=\"font-weight: bold;\">Web-based software</span>, <span style=\"font-weight: bold;\">on-demand software</span> and<span style=\"font-weight: bold;\"> hosted software</span>.\r\nThe term "Software as a Service" (SaaS) is considered to be part of the nomenclature of cloud computing, along with Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Desktop as a Service (DaaS),managed software as a service (MSaaS), mobile backend as a service (MBaaS), and information technology management as a service (ITMaaS).\r\nBecause SaaS is based on cloud computing it saves organizations from installing and running applications on their own systems. That eliminates or at least reduces the associated costs of hardware purchases and maintenance and of software and support. The initial setup cost for a SaaS application is also generally lower than it for equivalent enterprise software purchased via a site license.\r\nSometimes, the use of SaaS cloud software can also reduce the long-term costs of software licensing, though that depends on the pricing model for the individual SaaS offering and the enterprise’s usage patterns. In fact, it’s possible for SaaS to cost more than traditional software licenses. This is an area IT organizations should explore carefully.<br />SaaS also provides enterprises the flexibility inherent with cloud services: they can subscribe to a SaaS offering as needed rather than having to buy software licenses and install the software on a variety of computers. The savings can be substantial in the case of applications that require new hardware purchases to support the software.<br /><br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Who uses SaaS?</span></h1>\r\nIndustry analyst Forrester Research notes that SaaS adoption has so far been concentrated mostly in human resource management (HRM), customer relationship management (CRM), collaboration software (e.g., email), and procurement solutions, but is poised to widen. Today it’s possible to have a data warehouse in the cloud that you can access with business intelligence software running as a service and connect to your cloud-based ERP like NetSuite or Microsoft Dynamics.The dollar savings can run into the millions. And SaaS installations are often installed and working in a fraction of the time of on-premises deployments—some can be ready in hours. \r\nSales and marketing people are likely familiar with Salesforce.com, the leading SaaS CRM software, with millions of users across more than 100,000 customers. Sales is going SaaS too, with apps available to support sales in order management, compensation, quote production and configure, price, quoting, electronic signatures, contract management and more.\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Why SaaS? Benefits of software as a service</span></h1>\r\n<ul><li><span style=\"font-weight: bold;\">Lower cost of entry</span>. With SaaS solution, you pay for what you need, without having to buy hardware to host your new applications. Instead of provisioning internal resources to install the software, the vendor provides APIs and performs much of the work to get their software working for you. The time to a working solution can drop from months in the traditional model to weeks, days or hours with the SaaS model. In some businesses, IT wants nothing to do with installing and running a sales app. In the case of funding software and its implementation, this can be a make-or-break issue for the sales and marketing budget, so the lower cost really makes the difference.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Reduced time to benefit/rapid prototyping</span>. In the SaaS model, the software application is already installed and configured. Users can provision the server for the cloud and quickly have the application ready for use. This cuts the time to benefit and allows for rapid demonstrations and prototyping. With many SaaS companies offering free trials, this means a painless proof of concept and discovery phase to prove the benefit to the organization. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Pay as you go</span>. SaaS business software gives you the benefit of predictable costs both for the subscription and to some extent, the administration. Even as you scale, you can have a clear idea of what your costs will be. This allows for much more accurate budgeting, especially as compared to the costs of internal IT to manage upgrades and address issues for an owned instance.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">The SaaS vendor is responsible for upgrades, uptime and security</span>. Under the SaaS model, since the software is hosted by the vendor, they take on the responsibility for maintaining the software and upgrading it, ensuring that it is reliable and meeting agreed-upon service level agreements, and keeping the application and its data secure. While some IT people worry about Software as a Service security outside of the enterprise walls, the likely truth is that the vendor has a much higher level of security than the enterprise itself would provide. Many will have redundant instances in very secure data centers in multiple geographies. Also, the data is being automatically backed up by the vendor, providing additional security and peace of mind. Because of the data center hosting, you’re getting the added benefit of at least some disaster recovery. Lastly, the vendor manages these issues as part of their core competencies—let them.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Integration and scalability.</span> Most SaaS apps are designed to support some amount of customization for the way you do business. SaaS vendors create APIs to allow connections not only to internal applications like ERPs or CRMs but also to other SaaS providers. One of the terrific aspects of integration is that orders written in the field can be automatically sent to the ERP. Now a salesperson in the field can check inventory through the catalog, write the order in front of the customer for approval, send it and receive confirmation, all in minutes. And as you scale with a SaaS vendor, there’s no need to invest in server capacity and software licenses. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Work anywhere</span>. Since the software is hosted in the cloud and accessible over the internet, users can access it via mobile devices wherever they are connected. This includes checking customer order histories prior to a sales call, as well as having access to real time data and real time order taking with the customer.</li></ul>\r\n<p class=\"align-left\"> </p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/SaaS__1_.png"},{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":5385,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Nexusguard.png","logo":true,"scheme":false,"title":"Nexusguard DNS Protection","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"nexusguard-dns-protection","companyTitle":"Nexusguard","companyTypes":["supplier","vendor"],"companyId":6806,"companyAlias":"nexusguard","description":"<b>Features:</b>\r\n<b>Always-on DNS Service Protection </b>\r\nBy hosting zone records fetched from your DNS server or using cached DNS data, our servers replace or complement your DNS servers. Legitimate DNS queries are answered by Nexusguard’s cloud and malicious queries are dropped immediately. \r\n<b>Easy Deployment </b>\r\nMigrate zone files from your DNS server to Nexusguard’s DDoS-proof DNS servers or give us the IP addresses of your authoritative DNS servers. Nexusguard will then be set as an authoritative server for your domain name zone via DNS reverse proxy. \r\n<b>Fast, Resilient DNS </b>\r\nThe multiple, geographically distributed nodes in Nexusguard's global scrubbing network mean performance deteriorations or service breaks in any single node will not bring down your domains. Load balancing results in faster DNS query times and faster page loads. \r\n<b>Additional Layer of Security </b>\r\nDNSSEC (Domain Name System Security Extensions) adds security by enabling the validation of DNS responses. You can have it enabled during zone transfer and implemented on existing zones to make DNS less vulnerable to common spoofing attacks. \r\n<b>Benfits:</b>\r\n<ul> <li>Intuitive Customer Portal. View query stats and bandwidth used; add, remove, and manage domains under protection; configure domain settings; import/export zone files; replicate DNS data; and manage SOA (Start of Authority) and NS (Name Server) records. </li> <li>No Security Loopholes. Various security vulnerabilities associated with DNS service, such as spoofing, DNS server cache snooping, dynamic update security threats, and fingerprinting are all addressed. </li> <li>DNS CAA (Certification Authority Authorization) Support. Specify and authorize the certificate authorities (CAs) that can issue certificates for your domain. </li> <li>Google 2FA (Two-factor Authentication). Activate 2FA to protect unwanted access to your Nexusguard DNS Protection account. </li> </ul>","shortDescription":"Nexusguard handles all incoming DNS queries and leverages layered security and our global capacity to mitigate and absorb every attack.\r\n\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":18,"sellingCount":2,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Nexusguard DNS Protection","keywords":"","description":"<b>Features:</b>\r\n<b>Always-on DNS Service Protection </b>\r\nBy hosting zone records fetched from your DNS server or using cached DNS data, our servers replace or complement your DNS servers. Legitimate DNS queries are answered by Nexusguard’s cloud and malicio","og:title":"Nexusguard DNS Protection","og:description":"<b>Features:</b>\r\n<b>Always-on DNS Service Protection </b>\r\nBy hosting zone records fetched from your DNS server or using cached DNS data, our servers replace or complement your DNS servers. Legitimate DNS queries are answered by Nexusguard’s cloud and malicio","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Nexusguard.png"},"eventUrl":"","translationId":5384,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":5387,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/qrator.png","logo":true,"scheme":false,"title":"Qrator DDoS Protection","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"qrator-ddos-protection","companyTitle":"Qrator","companyTypes":["vendor"],"companyId":8435,"companyAlias":"qrator","description":"The Qrator network is designed and built to operate under constant pressure of a large number of DDoS attacks. The nodes of the network are connected to the channels of the largest mainline Internet service providers of United States, Russia, Eastern and Western Europe, Southeast Asia. This means that, unlike hosting providers’ networks (especially ones that provide virtual hosting), our network is able to handle extreme loads and the attack on one of our customer’s domains won’t affect the performance of other domains in any way. \r\n<b>DDoS Classification </b>\r\nThe main criteria for classification is determining which parts of the network are targeted by the attack. We classify DDoS attacks by the following layers: \r\n<ul> <li>Channel capacity </li> <li>Network infrastructure </li> <li>Protocol stack </li> <li>Web application </li> </ul>\r\n<b>Specifications </b>\r\nThe Qrator network specifications are represented by the following basic features: \r\n<ul> <li>~1000Gbps passive bandwidth – determined IP packet processing without establishing TCP connection </li> <li>>300Gbps active bandwidth – every incoming TCP connection is processed and analyzed </li> <li><5% false-positive incidents during DDoS attack mitigation </li> <li>Time needed by the network to learn, counted from the moment of connection </li> <li>Added latency when traffic proxying is used – 0 to 100ms. In case HTTP traffic comes through the proxy, due to using persistent HTTP connections with your protected service there is a possibility of increase in its performance. </li> </ul>","shortDescription":"The Qrator network is designed and built to operate under constant pressure of a large number of DDoS attacks","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":18,"sellingCount":7,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Qrator DDoS Protection","keywords":"","description":"The Qrator network is designed and built to operate under constant pressure of a large number of DDoS attacks. The nodes of the network are connected to the channels of the largest mainline Internet service providers of United States, Russia, Eastern and Weste","og:title":"Qrator DDoS Protection","og:description":"The Qrator network is designed and built to operate under constant pressure of a large number of DDoS attacks. The nodes of the network are connected to the channels of the largest mainline Internet service providers of United States, Russia, Eastern and Weste","og:image":"https://old.roi4cio.com/fileadmin/user_upload/qrator.png"},"eventUrl":"","translationId":5386,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":6411,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Sparrow.png","logo":true,"scheme":false,"title":"Sparrow InteractiveHUB","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"sparrow-interactivehub","companyTitle":"Sparrow","companyTypes":["vendor"],"companyId":8967,"companyAlias":"sparrow","description":"<b>Features:</b>\r\n<i>Integrated management </i>\r\n<ul> <li>Gather analysis results of AST tools and classifies them by type (providing statistics, indicators, trend graphs, etc.) </li> <li>Generate risk index and identify risk levels by analyzing vulnerability analysis results </li> <li>Provide API to work with various vulnerability analysis tools </li></ul>\r\n<i>Vulnerability correlation </i>\r\n<ul> <li>Identify the same vulnerability among the detection results of different tools and allow users to overview various detailed vulnerability information from various tools at once </li> <li>Identify source code associated information and vulnerabilities that cause the vulnerability </li></ul>\r\n<i>Improve performance </i>\r\n<ul> <li>Provide API that can enable interaction among application security testing tools </li> <li>Provide API for storing various data generated by application security testing tools as interaction information (that can be used in other solutions) </li> <li>Improve vulnerability detection by using stored interaction information from other tools </li></ul>\r\n<b>Benefits:</b>\r\n<i>Manageability </i>\r\n<ul> <li>Enable to manage security vulnerabilities detected during development, testing, operation of web application </li> </ul>\r\n<i>Interaction </i>\r\n<ul> <li>Enable interaction among various application security testing tools </li> <li>Enable each AST tools to use the stored interaction information to improve efficiency and performance </li></ul>\r\n<i>Correlation</i>\r\n<ul> <li>Improve performance and remediation process by providing associated information among vulnerabilities detected by SAST, DAST, and RASP </li></ul>","shortDescription":"Integrate and manage security vulnerabilities\r\nthroughout the SDLC.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Sparrow InteractiveHUB","keywords":"","description":"<b>Features:</b>\r\n<i>Integrated management </i>\r\n<ul> <li>Gather analysis results of AST tools and classifies them by type (providing statistics, indicators, trend graphs, etc.) </li> <li>Generate risk index and identify risk levels by analyzing vulnerability ","og:title":"Sparrow InteractiveHUB","og:description":"<b>Features:</b>\r\n<i>Integrated management </i>\r\n<ul> <li>Gather analysis results of AST tools and classifies them by type (providing statistics, indicators, trend graphs, etc.) </li> <li>Generate risk index and identify risk levels by analyzing vulnerability ","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Sparrow.png"},"eventUrl":"","translationId":6411,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":52,"title":"SaaS - software as a service","alias":"saas-software-as-a-service","description":"<span style=\"font-weight: bold;\">Software as a service (SaaS)</span> is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. It is sometimes referred to as "on-demand software", and was formerly referred to as "software plus services" by Microsoft.\r\n SaaS services is typically accessed by users using a thin client, e.g. via a web browser. SaaS software solutions has become a common delivery model for many business applications, including office software, messaging software, payroll processing software, DBMS software, management software, CAD software, development software, gamification, virtualization, accounting, collaboration, customer relationship management (CRM), Management Information Systems (MIS), enterprise resource planning (ERP), invoicing, human resource management (HRM), talent acquisition, learning management systems, content management (CM), Geographic Information Systems (GIS), and service desk management. SaaS has been incorporated into the strategy of nearly all leading enterprise software companies.\r\nSaaS applications are also known as <span style=\"font-weight: bold;\">Web-based software</span>, <span style=\"font-weight: bold;\">on-demand software</span> and<span style=\"font-weight: bold;\"> hosted software</span>.\r\nThe term "Software as a Service" (SaaS) is considered to be part of the nomenclature of cloud computing, along with Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Desktop as a Service (DaaS),managed software as a service (MSaaS), mobile backend as a service (MBaaS), and information technology management as a service (ITMaaS).\r\nBecause SaaS is based on cloud computing it saves organizations from installing and running applications on their own systems. That eliminates or at least reduces the associated costs of hardware purchases and maintenance and of software and support. The initial setup cost for a SaaS application is also generally lower than it for equivalent enterprise software purchased via a site license.\r\nSometimes, the use of SaaS cloud software can also reduce the long-term costs of software licensing, though that depends on the pricing model for the individual SaaS offering and the enterprise’s usage patterns. In fact, it’s possible for SaaS to cost more than traditional software licenses. This is an area IT organizations should explore carefully.<br />SaaS also provides enterprises the flexibility inherent with cloud services: they can subscribe to a SaaS offering as needed rather than having to buy software licenses and install the software on a variety of computers. The savings can be substantial in the case of applications that require new hardware purchases to support the software.<br /><br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Who uses SaaS?</span></h1>\r\nIndustry analyst Forrester Research notes that SaaS adoption has so far been concentrated mostly in human resource management (HRM), customer relationship management (CRM), collaboration software (e.g., email), and procurement solutions, but is poised to widen. Today it’s possible to have a data warehouse in the cloud that you can access with business intelligence software running as a service and connect to your cloud-based ERP like NetSuite or Microsoft Dynamics.The dollar savings can run into the millions. And SaaS installations are often installed and working in a fraction of the time of on-premises deployments—some can be ready in hours. \r\nSales and marketing people are likely familiar with Salesforce.com, the leading SaaS CRM software, with millions of users across more than 100,000 customers. Sales is going SaaS too, with apps available to support sales in order management, compensation, quote production and configure, price, quoting, electronic signatures, contract management and more.\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Why SaaS? Benefits of software as a service</span></h1>\r\n<ul><li><span style=\"font-weight: bold;\">Lower cost of entry</span>. With SaaS solution, you pay for what you need, without having to buy hardware to host your new applications. Instead of provisioning internal resources to install the software, the vendor provides APIs and performs much of the work to get their software working for you. The time to a working solution can drop from months in the traditional model to weeks, days or hours with the SaaS model. In some businesses, IT wants nothing to do with installing and running a sales app. In the case of funding software and its implementation, this can be a make-or-break issue for the sales and marketing budget, so the lower cost really makes the difference.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Reduced time to benefit/rapid prototyping</span>. In the SaaS model, the software application is already installed and configured. Users can provision the server for the cloud and quickly have the application ready for use. This cuts the time to benefit and allows for rapid demonstrations and prototyping. With many SaaS companies offering free trials, this means a painless proof of concept and discovery phase to prove the benefit to the organization. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Pay as you go</span>. SaaS business software gives you the benefit of predictable costs both for the subscription and to some extent, the administration. Even as you scale, you can have a clear idea of what your costs will be. This allows for much more accurate budgeting, especially as compared to the costs of internal IT to manage upgrades and address issues for an owned instance.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">The SaaS vendor is responsible for upgrades, uptime and security</span>. Under the SaaS model, since the software is hosted by the vendor, they take on the responsibility for maintaining the software and upgrading it, ensuring that it is reliable and meeting agreed-upon service level agreements, and keeping the application and its data secure. While some IT people worry about Software as a Service security outside of the enterprise walls, the likely truth is that the vendor has a much higher level of security than the enterprise itself would provide. Many will have redundant instances in very secure data centers in multiple geographies. Also, the data is being automatically backed up by the vendor, providing additional security and peace of mind. Because of the data center hosting, you’re getting the added benefit of at least some disaster recovery. Lastly, the vendor manages these issues as part of their core competencies—let them.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Integration and scalability.</span> Most SaaS apps are designed to support some amount of customization for the way you do business. SaaS vendors create APIs to allow connections not only to internal applications like ERPs or CRMs but also to other SaaS providers. One of the terrific aspects of integration is that orders written in the field can be automatically sent to the ERP. Now a salesperson in the field can check inventory through the catalog, write the order in front of the customer for approval, send it and receive confirmation, all in minutes. And as you scale with a SaaS vendor, there’s no need to invest in server capacity and software licenses. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Work anywhere</span>. Since the software is hosted in the cloud and accessible over the internet, users can access it via mobile devices wherever they are connected. This includes checking customer order histories prior to a sales call, as well as having access to real time data and real time order taking with the customer.</li></ul>\r\n<p class=\"align-left\"> </p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/SaaS__1_.png"},{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":5133,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/neupart.png","logo":true,"scheme":false,"title":"Neupart ISO 27005 Risk Management","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"neupart-iso-27005-risk-management","companyTitle":"Neupart","companyTypes":["vendor"],"companyId":8204,"companyAlias":"neupart","description":"With Secure ISMS Risk you no longer have to email complex spreadsheets back and forth. Secure ISMS Risk will help you maintain a more accurate overview of your risks. You will also be better equipped to manage your recurring treatment processes, e.g. Risk Acceptance, Risk Reduction, Risk Sharing, or Risk Avoidance.\r\nWhen handling IT risk management, it is important to keep track of the threats that pose a risk to your organisation. Secure ISMS Risk comes with several features such as a global threat catalogue which allows you to sort by relevance and frequency of the threats to your organisation.\r\nSecure ISMS Risk can be delivered to you as a cloud service or on-premise software.\r\n<b>Key Features:</b>\r\n<ul> <li>Risk Treatment Processes </li> <li>Business Impact Assessments </li> <li>Vulnerability Analysis </li> <li>Reporting using a combination of static and dynamic reports with rich customization options </li> <li>Structured Threat Catalogue </li> <li>IT Risk Assessment Template </li> <li>Asset Management </li> <li>API and connectors allows asset synchronization </li> <li>Compliance and security task management </li> <li>Based on best practices ISO 27005 and NIST SP-800-37/39 </li> </ul>","shortDescription":"Spend less time on IT risk management and maintain a more accurate overview of the real risks your organisation faces. Manage your risk treatment processes in accordance with international standards.\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":10,"sellingCount":2,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Neupart ISO 27005 Risk Management","keywords":"","description":"With Secure ISMS Risk you no longer have to email complex spreadsheets back and forth. Secure ISMS Risk will help you maintain a more accurate overview of your risks. You will also be better equipped to manage your recurring treatment processes, e.g. Risk Acce","og:title":"Neupart ISO 27005 Risk Management","og:description":"With Secure ISMS Risk you no longer have to email complex spreadsheets back and forth. Secure ISMS Risk will help you maintain a more accurate overview of your risks. You will also be better equipped to manage your recurring treatment processes, e.g. Risk Acce","og:image":"https://old.roi4cio.com/fileadmin/user_upload/neupart.png"},"eventUrl":"","translationId":5132,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":5389,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/quantil.png","logo":true,"scheme":false,"title":"Quantil Cloud Security","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"quantil-cloud-security","companyTitle":"Quantil","companyTypes":["vendor"],"companyId":8436,"companyAlias":"quantil","description":"<b>DDoS Attack Detection </b>\r\n<i>Advanced traffic monitoring for immediate threat detection </i>\r\nOur advanced origin server monitoring tools detect potential DDoS attacks at the network and application layer, which triggers an immediate alert. \r\n<b>DDoS Bandwidth Capacity </b>\r\n<i>Mitigate up to 1 Tbps of malicious traffic across our network </i>\r\nSecure your origin server by mitigating malicious traffic from DDoS attacks across our global network, preventing downtime and potential data breaches. \r\n<b>In-Depth Security Reports </b>\r\n<i>Understand DDoS attacks and improve protective measures </i>\r\nAccess comprehensive information about DDoS attacks to your network through our portal or security reports. This includes the attacker IP, region, domain names, attack types and frequency, targeted URLs, attack traffic, bandwidth, and duration, and more. \r\n<b>Intelligent Blacklisting </b>\r\n<i>Monitor and control traffic to your content </i>\r\nAccess frequency, traffic frequency, amount of traffic, and total traffic per IP address or URL are monitored, and IPs or URLs are dynamically blacklisted to prevent potential attacks. \r\n<b>Customizable DDoS Mitigation Actions </b>\r\n<i>Automate required actions for additional protection </i>\r\nWhen a potential threat is detected, automated actions can be enabled, such as access blocks, requests for CAPTCHA, JS redirects, page redirects, and others. \r\n<b>Web Application Firewall (WAF) </b>\r\n<i>Protect your website applications from malicious HTTP requests </i>\r\nThreats to your website applications, such as SQL injection, cross-site scripting, and malicious crawlers are prevented at the edge using our global network of 650 edge nodes. Cyber threats are blocked without affecting your web application performance. ","shortDescription":"Protect your cloud content against threats with advanced cloud security, including DDoS attack mitigation and Web Application Firewall.\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":8,"sellingCount":15,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Quantil Cloud Security","keywords":"","description":"<b>DDoS Attack Detection </b>\r\n<i>Advanced traffic monitoring for immediate threat detection </i>\r\nOur advanced origin server monitoring tools detect potential DDoS attacks at the network and application layer, which triggers an immediate alert. \r\n<b>DDoS Band","og:title":"Quantil Cloud Security","og:description":"<b>DDoS Attack Detection </b>\r\n<i>Advanced traffic monitoring for immediate threat detection </i>\r\nOur advanced origin server monitoring tools detect potential DDoS attacks at the network and application layer, which triggers an immediate alert. \r\n<b>DDoS Band","og:image":"https://old.roi4cio.com/fileadmin/user_upload/quantil.png"},"eventUrl":"","translationId":5388,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":4366,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/ServerChoice.png","logo":true,"scheme":false,"title":"CORE Security","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"core-security","companyTitle":"ServerChoice","companyTypes":["supplier","vendor"],"companyId":6756,"companyAlias":"serverchoice","description":"<p class=\"align-center\"><span style=\"font-weight: bold;\">Introducing CORE Security</span></p>\r\nWhen it comes to securing your cloud, you need to peace of mind that security’s at the core of your hosted infrastructure. That’s why we’ve put together three ServerChoice CORE Security™ packages, with varying levels of protection, so you can get best-fit cyber security for your organisation.\r\n<p class=\"align-center\"><span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">CORE Base</span></span></p>\r\n<ul><li>Two-factor authentication</li><li>TrendMicro anti-virus & malware protection</li><li>Vulnerability scanning: Unmanaged Quarterly</li><li>System hardening</li><li>Next-generation firewall</li><li>Advanced DDoS mitigation: Standard (20 Gbps)</li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\"><span style=\"font-style: italic;\">CORE Enterprise</span></span></p>\r\n<ul><li>Two-factor authentication</li><li>TrendMicro anti-virus & malware protection</li><li>Vulnerability scanning: Unmanaged Monthly</li><li>System hardening</li><li>Next-generation firewall</li><li>File integrity monitoring</li><li>Advanced DDoS mitigation: Enhanced (250 Gbps)</li><li>24/7 SIEM services</li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\"><span style=\"font-style: italic;\">CORE Platinum</span></span></p>\r\n<ul><li>Two-factor authentication</li><li>TrendMicro anti-virus & malware protection</li><li>Vulnerability scanning: Managed Monthly</li><li>System hardening</li><li>Next-generation firewall</li><li>File integrity monitoring</li><li>Advanced DDoS mitigation</li><li>Pro (Terabit+)</li><li>24/7 SIEM services</li><li>Intrusion Prevention System (IPS)</li></ul>\r\n<p class=\"align-center\"><span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Bolt-on CORE Security™ Services</span></span></p>\r\nIn addition to the above security packages, we offer a range of additional security enhancements to deliver maximum protection from cyber threats:\r\n<ul><li>Data loss prevention (DLP)</li><li>Web application firewalls (WAF)</li><li>Penetration testing</li><li>URL filtering (Virtual Desktops only)</li><li>Email spam filtering and antivirus (Exchange only)</li><li>Compliance consultancy</li></ul>\r\n\r\n","shortDescription":"Flexible packages for enhanced securityю When it comes to securing your cloud, you need to peace of mind that security’s at the core of your hosted infrastructure. \r\n\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"CORE Security","keywords":"","description":"<p class=\"align-center\"><span style=\"font-weight: bold;\">Introducing CORE Security</span></p>\r\nWhen it comes to securing your cloud, you need to peace of mind that security’s at the core of your hosted infrastructure. That’s why we’ve put together three Server","og:title":"CORE Security","og:description":"<p class=\"align-center\"><span style=\"font-weight: bold;\">Introducing CORE Security</span></p>\r\nWhen it comes to securing your cloud, you need to peace of mind that security’s at the core of your hosted infrastructure. That’s why we’ve put together three Server","og:image":"https://old.roi4cio.com/fileadmin/user_upload/ServerChoice.png"},"eventUrl":"","translationId":4366,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":34,"title":"ITSM - IT Service Management","alias":"itsm-it-service-management","description":"<span style=\"font-weight: bold; \">IT service management (ITSM)</span> is the process of designing, delivering, managing, and improving the IT services an organization provides to its end users. ITSM is focused on aligning IT processes and services with business objectives to help an organization grow.\r\nITSM positions IT services as the key means of delivering and obtaining value, where an internal or external IT service provider works with business customers, at the same time taking responsibility for the associated costs and risks. ITSM works across the whole lifecycle of a service, from the original strategy, through design, transition and into live operation.\r\nTo ensure sustainable quality of IT services, ITSM establishes a set of practices, or processes, constituting a service management system. There are industrial, national and international standards for IT service management solutions, setting up requirements and good practices for the management system. \r\nITSM system is based on a set of principles, such as focusing on value and continual improvement. It is not just a set of processes – it is a cultural mindset to ensure that the desired outcome for the business is achieved. \r\n<span style=\"font-weight: bold; \">ITIL (IT Infrastructure Library)</span> is a framework of best practices and recommendations for managing an organization's IT operations and services. IT service management processes, when built based on the ITIL framework, pave the way for better IT service operations management and improved business. To summarize, ITIL is a set of guidelines for effective IT service management best practices. ITIL has evolved beyond the delivery of services to providing end-to-end value delivery. The focus is now on the co-creation of value through service relationships. \r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">ITSM processes typically include five stages, all based on the ITIL framework:</span></p>\r\n<span style=\"font-weight: bold; \">ITSM strategy.</span> This stage forms the foundation or the framework of an organization's ITSM process building. It involves defining the services that the organization will offer, strategically planning processes, and recognizing and developing the required assets to keep processes moving. \r\n<span style=\"font-weight: bold; \">Service design.</span> This stage's main aim is planning and designing the IT services the organization offers to meet business demands. It involves creating and designing new services as well as assessing current services and making relevant improvements.\r\n<span style=\"font-weight: bold; \">Service transition.</span> Once the designs for IT services and their processes have been finalized, it's important to build them and test them out to ensure that processes flow. IT teams need to ensure that the designs don't disrupt services in any way, especially when existing IT service processes are upgraded or redesigned. This calls for change management, evaluation, and risk management. \r\n<span style=\"font-weight: bold; \">Service operation. </span>This phase involves implementing the tried and tested new or modified designs in a live environment. While in this stage, the processes have already been tested and the issues fixed, but new processes are bound to have hiccups—especially when customers start using the services. \r\n<span style=\"font-weight: bold;\">Continual service improvement (CSI).</span> Implementing IT processes successfully shouldn't be the final stage in any organization. There's always room for improvement and new development based on issues that pop up, customer needs and demands, and user feedback.\r\n\r\n","materialsDescription":"<h1 class=\"align-center\">Benefits of efficient ITSM processes</h1>\r\nIrrespective of the size of business, every organization is involved in IT service management in some way. ITSM ensures that incidents, service requests, problems, changes, and IT assets—in addition to other aspects of IT services—are managed in a streamlined way.\r\nIT teams in your organization can employ various workflows and best practices in ITSM, as outlined in ITIL. Effective IT service management can have positive effects on an IT organization's overall function.\r\nHere are the 10 key benefits of ITSM:\r\n<ul><li> Lower costs for IT operations</li><li> Higher returns on IT investments</li><li> Minimal service outages</li><li> Ability to establish well-defined, repeatable, and manageable IT processes</li><li> Efficient analysis of IT problems to reduce repeat incidents</li><li> Improved efficiency of IT help desk teams</li><li> Well-defined roles and responsibilities</li><li> Clear expectations on service levels and service availability</li><li> Risk-free implementation of IT changes</li><li> Better transparency into IT processes and services</li></ul>\r\n<h1 class=\"align-center\">How to choose an ITSM tool?</h1>\r\nWith a competent IT service management goal in mind, it's important to invest in a service desk solution that caters to your business needs. It goes without saying, with more than 150 service desk tools to choose from, selecting the right one is easier said than done. Here are a few things to keep in mind when choosing an ITSM products:\r\n<span style=\"font-weight: bold; \">Identify key processes and their dependencies. </span>Based on business goals, decide which key ITSM processes need to be implemented and chart out the integrations that need to be established to achieve those goals. \r\n<span style=\"font-weight: bold; \">Consult with ITSM experts.</span> Participate in business expos, webinars, demos, etc., and educate yourself about the various options that are available in the market. Reports from expert analysts such as Gartner and Forrester are particularly useful as they include reviews of almost every solution, ranked based on multiple criteria.\r\n<span style=\"font-weight: bold; \">Choose a deployment option.</span> Every business has a different IT infrastructure model. Selecting an on-premises or software as a service (SaaS IT service management) tool depends on whether your business prefers to host its applications and data on its own servers or use a public or private cloud.\r\n<span style=\"font-weight: bold; \">Plan ahead for the future.</span> Although it's important to consider the "needs" primarily, you shouldn't rule out the secondary or luxury capabilities. If the ITSM tool doesn't have the potential to adapt to your needs as your organization grows, it can pull you back from progressing. Draw a clear picture of where your business is headed and choose an service ITSM that is flexible and technology-driven.\r\n<span style=\"font-weight: bold;\">Don't stop with the capabilities of the ITSM tool.</span> It might be tempting to assess an ITSM tool based on its capabilities and features but it's important to evaluate the vendor of the tool. A good IT support team, and a vendor that is endorsed for their customer-vendor relationship can take your IT services far. Check Gartner's magic quadrant and other analyst reports, along with product and support reviews to ensure that the said tool provides good customer support.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_ITSM.png"},{"id":52,"title":"SaaS - software as a service","alias":"saas-software-as-a-service","description":"<span style=\"font-weight: bold;\">Software as a service (SaaS)</span> is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. It is sometimes referred to as "on-demand software", and was formerly referred to as "software plus services" by Microsoft.\r\n SaaS services is typically accessed by users using a thin client, e.g. via a web browser. SaaS software solutions has become a common delivery model for many business applications, including office software, messaging software, payroll processing software, DBMS software, management software, CAD software, development software, gamification, virtualization, accounting, collaboration, customer relationship management (CRM), Management Information Systems (MIS), enterprise resource planning (ERP), invoicing, human resource management (HRM), talent acquisition, learning management systems, content management (CM), Geographic Information Systems (GIS), and service desk management. SaaS has been incorporated into the strategy of nearly all leading enterprise software companies.\r\nSaaS applications are also known as <span style=\"font-weight: bold;\">Web-based software</span>, <span style=\"font-weight: bold;\">on-demand software</span> and<span style=\"font-weight: bold;\"> hosted software</span>.\r\nThe term "Software as a Service" (SaaS) is considered to be part of the nomenclature of cloud computing, along with Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Desktop as a Service (DaaS),managed software as a service (MSaaS), mobile backend as a service (MBaaS), and information technology management as a service (ITMaaS).\r\nBecause SaaS is based on cloud computing it saves organizations from installing and running applications on their own systems. That eliminates or at least reduces the associated costs of hardware purchases and maintenance and of software and support. The initial setup cost for a SaaS application is also generally lower than it for equivalent enterprise software purchased via a site license.\r\nSometimes, the use of SaaS cloud software can also reduce the long-term costs of software licensing, though that depends on the pricing model for the individual SaaS offering and the enterprise’s usage patterns. In fact, it’s possible for SaaS to cost more than traditional software licenses. This is an area IT organizations should explore carefully.<br />SaaS also provides enterprises the flexibility inherent with cloud services: they can subscribe to a SaaS offering as needed rather than having to buy software licenses and install the software on a variety of computers. The savings can be substantial in the case of applications that require new hardware purchases to support the software.<br /><br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Who uses SaaS?</span></h1>\r\nIndustry analyst Forrester Research notes that SaaS adoption has so far been concentrated mostly in human resource management (HRM), customer relationship management (CRM), collaboration software (e.g., email), and procurement solutions, but is poised to widen. Today it’s possible to have a data warehouse in the cloud that you can access with business intelligence software running as a service and connect to your cloud-based ERP like NetSuite or Microsoft Dynamics.The dollar savings can run into the millions. And SaaS installations are often installed and working in a fraction of the time of on-premises deployments—some can be ready in hours. \r\nSales and marketing people are likely familiar with Salesforce.com, the leading SaaS CRM software, with millions of users across more than 100,000 customers. Sales is going SaaS too, with apps available to support sales in order management, compensation, quote production and configure, price, quoting, electronic signatures, contract management and more.\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Why SaaS? Benefits of software as a service</span></h1>\r\n<ul><li><span style=\"font-weight: bold;\">Lower cost of entry</span>. With SaaS solution, you pay for what you need, without having to buy hardware to host your new applications. Instead of provisioning internal resources to install the software, the vendor provides APIs and performs much of the work to get their software working for you. The time to a working solution can drop from months in the traditional model to weeks, days or hours with the SaaS model. In some businesses, IT wants nothing to do with installing and running a sales app. In the case of funding software and its implementation, this can be a make-or-break issue for the sales and marketing budget, so the lower cost really makes the difference.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Reduced time to benefit/rapid prototyping</span>. In the SaaS model, the software application is already installed and configured. Users can provision the server for the cloud and quickly have the application ready for use. This cuts the time to benefit and allows for rapid demonstrations and prototyping. With many SaaS companies offering free trials, this means a painless proof of concept and discovery phase to prove the benefit to the organization. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Pay as you go</span>. SaaS business software gives you the benefit of predictable costs both for the subscription and to some extent, the administration. Even as you scale, you can have a clear idea of what your costs will be. This allows for much more accurate budgeting, especially as compared to the costs of internal IT to manage upgrades and address issues for an owned instance.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">The SaaS vendor is responsible for upgrades, uptime and security</span>. Under the SaaS model, since the software is hosted by the vendor, they take on the responsibility for maintaining the software and upgrading it, ensuring that it is reliable and meeting agreed-upon service level agreements, and keeping the application and its data secure. While some IT people worry about Software as a Service security outside of the enterprise walls, the likely truth is that the vendor has a much higher level of security than the enterprise itself would provide. Many will have redundant instances in very secure data centers in multiple geographies. Also, the data is being automatically backed up by the vendor, providing additional security and peace of mind. Because of the data center hosting, you’re getting the added benefit of at least some disaster recovery. Lastly, the vendor manages these issues as part of their core competencies—let them.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Integration and scalability.</span> Most SaaS apps are designed to support some amount of customization for the way you do business. SaaS vendors create APIs to allow connections not only to internal applications like ERPs or CRMs but also to other SaaS providers. One of the terrific aspects of integration is that orders written in the field can be automatically sent to the ERP. Now a salesperson in the field can check inventory through the catalog, write the order in front of the customer for approval, send it and receive confirmation, all in minutes. And as you scale with a SaaS vendor, there’s no need to invest in server capacity and software licenses. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Work anywhere</span>. Since the software is hosted in the cloud and accessible over the internet, users can access it via mobile devices wherever they are connected. This includes checking customer order histories prior to a sales call, as well as having access to real time data and real time order taking with the customer.</li></ul>\r\n<p class=\"align-left\"> </p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/SaaS__1_.png"},{"id":840,"title":"ICS/SCADA Cyber Security","alias":"icsscada-cyber-security","description":"SCADA security is the practice of protecting supervisory control and data acquisition (SCADA) networks, a common framework of control systems used in industrial operations. These networks are responsible for providing automated control and remote human management of essential commodities and services such as water, natural gas, electricity and transportation to millions of people. They can also be used to improve the efficiencies and quality in other less essential (but some would say very important!) real-world processes such as snowmaking for ski resorts and beer brewing. SCADA is one of the most common types of industrial control systems (ICS).\r\nThese networks, just like any other network, are under threat from cyber-attacks that could bring down any part of the nation's critical infrastructure quickly and with dire consequences if the right security is not in place. Capital expenditure is another key concern; SCADA systems can cost an organization from tens of thousands to millions of dollars. For these reasons, it is essential that organizations implement robust SCADA security measures to protect their infrastructure and the millions of people that would be affected by the disruption caused by an external attack or internal error.\r\nSCADA security has evolved dramatically in recent years. Before computers, the only way to monitor a SCADA network was to deploy several people to each station to report back on the state of each system. In busier stations, technicians were stationed permanently to manually operate the network and communicate over telephone wires.\r\nIt wasn't until the introduction of the local area network (LAN) and improvements in system miniaturization that we started to see advances in SCADA development such as the distributed SCADA network. Next came networked systems that were able to communicate over a wide area network (WAN) and connect many more components together.\r\nFrom local companies to federal governments, every business or organization that works with SCADA systems are vulnerable to SCADA security threats. These threats can have wide-reaching effects on both the economy and the community. Specific threats to SCADA networks include the following:\r\n<span style=\"font-weight: bold;\">Hackers.</span> Individuals or groups with malicious intent could bring a SCADA network to its knees. By gaining access to key SCADA components, hackers could unleash chaos on an organization that can range from a disruption in services to cyber warfare.\r\n<span style=\"font-weight: bold;\">Malware.</span> Malware, including viruses, spyware and ransomware can pose a risk to SCADA systems. While malware may not be able to specifically target the network itself, it can still pose a threat to the key infrastructure that helps to manage the SCADA network. This includes mobile SCADA applications that are used to monitor and manage SCADA systems.\r\n<span style=\"font-weight: bold;\">Terrorists.</span> Where hackers are usually motivated by sordid gain, terrorists are driven by the desire to cause as much mayhem and damage as possible.\r\n<span style=\"font-weight: bold;\">Employees.</span> Insider threats can be just as damaging as external threats. From human error to a disgruntled employee or contractor, it is essential that SCADA security addresses these risks.\r\nManaging today's SCADA networks can be a challenge without the right security precautions in place. Many networks are still without the necessary detection and monitoring systems and this leaves them vulnerable to attack. Because SCADA network attacks exploit both cyber and physical vulnerabilities, it is critical to align cybersecurity measures accordingly.","materialsDescription":"<span style=\"font-weight: bold;\">What is the difference between ICS/SCADA cybersecurity and information security?</span>\r\nAutomated process control systems (SCADA) have a lot of differences from “traditional” corporate information systems: from the destination, specific data transfer protocols and equipment used and ending with the environment in which they operate. In corporate networks and systems, as a rule, the main protected resource is information that is processed, transmitted and stored in automated systems, and the main goal is to ensure its confidentiality. In ICS, the protected resource, first of all, is the technological process itself, and the main goal is to ensure its continuity (accessibility of all nodes) and integrity (including information transmitted between the nodes of the ICS). Moreover, the field of potential risks and threats to ICS, in comparison with corporate systems, expands with risks of potential damage to life and health of personnel and the public, damage to the environment and infrastructure. That is why it is incorrect to talk about “information security” in relation to ICS/SCADA. In English sources, the term “cybersecurity” is used for this, a direct translation of which (cybersecurity) is increasingly found in our market in relation to the protection of process control systems.\r\n<span style=\"font-weight: bold;\">Is it really necessary?</span>\r\nIt is necessary. There are a number of myths about process control systems, for example: “process control systems are completely isolated from the outside world”, “process control systems are too specific for someone to crack”, “process control systems are reliably protected by the developer”, or even “No one will ever try us, hacking us is not interesting. ” All this is no longer true. Many modern distributed process control systems have one or another connection with the corporate network, even if the system owners are unaware of this. Communication with the outside world greatly simplifies the task of the attacker, but does not remain the only possible option. Automated process control software and data transfer protocols are, as a rule, very, very insecure against cyber threats. This is evidenced by numerous articles and reports of experts involved in the study of the protection of industrial control systems and penetration tests. The PHDays III section on hacking automated process control systems impressed even ardent skeptics. Well, and, of course, the argument “they have NOT attacked us, therefore they will not” - can hardly be considered seriously. Everyone has heard about Stuxnet, which dispelled almost all the myths about the safety of ICS at once.\r\n<span style=\"font-weight: bold;\">Who needs this?</span>\r\nWith the phrase ICS/SCADA, most imagine huge plants, automated CNC machines or something similar. However, the application of process control systems is not limited to these objects - in the modern age of automation, process control systems are used everywhere: from large production facilities, the oil and gas industry, transport management to smart home systems. And, by the way, with the protection of the latter, as a rule, everything can be much worse, because the developer silently and imperceptibly shifts responsibility to the shoulders of the user.\r\nOf course, some of the objects with automated process control systems are more interesting for attackers, others less. But, given the ever-growing number of vulnerabilities discovered and published in the ICS, the spread of "exclusive" (written for specific protocols and ICS software) malware, considering your system safe "by default" is unreasonable.\r\n<span style=\"font-weight: bold;\">Are ICS and SCADA the same thing?</span>\r\nNo. SCADA systems (supervisory control and data acquisition, supervisory control and data collection) are part of the control system. Usually, a SCADA system means centralized control and management systems with the participation of a person as a whole system or a complex of industrial control systems. SCADA is the central link between people (human-machine interfaces) and PLC levels (programmable logic controller) or RTU (remote terminal unit).\r\n<span style=\"font-weight: bold;\">What is ICS/SCADA cybersecurity?</span>\r\nIn fact, ICS cybersecurity is a process similar to “information security” in a number of properties, but very different in details. And the devil, as you know, lies in them. ICS/SCADA also has similar information security-related processes: asset inventory, risk analysis and assessment, threat analysis, security management, change management, incident response, continuity, etc. But these processes themselves are different.<br />The cyber security of ICSs has the same basic target qualities - confidentiality, integrity and accessibility, but the significance and point of application for them are completely different. It should be remembered that in ICS/SCADA we, first of all, protect the technological process. Beyond this - from the risks of damage to human health and life and the environment.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_SCADA_Cyber_Security.png"},{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png"},{"id":836,"title":"DRP - Digital Risk Protection","alias":"drp-digital-risk-protection","description":"Digital risks exist on social media and web channels, outside most organization's line of visibility. Organizations struggle to monitor these external, unregulated channels for risks targeting their business, their employees or their customers.\r\nCategories of risk include cyber (insider threat, phishing, malware, data loss), revenue (customer scams, piracy, counterfeit goods) brand (impersonations, slander) and physical (physical threats, natural disasters).\r\nDue to the explosive growth of digital risks, organizations need a flexible, automated approach that can monitor digital channels for organization-specific risks, trigger alerts and remediate malicious posts, profiles, content or apps.\r\nDigital risk protection (DRP) is the process of protecting social media and digital channels from security threats and business risks such as social engineering, external fraud, data loss, insider threat and reputation-based attacks. DRP reduces risks that emerge from digital transformation, protecting against the unwanted exposure of a company’s data, brand, and attack surface and providing actionable insight on threats from the open, deep, and dark web.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What is a digital risk?</span>\r\nDigital risks can take many forms. Most fundamentally, what makes a risk digital? Digital risk is any risk that plays out in one form or another online, outside of an organization’s IT infrastructure and beyond the security perimeter. This can be a cyber risk, like a phishing link or ransomware via LinkedIn, but can also include traditional risks with a digital component, such as credit card money flipping scams on Instagram.\r\n<span style=\"font-weight: bold;\">What are the features of Digital Risk Protection?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">The features are:</span></span>\r\n<ul><li>Protecting yourself from digital risk by building a watchtower, not a wall. A new Forrester report identifies two objectives for any digital risk protection effort: identifying risks and resolving them.</li><li>Digital risk comes in many forms, like unauthorized data disclosure, threat coordination from cybercriminals, risks inherent in the technology you use and in your third-party associates and even from your own employees.</li><li>The best solutions should automate the collection of data and draw from many sources; should have the capabilities to map, monitor, and mitigate digital risk and should be flexible enough to be applied in multiple use cases — factors that many threat intelligence solutions excel in.</li></ul>\r\n<span style=\"font-weight: bold;\">What elements constitute a digital risk?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Unauthorized Data Disclosure</span></span>\r\nThis includes the theft or leakage of any kind of sensitive data, like the personal financial information of a retail organization’s customers or the source code for a technology company’s proprietary products.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Threat Coordination Activity</span></span>\r\nMarketplaces and criminal forums on the dark web or even just on the open web are potent sources of risk. Here, a vulnerability identified by one group or individual who can’t act on it can reach the hands of someone who can. This includes the distribution of exploits in both targeted and untargeted campaigns.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Supply Chain Issues</span></span>\r\nBusiness partners, third-party suppliers, and other vendors who interact directly with your organization but are not necessarily following the same security practices can open the door to increased risk.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Employee Risk</span></span>\r\nEven the most secure and unbreakable lock can still easily be opened if you just have the right key. Through social engineering efforts, identity or access management and manipulation, or malicious insider attacks coming from disgruntled employees, even the most robust cybersecurity program can be quickly subverted.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Technology Risks</span></span>\r\nThis broad category includes all of the risks you must consider across the different technologies your organization might rely on to get your work done, keep it running smoothly, and tell people about it.\r\n<ul><li><span style=\"font-weight: bold;\">Physical Infrastructure:</span> Countless industrial processes are now partly or completely automated, relying on SCADA, DCS, or PLC systems to run smoothly — and opening them up to cyber- attacks (like the STUXNET attack that derailed an entire country’s nuclear program).</li><li><span style=\"font-weight: bold;\">IT Infrastructure:</span> Maybe the most commonsensical source of digital risk, this includes all of the potential vulnerabilities in your software and hardware. The proliferation of the internet of things devices poses a growing and sometimes underappreciated risk here.</li><li><span style=\"font-weight: bold;\">Public-Facing Presence:</span> All of the points where you interact with your customers and other public entities, whether through social media, email campaigns, or other marketing strategies, represent potential sources of risk.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Digital_Risk_Protection.png"},{"id":485,"title":"Web security","alias":"web-security","description":" Web security basically means protecting a website or web application by detecting, preventing and responding to cyber threats.\r\nWebsites and web applications are just as prone to security breaches as physical homes, stores, and government locations. Unfortunately, cybercrime happens every day, and great web security measures are needed to protect websites and web applications from becoming compromised.\r\nThat’s exactly what web security does – it is a system of protection measures and protocols that can protect your website or web application from being hacked or entered by unauthorized personnel. This integral division of Information Security is vital to the protection of websites, web applications, and web services. Anything that is applied over the Internet should have some form of web security to protect it.\r\nThere are a lot of factors that go into web security and web protection. Any website or application that is secure is surely backed by different types of checkpoints and techniques for keeping it safe.\r\nThere are a variety of security standards that must be followed at all times, and these standards are implemented and highlighted by the OWASP. Most experienced web developers from top cybersecurity companies will follow the standards of the OWASP as well as keep a close eye on the Web Hacking Incident Database to see when, how, and why different people are hacking different websites and services.\r\nEssential steps in protecting web apps from attacks include applying up-to-date encryption, setting proper authentication, continuously patching discovered vulnerabilities, avoiding data theft by having secure software development practices. The reality is that clever attackers may be competent enough to find flaws even in a fairly robust secured environment, and so a holistic security strategy is advised.\r\nThere are different types of technologies available for maintaining the best security standards. Some popular technical solutions for testing, building, and preventing threats include black and white box testing tools, fuzzing tools, WAF, security or vulnerability scanners, password cracking tools, and so on.","materialsDescription":" <span style=\"font-weight: bold; \">What is Malware?</span>\r\nThe name malware is short for ‘malicioussoftware’. Malware includes any software program that has been created to perform an unauthorised — and often harmful — action on a user’s device. Examples of malware include:\r\n<ul><li>Computer viruses</li><li>Word and Excel macro viruses</li><li>Boot sector viruses</li><li>Script viruses — including batch, Windows shell, Java and others</li><li>Keyloggers</li><li>Password stealers</li><li>Backdoor Trojan viruses</li><li>Other Trojan viruses</li><li>Crimeware</li><li>Spyware</li><li>Adware... and many other types of malicious software programs</li></ul>\r\n<span style=\"font-weight: bold; \">What is the difference between a computer virus and a worm?</span>\r\n<span style=\"font-weight: bold; \">Computer virus.</span> This is a type of malicious program that can replicate itself — so that it can spread from file to file on a computer, and can also spread from one computer to another. Computer viruses are often programmed to perform damaging actions — such as corrupting or deleting data. The longer a virus remains undetected on your machine, the greater the number of infected files that may be on your computer.\r\n<span style=\"font-weight: bold; \">Worms.</span> Worms are generally considered to be a subset of computer viruses — but with some specific differences:\r\n<ul><li>A worm is a computer program that replicates, but does not infect other files.</li><li>The worm will install itself once on a computer — and then look for a way to spread to other computers.</li><li>Whereas a virus is a set of code that adds itself to existing files, a worm exists as a separate, standalone file.</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Trojan virus?</span>\r\nA Trojan is effectively a program that pretends to be legitimate software — but, when launched, it will perform a harmful action. Unlike computer viruses and worms, Trojans cannot spread by themselves. Typically, Trojans are installed secretly and they deliver their malicious payload without the user’s knowledge.\r\nCybercriminals use many different types of Trojans — and each has been designed to perform a specific malicious function. The most common are:\r\n<ul><li>Backdoor Trojans (these often include a keylogger)</li><li>Trojan Spies</li><li>Password stealing Trojans</li><li>Trojan Proxies — that convert your computer into a spam distribution machine</li></ul>\r\n<span style=\"font-weight: bold; \">Why are Trojan viruses called Trojans?</span>\r\nIn Greek mythology — during the Trojan war — the Greeks used subterfuge to enter the city of Troy. The Greeks constructed a massive wooden horse — and, unaware that the horse contained Greek soldiers, the Trojans pulled the horse into the city. At night, the Greek soldiers escaped from the horse and opened the city gates — for the Greek army to enter Troy.\r\nToday, Trojan viruses use subterfuge to enter unsuspecting users’ computers and devices.\r\n<span style=\"font-weight: bold; \">What is a Keylogger?</span>\r\nA keylogger is a program that can record what you type on your computer keyboard. Criminals use keyloggers to obtain confidential data — such as login details, passwords, credit card numbers, PINs and other items. Backdoor Trojans typically include an integrated keylogger.\r\n<span style=\"font-weight: bold; \">What is Phishing?</span>\r\nPhishing is a very specific type of cybercrime that is designed to trick you into disclosing valuable information — such as details about your bank account or credit cards. Often, cybercriminals will create a fake website that looks just like a legitimate site — such as a bank’s official website. The cybercriminal will try to trick you into visiting their fake site — typically by sending you an email that contains a hyperlink to the fake site. When you visit the fake website, it will generally ask you to type in confidential data — such as your login, password or PIN.\r\n<span style=\"font-weight: bold; \">What is Spyware?</span>\r\nSpyware is software that is designed to collect your data and send it to a third party — without your knowledge or consent. Spyware programs will often:\r\n<ul><li>Monitor the keys you press on your keyboard — using a keylogger</li><li>Collect confidential information — such as your passwords, credit card numbers, PIN numbers and more</li><li>Gather — or ‘harvest’ — email addresses from your computer</li><li>Track your Internet browsing habits</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Rootkit?</span>\r\nRootkits are programs that hackers use in order to evade detection while trying to gain unauthorised access to a computer. Rootkits have been used increasingly as a form of stealth to hide Trojan virus activity. When installed on a computer, rootkits are invisible to the user and also take steps to avoid being detected by security software.\r\nThe fact that many people log into their computers with administrator rights — rather than creating a separate account with restricted access — makes it easier for cybercriminals to install a rootkit.\r\n<span style=\"font-weight: bold; \">What is a Botnet?</span>\r\nA botnet is a network of computers controlled by cybercriminals using a Trojan virus or other malicious program.\r\n<span style=\"font-weight: bold;\">What is a DDoS attack?</span>\r\nA Distributed-Denial-of-Service (DDoS) attack is similar to a DoS. However, a DDoS attack is conducted using multiple machines. Usually, for a DDoS attack, the hacker will use one security compromised computer as the ‘master’ machine that co-ordinates the attack by other ‘zombie machines’. Typically, the cybercriminal will compromise the security on the master and all of the zombie machines, by exploiting a vulnerability in an application on each computer — to install a Trojan or other piece of malicious code.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/security-web-application-security.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"},{"id":467,"title":"Network Forensics","alias":"network-forensics","description":" Network forensics is a sub-branch of digital forensics relating to the monitoring and analysis of computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection. Unlike other areas of digital forensics, network investigations deal with volatile and dynamic information. Network traffic is transmitted and then lost, so network forensics is often a pro-active investigation.\r\nNetwork forensics generally has two uses. The first, relating to security, involves monitoring a network for anomalous traffic and identifying intrusions. An attacker might be able to erase all log files on a compromised host; network-based evidence might therefore be the only evidence available for forensic analysis. The second form relates to law enforcement. In this case analysis of captured network traffic can include tasks such as reassembling transferred files, searching for keywords and parsing human communication such as emails or chat sessions.\r\nTwo systems are commonly used to collect network data; a brute force "catch it as you can" and a more intelligent "stop look listen" method.\r\nNetwork forensics is a comparatively new field of forensic science. The growing popularity of the Internet in homes means that computing has become network-centric and data is now available outside of disk-based digital evidence. Network forensics can be performed as a standalone investigation or alongside a computer forensics analysis (where it is often used to reveal links between digital devices or reconstruct how a crime was committed).\r\nMarcus Ranum is credited with defining Network forensics as "the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents".\r\nCompared to computer forensics, where evidence is usually preserved on disk, network data is more volatile and unpredictable. Investigators often only have material to examine if packet filters, firewalls, and intrusion detection systems were set up to anticipate breaches of security.\r\nSystems used to collect network data for forensics use usually come in two forms:\r\n<ul><li>"Catch-it-as-you-can" – This is where all packets passing through a certain traffic point are captured and written to storage with analysis being done subsequently in batch mode. This approach requires large amounts of storage.</li><li>"Stop, look and listen" – This is where each packet is analyzed in a rudimentary way in memory and only certain information saved for future analysis. This approach requires a faster processor to keep up with incoming traffic.</li></ul>","materialsDescription":" <span style=\"font-weight: bold;\">Why is network forensics important?</span>\r\nNetwork forensics is important because so many common attacks entail some type of misuse of network resources.\r\n<span style=\"font-weight: bold;\">What are the different ways in which the network can be attacked?</span>\r\nAttacks typically target availability confidentiality and integrity. Loss of any one of these items constitutes a security breach.\r\n<span style=\"font-weight: bold;\">Where is the best place to search for information?</span>\r\nInformation can be found by either doing a live analysis of the network, analyzing IDS information, or examining logs that can be found in routers and servers.\r\n<span style=\"font-weight: bold;\">How does a forensic analyst know how deeply to look for information?</span>\r\nSome amount of information can be derived from looking at the skill level of the attacker. Attackers with little skill are much less likely to use advanced hiding techniques.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Network_Forensics.png"},{"id":79,"title":"VM - Vulnerability management","alias":"vm-vulnerability-management","description":"Vulnerability management is the "cyclical practice of identifying, classifying, prioritizing, remediating and mitigating" software vulnerabilities. Vulnerability management is integral to computer security and network security, and must not be confused with a Vulnerability assessment.\r\nVulnerability management is an ongoing process that includes proactive asset discovery, continuous monitoring, mitigation, remediation and defense tactics to protect your organization's modern IT attack surface from Cyber Exposure.\r\nVulnerabilities can be discovered with a vulnerability scanner, which analyzes a computer system in search of known vulnerabilities, such as open ports, insecure software configurations, and susceptibility to malware infections. They may also be identified by consulting public sources, such as NVD, or subscribing to a commercial vulnerability alerting services. Unknown vulnerabilities, such as a zero-day, may be found with fuzz testing, which can identify certain kinds of vulnerabilities, such as a buffer overflow with relevant test cases. Such analysis can be facilitated by test automation. In addition, antivirus software capable of heuristic analysis may discover undocumented malware if it finds software behaving suspiciously (such as attempting to overwrite a system file).\r\nCorrecting vulnerabilities may variously involve the installation of a patch, a change in network security policy, reconfiguration of software, or educating users about social engineering.\r\nNetwork vulnerabilities represent security gaps that could be abused by attackers to damage network assets, trigger a denial of service, and/or steal potentially sensitive information. Attackers are constantly looking for new vulnerabilities to exploit — and taking advantage of old vulnerabilities that may have gone unpatched.\r\nHaving a vulnerability management framework in place that regularly checks for new vulnerabilities is crucial for preventing cybersecurity breaches. Without a vulnerability testing and patch management system, old security gaps may be left on the network for extended periods of time. This gives attackers more of an opportunity to exploit vulnerabilities and carry out their attacks.\r\nOne statistic that highlights how crucial vulnerability management was featured in an Infosecurity Magazine article. According to survey data cited in the article, of the organizations that “suffered a breach, almost 60% were due to an unpatched vulnerability.” In other words, nearly 60% of the data breaches suffered by survey respondents could have been easily prevented simply by having a vulnerability management plan that would apply critical patches before attackers leveraged the vulnerability.","materialsDescription":" <span style=\"font-weight: bold;\">What is vulnerability management?</span>\r\nVulnerability management is a pro-active approach to managing network security by reducing the likelihood that flaws in code or design compromise the security of an endpoint or network.\r\n<span style=\"font-weight: bold;\">What processes does vulnerability management include?</span>\r\nVulnerability management processes include:\r\n<ul><li><span style=\"font-style: italic;\">Checking for vulnerabilities:</span> This process should include regular network scanning, firewall logging, penetration testing or use of an automated tool like a vulnerability scanner.</li><li><span style=\"font-style: italic;\">Identifying vulnerabilities:</span> This involves analyzing network scans and pen test results, firewall logs or vulnerability scan results to find anomalies that suggest a malware attack or other malicious event has taken advantage of a security vulnerability, or could possibly do so.</li><li><span style=\"font-style: italic;\">Verifying vulnerabilities:</span> This process includes ascertaining whether the identified vulnerabilities could actually be exploited on servers, applications, networks or other systems. This also includes classifying the severity of a vulnerability and the level of risk it presents to the organization.</li><li><span style=\"font-style: italic;\">Mitigating vulnerabilities:</span> This is the process of figuring out how to prevent vulnerabilities from being exploited before a patch is available, or in the event that there is no patch. It can involve taking the affected part of the system off-line (if it's non-critical), or various other workarounds.</li><li><span style=\"font-style: italic;\">Patching vulnerabilities:</span> This is the process of getting patches -- usually from the vendors of the affected software or hardware -- and applying them to all the affected areas in a timely way. This is sometimes an automated process, done with patch management tools. This step also includes patch testing.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/VM_-_Vulnerability_management1.png"},{"id":41,"title":"Antispam","alias":"antispam","description":"In each system, which involves the communication of users, there is always the problem of spam, or the mass mailing of unsolicited emails, which is solved using the antispam system. An antispam system is installed to catch and filter spam at different levels. Spam monitoring and identification are relevant on corporate servers that support corporate email, here the antispam system filters spam on the server before it reaches the mailbox. There are many programs that help to cope with this task, but not all of them are equally useful. The main objective of such programs is to stop sending unsolicited letters, however, the methods of assessing and suppressing such actions can be not only beneficial but also detrimental to your organization. So, depending on the rules and policies of mail servers, your server, or even a domain, may be blacklisted and the transfer of letters will be limited through it, and you may not even be warned about it.\r\nThe main types of installation and use of anti-spam systems:\r\n<ul><li>installation of specialized equipment, a gateway that filters mail before it reaches the server;</li><li>use of external antispam systems for analyzing emails and content;</li><li>setting up an antispam system with the ability to learn on the mail server itself;</li><li>installation of spam filtering software on the client’s computer.</li></ul>","materialsDescription":" <span style=\"font-weight: bold;\">Anti-spam technologies:</span>\r\n<span style=\"font-weight: bold;\">Heuristic analysis</span>\r\nExtremely complex, highly intelligent technology for empirical analysis of all parts of a message: header fields, message bodies, etc. Not only the message itself is analyzed. The heuristic analyzer is constantly being improved, new rules are continuously added to it. It works “ahead of the curve” and makes it possible to recognize still unknown varieties of spam of a new generation before the release of available updates.\r\n<span style=\"font-weight: bold;\">Filtering counteraction</span>\r\nThis is one of the most advanced and effective anti-spam technologies. It is to recognize the tricks resorted to by spammers to bypass anti-spam filters.\r\n<span style=\"font-weight: bold;\">HTML based analysis</span>\r\nHTML code comparable to samples of HTML signatures in antispam. Such a comparison, using the available data on the size of typical spam images, protects users from spam messages using HTML-code, which are often included in the online image.\r\n<span style=\"font-weight: bold;\">Spam detection technology for message envelopes</span>\r\nDetection of fakes in the "stamps" of SMTP-servers and in other elements of the e-mail header is the newest direction in the development of anti-spam methods. Email addresses can not be trusted. Fake emails contain more than just spam. For example, anonymous and even threats. Technologies of various anti-spam systems allow you to send such messages. Thus, it provides not only the economic movement, but also the protection of employees.\r\n<span style=\"font-weight: bold;\">Semantic analysis</span>\r\nMeaning in words and phrases is compared with typical spam vocabulary. Comparison of provisions for a special dictionary, for expression and symbols.\r\n<span style=\"font-weight: bold;\">Anti-camming technology</span>\r\nScamming is probably the most dangerous type of spam. All of them have the so-called "Nigerian letters", reports of winnings in the lottery, casino, fake letters and credit services.\r\n<span style=\"font-weight: bold;\">Technical spam filtering</span>\r\nAutomatic notification of e-mail - bounce-messages - to inform users about the malfunction of the postal system (for example, non-delivery of address letters). Attackers can use similar messages. Under the guise of a technical notification, computer service or ordinary spam can penetrate the computer.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Antispam.png"},{"id":483,"title":"Messaging Security","alias":"messaging-security","description":"<span style=\"font-weight: bold; \">Messaging security</span> is a subcategory of <span style=\"font-style: italic; \">unified threat management (UTM) </span>focused on securing and protecting an organization’s communication infrastructure. Communication channels can include email software, messaging apps, and social network IM platforms. This extra layer of security can help secure devices and block a wider range of viruses or malware attacks.\r\nMessaging security helps to ensure the confidentiality and authenticity of an organization’s communication methods. Confidentiality refers to making sure only the intended recipients are able to read the messages and authenticity refers to making sure the identity of each sender or recipient is verified.\r\nOftentimes, attackers aim to gain access to an entire network or system by infiltrating the messaging infrastructure. Implementing proper data and message security can minimize the chance of data leaks and identity theft.\r\n<span style=\"color: rgb(97, 97, 97); \">Encrypted messaging (also known as secure messaging) provides end-to-end encryption for user-to-user text messaging. Encrypted messaging prevents anyone from monitoring text conversations. Many encrypted messenger apps also offer end-to-end encryption for phone calls made using the apps, as well as for files that are sent using the apps.</span>\r\nTwo modern methods of encryption are the <span style=\"font-style: italic; \">Public Key (Asymmetric)</span> and the <span style=\"font-style: italic; \">Private Key (Symmetric</span>) methods. While these two methods of encryption are similar in that they both allow users to encrypt data to hide it from the prying eyes of outsiders and then decrypt it for viewing by an authorized party, they differ in how they perform the steps involved in the process.\r\n<span style=\"font-weight: bold; \">Email</span> security message can rely on public-key cryptography, in which users can each publish a public key that others can use to encrypt messages to them, while keeping secret a private key they can use to decrypt such messages or to digitally encrypt and sign messages they send. \r\n<span style=\"font-weight: bold;\">Encrypted messaging systems </span>must be encrypted end-to-end, so that even the service provider and its staff are unable to decipher what’s in your communications. Ideal solutions is “server-less” encrypted chat where companies won’t store user information anywhere.\r\nIn a more general sense, users of unsecured public Wi-Fi should also consider using a <span style=\"font-weight: bold;\">Virtual Private Network </span>(VPN) application, to conceal their identity and location from Internet Service Providers (ISPs), higher level surveillance, and the attentions of hackers.","materialsDescription":"<h1 class=\"align-center\"> What is messaging security?</h1>\r\nMessaging Security is a program that provides protection for companies' messaging infrastructure. The programs include IP reputation-based anti-spam, pattern-based anti-spam, administrator-defined block/allow lists, mail antivirus, zero-hour malware detection, and email intrusion prevention.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">Six Dimensions of Comprehensive Messaging Security</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">IP-Reputation Anti-spam.</span> It checks each email connection request with a database of IP addresses to establish whether a sender is a legitimate or known spam sender and malware. If a sender is recognized it undesirable the messaging Security program drops the connection before the message is accepted.</li><li><span style=\"font-weight: bold; \">Pattern-based anti-spam</span> utilizes a proprietary algorithm to establish a fingerprint-like signature of email messages. When a message comes in, its pattern is calculated and checked against a database to determine if the message matches a known email pattern. </li><li><span style=\"font-weight: bold; \">Block/Allow List Anti-spam.</span> Administrators can create a list of IP addresses or domains that they would like to either block or allow. This method ensures that trusted sources are explicitly allowed and unwanted sources are explicitly denied access.</li><li><span style=\"font-weight: bold; \">Mail Antivirus.</span> This layer of protection blocks a wide range of known viruses and malware attacks.</li><li><span style=\"font-weight: bold; \">Zero-Hour Malware Protection.</span> By analyzing large numbers of messages, outbreaks are detected along with their corresponding messages. These message patterns are then flagged as malicious, giving information about a given attack.</li><li><span style=\"font-weight: bold; \">SmartDefense Email IPS.</span> The messaging security program utilizes SmartDefense Email IPS to stop attacks targeting the messaging infrastructure. </li></ul>\r\n<h1 class=\"align-center\">What are Signal, Wire and LINE messenger security apps like ?</h1>\r\n<p class=\"align-left\">Secure private messenger is a messaging application that emphasizes the privacy and of users using encryption and service transparency. While every modern messenger system is using different security practices (most prominently SSL/HTTPS) - the difference between secure and classic messengers is what we don’t know in the scope of implementation and approach to user data. </p>\r\n<p class=\"align-left\">Message access control and secure messengers evolved into a distinct category due to the growing awareness that communication over the internet is accessible by third parties, and reasonable concerns that the messages can be used against the users.</p>\r\n<h1 class=\"align-center\">Why secure communication is essential for business?</h1>\r\n<p class=\"align-left\">In the context of business operation, communication is a vital element of maintaining an efficient and dynamic working process. It lets you keep everything up to date and on the same page. And since many things are going on at the same time - tools like messengers are one of the many helpers that make the working day a little more manageable.</p>\r\n<p class=\"align-left\">Some of the information, like employee and customer data, proprietary information, data directly linked to business performance or future projections, may be strictly under a non-disclosure agreement. Without proper text message authentication in information security or encryption, it remains vulnerable to exposure. The chances are slim, but the possibility remains. </p>\r\n<p class=\"align-left\">And there are people interested in acquiring that sensitive information, people who like to play dirty because getting a competitive advantage is a decent motivation to go beyond the law. And when private conversations leak, especially the business-related ones - the impact is comparable with the Titanic hitting an iceberg. </p>\r\n<p class=\"align-left\">Encrypted massages in messenger prevents this from happening.</p>\r\n<p class=\"align-left\"> </p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Messaging_Security.png"},{"id":45,"title":"SIEM - Security Information and Event Management","alias":"siem-security-information-and-event-management","description":"<span style=\"font-weight: bold; \">Security information and event management (SIEM)</span> is an approach to security management that combines SIM (security information management) and SEM (security event management) functions into one security management system. \r\n The underlying principles of every SIEM system is to aggregate relevant data from multiple sources, identify deviations from the norm and take appropriate action. At the most basic level, a SIEM system can be rules-based or employ a statistical correlation engine to establish relationships between event log entries. Advanced SIEM products have evolved to include user and entity behavior analytics (UEBA) and security orchestration and automated response (SOAR). \r\nThe acronyms SEM, SIM and SIEM have sometimes been used interchangeably, but generally refer to the different primary focus of products:\r\n<ul><li><span style=\"font-weight: bold;\">Log management:</span> Focus on simple collection and storage of log messages and audit trails.</li><li><span style=\"font-weight: bold;\">Security information management (SIM):</span> Long-term storage as well as analysis and reporting of log data.</li><li><span style=\"font-weight: bold;\">Security event manager (SEM):</span> Real-time monitoring, correlation of events, notifications and console views.</li><li><span style=\"font-weight: bold;\">Security information event management (SIEM):</span> Combines SIM and SEM and provides real-time analysis of security alerts generated by network hardware and applications.</li><li><span style=\"font-weight: bold;\">Managed Security Service (MSS) or Managed Security Service Provider (MSSP):</span> The most common managed services appear to evolve around connectivity and bandwidth, network monitoring, security, virtualization, and disaster recovery.</li><li><span style=\"font-weight: bold;\">Security as a service (SECaaS):</span> These security services often include authentication, anti-virus, anti-malware/spyware, intrusion detection, Penetration testing and security event management, among others.</li></ul>\r\nToday, most of SIEM technology works by deploying multiple collection agents in a hierarchical manner to gather security-related events from end-user devices, servers, network equipment, as well as specialized security equipment like firewalls, antivirus or intrusion prevention systems. The collectors forward events to a centralized management console where security analysts sift through the noise, connecting the dots and prioritizing security incidents.\r\nSome of the most important features to review when evaluating Security Information and Event Management software are:\r\n<ol><li><span style=\"font-weight: bold; \">Integration with other controls:</span> Can the system give commands to other enterprise security controls to prevent or stop attacks in progress?</li><li><span style=\"font-weight: bold; \">Artificial intelligence:</span> Can the system improve its own accuracy by through machine and deep learning?</li><li><span style=\"font-weight: bold; \">Threat intelligence feeds:</span> Can the system support threat intelligence feeds of the organization's choosing or is it mandated to use a particular feed?</li><li><span style=\"font-weight: bold; \">Robust compliance reporting:</span> Does the system include built-in reports for common compliance needs and the provide the organization with the ability to customize or create new compliance reports?</li><li><span style=\"font-weight: bold; \">Forensics capabilities:</span> Can the system capture additional information about security events by recording the headers and contents of packets of interest? </li></ol>\r\n\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> Why is SIEM Important?</h1>\r\nSIEM has become a core security component of modern organizations. The main reason is that every user or tracker leaves behind a virtual trail in a network’s log data. SIEM software is designed to use this log data in order to generate insight into past attacks and events. A SIEM solution not only identifies that an attack has happened, but allows you to see how and why it happened as well.\r\nAs organizations update and upscale to increasingly complex IT infrastructures, SIEM has become even more important in recent years. Contrary to popular belief, firewalls and antivirus packages are not enough to protect a network in its entirety. Zero-day attacks can still penetrate a system’s defenses even with these security measures in place.\r\nSIEM addresses this problem by detecting attack activity and assessing it against past behavior on the network. A security event monitoring has the ability to distinguish between legitimate use and a malicious attack. This helps to increase a system’s incident protection and avoid damage to systems and virtual property.\r\nThe use of SIEM also helps companies to comply with a variety of industry cyber management regulations. Log management is the industry standard method of auditing activity on an IT network. SIEM management provides the best way to meet this regulatory requirement and provide transparency over logs in order to generate clear insights and improvements.\r\n<h1 class=\"align-center\">Evaluation criteria for security information and event management software:</h1>\r\n<ul><li>Threat identification: Raw log form vs. descriptive.</li><li>Threat tracking: Ability to track through the various events, from source to destination.</li><li>Policy enforcement: Ability to enforce defined polices.</li><li>Application analysis: Ability to analyze application at Layer 7 if necessary.</li><li>Business relevance of events: Ability to assign business risk to events and have weighted threat levels.</li><li>Measuring changes and improvements: Ability to track configuration changes to devices.</li><li>Asset-based information: Ability to gather information on devices on the network.</li><li>Anomalous behavior (server): Ability to trend and see changes in how it communicates to others.</li><li>Anomalous behavior (network): Ability to trend and see how communications pass throughout the network.</li><li>Anomalous behavior (application): Ability to trend and see changes in how it communicates to others.</li><li>User monitoring: User activity, logging in, applications usage, etc.</li></ul>\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_SIEM.png"},{"id":24,"title":"DLP - Data Leak Prevention","alias":"dlp-data-leak-prevention","description":"Data leak prevention (DLP) is a suite of technologies aimed at stemming the loss of sensitive information that occurs in enterprises across the globe. By focusing on the location, classification and monitoring of information at rest, in use and in motion, this solution can go far in helping an enterprise get a handle on what information it has, and in stopping the numerous leaks of information that occur each day. DLP is not a plug-and-play solution. The successful implementation of this technology requires significant preparation and diligent ongoing maintenance. Enterprises seeking to integrate and implement DLP should be prepared for a significant effort that, if done correctly, can greatly reduce risk to the organization. Those implementing the solution must take a strategic approach that addresses risks, impacts and mitigation steps, along with appropriate governance and assurance measures.","materialsDescription":" <span style=\"font-weight: bold;\">How to protect the company from internal threats associated with leakage of confidential information?</span>\r\nIn order to protect against any threat, you must first realize its presence. Unfortunately, not always the management of companies is able to do this if it comes to information security threats. The key to successfully protecting against information leaks and other threats lies in the skillful use of both organizational and technical means of monitoring personnel actions.\r\n<span style=\"font-weight: bold;\">How should the personnel management system in the company be organized to minimize the risks of leakage of confidential information?</span>\r\nA company must have a special employee responsible for information security, and a large department must have a department directly reporting to the head of the company.\r\n<span style=\"font-weight: bold;\">Which industry representatives are most likely to encounter confidential information leaks?</span>\r\nMore than others, representatives of such industries as industry, energy, and retail trade suffer from leaks. Other industries traditionally exposed to leakage risks — banking, insurance, IT — are usually better at protecting themselves from information risks, and for this reason they are less likely to fall into similar situations.\r\n<span style=\"font-weight: bold;\">What should be adequate measures to protect against leakage of information for an average company?</span>\r\nFor each organization, the question of protection measures should be worked out depending on the specifics of its work, but developing information security policies, instructing employees, delineating access to confidential data and implementing a DLP system are necessary conditions for successful leak protection for any organization. Among all the technical means to prevent information leaks, the DLP system is the most effective today, although its choice must be taken very carefully to get the desired result. So, it should control all possible channels of data leakage, support automatic detection of confidential information in outgoing traffic, maintain control of work laptops that temporarily find themselves outside the corporate network...\r\n<span style=\"font-weight: bold;\">Is it possible to give protection against information leaks to outsourcing?</span>\r\nFor a small company, this may make sense because it reduces costs. However, it is necessary to carefully select the service provider, preferably before receiving recommendations from its current customers.\r\n<span style=\"font-weight: bold;\">What data channels need to be monitored to prevent leakage of confidential information?</span>\r\nAll channels used by employees of the organization - e-mail, Skype, HTTP World Wide Web protocol ... It is also necessary to monitor the information recorded on external storage media and sent to print, plus periodically check the workstation or laptop of the user for files that are there saying should not.\r\n<span style=\"font-weight: bold;\">What to do when the leak has already happened?</span>\r\nFirst of all, you need to notify those who might suffer - silence will cost your reputation much more. Secondly, you need to find the source and prevent further leakage. Next, you need to assess where the information could go, and try to somehow agree that it does not spread further. In general, of course, it is easier to prevent the leakage of confidential information than to disentangle its consequences.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Leak_Prevention.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":5391,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Reblaze.png","logo":true,"scheme":false,"title":"Reblaze DDoS Protection","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"reblaze-ddos-protection","companyTitle":"Reblaze","companyTypes":["supplier","vendor"],"companyId":6815,"companyAlias":"reblaze","description":"<b>Multilayer DDoS Protection</b>\r\nReblaze provides full-scope DoS and DDoS protection, defeating attacks across layers 3, 4, and 7: network, transport, and application. (Even many dedicated DDoS solutions do not fully protect layer 7.) \r\n<ul> <li>Multivariate threat detection accurately identifies and blocks attack traffic </li> <li>Resources scale automatically as needed </li> <li>Also defeats hacking attempts, bots, and more </li> <li>Can handle bandwidth activity larger than most ISPs </li> <li>Fully managed (nothing to install or maintain), and always up-to-date </li> <li>24/7 incident support </li> </ul>\r\n<b>How Reblaze Protects Your Web Assets from DoS/DDoS </b>\r\n<b><i>Dynamic DNS Allocation</i></b>\r\nmakes it impossible for attackers to send DDoS traffic to your server. Instead, all traffic (DDoS and otherwise) must pass through the Reblaze system for analysis first. \r\n<b><i>Elastic load balancing</i></b>\r\ndistributes attacks across Reblaze’s global clusters. This eliminates the stress on both the targeted site and its ISP, so that the ISP has no reason to throttle the traffic even during a large-scale assault. \r\n<b><i>DDoS traffic is filtered</i></b>\r\nby advanced human and behavior detection mechanisms. Legitimate visitors are allowed to reach your site, while DDoS traffic is blocked. \r\n<b><i>Your domain can absorb</i></b>\r\neven the largest DDoS attacks, because Reblaze is a distributed network, which is multi-homed across multiple providers for diversity and robustness. Reblaze harnesses the cloud to provide massive amounts of bandwidth, larger than most ISPs can provide. \r\n<b><i>As attacks scale up</i></b>\r\n...so does your protection. Modern DDoS incidents often occur in stages, with attackers deploying more and more resources in an attempt to overwhelm the target. Reblaze matches this step-for-step, bringing additional resources online instantly and automatically, with no user intervention required. \r\n<b><i>More advanced attacks</i></b>\r\n...result in more advanced defenses. Reblaze contains unique adaptive mechanisms which learn over time. Even as DDoS and other forms of attack grow more sophisticated, Reblaze’s web security experts stay a step ahead, deploying countermeasures across the network. Your staff doesn’t need to keep on top of the constantly changing threat environment on the web, because Reblaze’s experts do this for you. ","shortDescription":"Keeps your web apps up and fully responsive to your users\r\n\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":7,"sellingCount":2,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Reblaze DDoS Protection","keywords":"","description":"<b>Multilayer DDoS Protection</b>\r\nReblaze provides full-scope DoS and DDoS protection, defeating attacks across layers 3, 4, and 7: network, transport, and application. (Even many dedicated DDoS solutions do not fully protect layer 7.) \r\n<ul> <li>Multivariate","og:title":"Reblaze DDoS Protection","og:description":"<b>Multilayer DDoS Protection</b>\r\nReblaze provides full-scope DoS and DDoS protection, defeating attacks across layers 3, 4, and 7: network, transport, and application. (Even many dedicated DDoS solutions do not fully protect layer 7.) \r\n<ul> <li>Multivariate","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Reblaze.png"},"eventUrl":"","translationId":5390,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":6415,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Spherical_Defence.jpg","logo":true,"scheme":false,"title":"Spherical Defence","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"spherical-defence","companyTitle":"Spherical Defence","companyTypes":["supplier","vendor"],"companyId":5824,"companyAlias":"spherical-defence","description":"<div style=\"text-align:center;\"><b>Three-stage Lifecycle </b>\r\n<b>Listen </b>\r\nOnce you have deployed your Spherical instance, it will immediately start listening for API traffic. It will stay in this mode for only as long as there is insufficient data to train the first security model. After receiving roughly 16,000 requests, it will move to the next stage. \r\n<b>Train </b>\r\nAfter sufficient data has been received, the system moves into training mode. This mode will result in a trained security model after roughly 6 hours, which will then be mounted for evaluation. As new data is received, the Spherical instance will train more models to account for natural changes in your API traffic over time. \r\n<b>Secure </b>\r\nOnce the first security model has been trained, it is mounted for evaluation. This means that every subsequent API request that is received by the system is given a classification (either benign or anomalous), and a score. If you have integrated with an outbound service, these events will be filtered back. \r\n<b>What can Spherical detect? </b>\r\n<ul> <li>Excessive Data Exposure. Exposing more object-level data than necessary over API endpoints </li> <li>Malicious Injection. Passing malicious instructions to databases and other services via the API. These include things like SQL injection. </li> <li>Improper Assets Management. Exposing debug, administration and obsolete API endpoints. </li> <li>Sensitive Information Transmission. Users passing personally identifiable information into the wrong field, resulting in a GDPR breach. </li> <li>Authorized Stateful Attacks. Authorized users attempting to subvert application state. These include things like Replay Attacks. </li> <li>Mass Assignment. Accepting an unauthorized object update request. </li> <li>ML Attack Tools. Adversarial API fuzzing can be trained to subvert existing security systems. </li> </ul>","shortDescription":"Spherical Defense is an API security solution that uses deep unsupervised learning to protect your APIs","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Spherical Defence","keywords":"","description":"<div style=\"text-align:center;\"><b>Three-stage Lifecycle </b>\r\n<b>Listen </b>\r\nOnce you have deployed your Spherical instance, it will immediately start listening for API traffic. It will stay in this mode for only as long as there is insufficient data to trai","og:title":"Spherical Defence","og:description":"<div style=\"text-align:center;\"><b>Three-stage Lifecycle </b>\r\n<b>Listen </b>\r\nOnce you have deployed your Spherical instance, it will immediately start listening for API traffic. It will stay in this mode for only as long as there is insufficient data to trai","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Spherical_Defence.jpg"},"eventUrl":"","translationId":6415,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":4880,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/MSI_Mission_Secure_Logo.jpg","logo":true,"scheme":false,"title":"MSi Platform","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"msi-platform","companyTitle":"MSi Mission Secure","companyTypes":["vendor"],"companyId":7395,"companyAlias":"msi-mission-secure","description":"Unique in an emerging market, the patented MSi Platform 4.0 is a software-hardware ICS cybersecurity solution purpose-built for the operational technology (OT) environment. With the MSi Platform, companies gain comprehensive network visibility, asset discovery, network mapping, segmentation and controller protection, plus Level 0 visibility and protection on a single platform. On-premise or hosted in the MSi cloud, with 24/7/365 monitoring, the MSi Platform 4.0 makes OT cybersecurity simple, even for the non-IT professional.\r\nThe patented MSi Platform—comprised of the MSi Console, MSi IDS, MSi 1 and MSi Sentinel—takes plant, ship, production platform and control system security to an unparalleled level with six points of action and awareness.\r\n<span style=\"font-weight: bold;\">PROTECT</span>\r\nRestrict unauthorized access and block malware and ransomware from reaching important controllers and Level 1 devices.\r\n<span style=\"font-weight: bold;\">MONITOR</span>\r\nContinuously monitor network IP levels, alongside digital and analog signals with our secure, multi-layered system.\r\n<span style=\"font-weight: bold;\">DETECT</span>\r\nGet real-time analysis and automated incident detection.\r\n<span style=\"font-weight: bold;\">INFORM</span>\r\nKeep trusted operators and cybersecurity professionals informed through dedicated communications systems.\r\n<span style=\"font-weight: bold;\">COLLECT</span>\r\nGather system data from digital and analog sensors and actuators, controllers and the OT network for real-time analysis and post-attack forensic purposes.\r\n<span style=\"font-weight: bold;\">CORRECT</span>\r\nCarry out optional automated or operator-guided responses, control system restorations to enable safe operating states and continued production.","shortDescription":"MSi Platform is cybersecurity for industrial control systems.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":11,"sellingCount":13,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"MSi Platform","keywords":"","description":"Unique in an emerging market, the patented MSi Platform 4.0 is a software-hardware ICS cybersecurity solution purpose-built for the operational technology (OT) environment. With the MSi Platform, companies gain comprehensive network visibility, asset discovery","og:title":"MSi Platform","og:description":"Unique in an emerging market, the patented MSi Platform 4.0 is a software-hardware ICS cybersecurity solution purpose-built for the operational technology (OT) environment. With the MSi Platform, companies gain comprehensive network visibility, asset discovery","og:image":"https://old.roi4cio.com/fileadmin/user_upload/MSI_Mission_Secure_Logo.jpg"},"eventUrl":"","translationId":4881,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":840,"title":"ICS/SCADA Cyber Security","alias":"icsscada-cyber-security","description":"SCADA security is the practice of protecting supervisory control and data acquisition (SCADA) networks, a common framework of control systems used in industrial operations. These networks are responsible for providing automated control and remote human management of essential commodities and services such as water, natural gas, electricity and transportation to millions of people. They can also be used to improve the efficiencies and quality in other less essential (but some would say very important!) real-world processes such as snowmaking for ski resorts and beer brewing. SCADA is one of the most common types of industrial control systems (ICS).\r\nThese networks, just like any other network, are under threat from cyber-attacks that could bring down any part of the nation's critical infrastructure quickly and with dire consequences if the right security is not in place. Capital expenditure is another key concern; SCADA systems can cost an organization from tens of thousands to millions of dollars. For these reasons, it is essential that organizations implement robust SCADA security measures to protect their infrastructure and the millions of people that would be affected by the disruption caused by an external attack or internal error.\r\nSCADA security has evolved dramatically in recent years. Before computers, the only way to monitor a SCADA network was to deploy several people to each station to report back on the state of each system. In busier stations, technicians were stationed permanently to manually operate the network and communicate over telephone wires.\r\nIt wasn't until the introduction of the local area network (LAN) and improvements in system miniaturization that we started to see advances in SCADA development such as the distributed SCADA network. Next came networked systems that were able to communicate over a wide area network (WAN) and connect many more components together.\r\nFrom local companies to federal governments, every business or organization that works with SCADA systems are vulnerable to SCADA security threats. These threats can have wide-reaching effects on both the economy and the community. Specific threats to SCADA networks include the following:\r\n<span style=\"font-weight: bold;\">Hackers.</span> Individuals or groups with malicious intent could bring a SCADA network to its knees. By gaining access to key SCADA components, hackers could unleash chaos on an organization that can range from a disruption in services to cyber warfare.\r\n<span style=\"font-weight: bold;\">Malware.</span> Malware, including viruses, spyware and ransomware can pose a risk to SCADA systems. While malware may not be able to specifically target the network itself, it can still pose a threat to the key infrastructure that helps to manage the SCADA network. This includes mobile SCADA applications that are used to monitor and manage SCADA systems.\r\n<span style=\"font-weight: bold;\">Terrorists.</span> Where hackers are usually motivated by sordid gain, terrorists are driven by the desire to cause as much mayhem and damage as possible.\r\n<span style=\"font-weight: bold;\">Employees.</span> Insider threats can be just as damaging as external threats. From human error to a disgruntled employee or contractor, it is essential that SCADA security addresses these risks.\r\nManaging today's SCADA networks can be a challenge without the right security precautions in place. Many networks are still without the necessary detection and monitoring systems and this leaves them vulnerable to attack. Because SCADA network attacks exploit both cyber and physical vulnerabilities, it is critical to align cybersecurity measures accordingly.","materialsDescription":"<span style=\"font-weight: bold;\">What is the difference between ICS/SCADA cybersecurity and information security?</span>\r\nAutomated process control systems (SCADA) have a lot of differences from “traditional” corporate information systems: from the destination, specific data transfer protocols and equipment used and ending with the environment in which they operate. In corporate networks and systems, as a rule, the main protected resource is information that is processed, transmitted and stored in automated systems, and the main goal is to ensure its confidentiality. In ICS, the protected resource, first of all, is the technological process itself, and the main goal is to ensure its continuity (accessibility of all nodes) and integrity (including information transmitted between the nodes of the ICS). Moreover, the field of potential risks and threats to ICS, in comparison with corporate systems, expands with risks of potential damage to life and health of personnel and the public, damage to the environment and infrastructure. That is why it is incorrect to talk about “information security” in relation to ICS/SCADA. In English sources, the term “cybersecurity” is used for this, a direct translation of which (cybersecurity) is increasingly found in our market in relation to the protection of process control systems.\r\n<span style=\"font-weight: bold;\">Is it really necessary?</span>\r\nIt is necessary. There are a number of myths about process control systems, for example: “process control systems are completely isolated from the outside world”, “process control systems are too specific for someone to crack”, “process control systems are reliably protected by the developer”, or even “No one will ever try us, hacking us is not interesting. ” All this is no longer true. Many modern distributed process control systems have one or another connection with the corporate network, even if the system owners are unaware of this. Communication with the outside world greatly simplifies the task of the attacker, but does not remain the only possible option. Automated process control software and data transfer protocols are, as a rule, very, very insecure against cyber threats. This is evidenced by numerous articles and reports of experts involved in the study of the protection of industrial control systems and penetration tests. The PHDays III section on hacking automated process control systems impressed even ardent skeptics. Well, and, of course, the argument “they have NOT attacked us, therefore they will not” - can hardly be considered seriously. Everyone has heard about Stuxnet, which dispelled almost all the myths about the safety of ICS at once.\r\n<span style=\"font-weight: bold;\">Who needs this?</span>\r\nWith the phrase ICS/SCADA, most imagine huge plants, automated CNC machines or something similar. However, the application of process control systems is not limited to these objects - in the modern age of automation, process control systems are used everywhere: from large production facilities, the oil and gas industry, transport management to smart home systems. And, by the way, with the protection of the latter, as a rule, everything can be much worse, because the developer silently and imperceptibly shifts responsibility to the shoulders of the user.\r\nOf course, some of the objects with automated process control systems are more interesting for attackers, others less. But, given the ever-growing number of vulnerabilities discovered and published in the ICS, the spread of "exclusive" (written for specific protocols and ICS software) malware, considering your system safe "by default" is unreasonable.\r\n<span style=\"font-weight: bold;\">Are ICS and SCADA the same thing?</span>\r\nNo. SCADA systems (supervisory control and data acquisition, supervisory control and data collection) are part of the control system. Usually, a SCADA system means centralized control and management systems with the participation of a person as a whole system or a complex of industrial control systems. SCADA is the central link between people (human-machine interfaces) and PLC levels (programmable logic controller) or RTU (remote terminal unit).\r\n<span style=\"font-weight: bold;\">What is ICS/SCADA cybersecurity?</span>\r\nIn fact, ICS cybersecurity is a process similar to “information security” in a number of properties, but very different in details. And the devil, as you know, lies in them. ICS/SCADA also has similar information security-related processes: asset inventory, risk analysis and assessment, threat analysis, security management, change management, incident response, continuity, etc. But these processes themselves are different.<br />The cyber security of ICSs has the same basic target qualities - confidentiality, integrity and accessibility, but the significance and point of application for them are completely different. It should be remembered that in ICS/SCADA we, first of all, protect the technological process. Beyond this - from the risks of damage to human health and life and the environment.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_SCADA_Cyber_Security.png"},{"id":834,"title":"IoT - Internet of Things Security","alias":"iot-internet-of-things-security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each "thing" is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/iot.png"},{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"},{"id":540,"title":"Security Hardware","alias":"security-hardware","description":"Hardware security as a discipline originated out of cryptographic engineering and involves hardware design, access control, secure multi-party computation, secure key storage, ensuring code authenticity and measures to ensure that the supply chain that built the product is secure, among other things.\r\nA hardware security module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server.\r\nSome providers in this discipline consider that the key difference between hardware security and software security is that hardware security is implemented using "non-Turing-machine" logic (raw combinatorial logic or simple state machines). One approach, referred to as "hardsec", uses FPGAs to implement non-Turing-machine security controls as a way of combining the security of hardware with the flexibility of software.\r\nHardware backdoors are backdoors in hardware. Conceptionally related, a hardware Trojan (HT) is a malicious modification of an electronic system, particularly in the context of an integrated circuit.\r\nA physical unclonable function (PUF) is a physical entity that is embodied in a physical structure and is easy to evaluate but hard to predict. Further, an individual PUF device must be easy to make but practically impossible to duplicate, even given the exact manufacturing process that produced it. In this respect, it is the hardware analog of a one-way function. The name "physically unclonable function" might be a little misleading as some PUFs are clonable, and most PUFs are noisy and therefore do not achieve the requirements for a function. Today, PUFs are usually implemented in integrated circuits and are typically used in applications with high-security requirements.\r\nMany attacks on sensitive data and resources reported by organizations occur from within the organization itself.","materialsDescription":"<span style=\"font-weight: bold;\">What is hardware information security?</span>\r\nHardware means various types of devices (mechanical, electromechanical, electronic, etc.), which solve information protection problems with hardware. They impede access to information, including through its disguise. The hardware includes: noise generators, surge protectors, scanning radios and many other devices that "block" potential channels of information leakage or allow them to be detected. The advantages of technical means are related to their reliability, independence from subjective factors and high resistance to modification. The weaknesses include a lack of flexibility, relatively large volume and mass and high cost. The hardware for information protection includes the most diverse technical structures in terms of operation, device and capabilities, which ensure the suppression of disclosure, protection against leakage and counteraction to unauthorized access to sources of confidential information.\r\n<span style=\"font-weight: bold;\">Where is the hardware used to protect information?</span>\r\nHardware information protection is used to solve the following problems:\r\n<ul><li>conducting special studies of technical means of ensuring production activity for the presence of possible channels of information leakage;</li><li>identification of information leakage channels at various objects and in premises;</li><li>localization of information leakage channels;</li><li>search and detection of industrial espionage tools;</li><li>countering unauthorized access to confidential information sources and other actions.</li></ul>\r\n<span style=\"font-weight: bold;\">What is the classification of information security hardware?</span>\r\nAccording to the functional purpose, the hardware can be classified into detection tools, search tools and detailed measurements and active and passive countermeasures. At the same time, according to their technical capabilities, information protection tools can be general-purpose, designed for use by non-professionals in order to obtain preliminary (general) estimates, and professional complexes that allow for a thorough search, detection and precision measurement of all the characteristics of industrial espionage equipment. As an example of the former, we can consider a group of IP electromagnetic radiation indicators, which have a wide range of received signals and rather low sensitivity. As a second example - a complex for the detection and direction finding of radio bookmarks, designed to automatically detect and locate radio transmitters, radio microphones, telephone bookmarks and network radio transmitters.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Hardware.png"},{"id":178,"title":"IoT - Internet of Things","alias":"iot-internet-of-things","description":"The Internet of things (IoT) is the extension of Internet connectivity into physical devices and everyday objects. Embedded with electronics, Internet connectivity, and other forms of hardware (such as sensors), these devices can communicate and interact with others over the Internet, and they can be remotely monitored and controlled.\r\nThe definition of the Internet of things has evolved due to the convergence of multiple technologies, real-time analytics, machine learning, commodity sensors, and embedded systems. Traditional fields of embedded systems, wireless sensor networks, control systems, automation (including home and building automation). and others all contribute to enabling the Internet of things. In the consumer market, IoT technology is most synonymous with products pertaining to the concept of the "smart home", covering devices and appliances (such as lighting fixtures, thermostats, home security systems and cameras, and other home appliances) that support one or more common ecosystems, and can be controlled via devices associated with that ecosystem, such as smartphones and smart speakers.\r\nThe IoT concept has faced prominent criticism, especially in regards to privacy and security concerns related to these devices and their intention of pervasive presence.","materialsDescription":"<span style=\"font-weight: bold;\">What is the Internet of Things (IoT)?</span>\r\nThe Internet of things refers to the network of things (physical objects) that can be connected to the Internet to collect and share data without human-to-human or human-to-computer interaction.\r\n<span style=\"font-weight: bold;\">Why is it called the Internet of Things?</span>\r\nThe term Internet of things was coined by Kevin Ashton in 1999. Stemming from Kevin Ashton’s experience with RFID, the term Internet of things originally described the concept of tagging every object in a person’s life with machine-readable codes. This would allow computers to easily manage and inventory all of these things.\r\nThe term IoT today has evolved to a much broader prospect. It now encompasses ubiquitous connectivity, devices, sensors, analytics, machine learning, and many other technologies.\r\n<span style=\"font-weight: bold;\">What is an IoT solution?</span>\r\nAn IoT solution is a combination of devices or other data sources, outfitted with sensors and Internet connected hardware to securely report information back to an IoT platform. This information is often a physical metric which can help users answer a question or solve a specific problem.\r\n<span style=\"font-weight: bold;\">What is an IoT Proof of Concept (PoC)?</span>\r\nThe purpose of a PoC is to experiment with a solution in your environment, collect data, and evaluate performance from a set timeline on a set budget. A PoC is a low-risk way to introduce IoT to an organization.\r\n<span style=\"font-weight: bold;\">What is an IoT cloud platform?</span>\r\nAn IoT platform provides users with one or more of these key elements — visualization tools, data security features, a workflow engine and a custom user interface to utilize the information collected from devices and other data sources in the field. These platforms are based in the cloud and can be accessed from anywhere.\r\n<span style=\"font-weight: bold;\">What is industrial equipment monitoring?</span>\r\nIndustrial equipment monitoring uses a network of connected sensors - either native to a piece of equipment or retrofitted - to inform owners/operators of a machine’s output, component conditions, need for service or impending failure. Industrial equipment monitoring is an IoT solution which can utilize an IoT platform to unify disparate data and enable decision-makers to respond to real-time data.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/IoT_-_Internet_of_Things.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":5393,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Ribbon_Communications.png","logo":true,"scheme":false,"title":"Ribbon Communications NetProtect","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"ribbon-communications-netprotect","companyTitle":"Ribbon Communications Operating Company, Inc.","companyTypes":["supplier","vendor"],"companyId":5796,"companyAlias":"ribbon-communications-operating-company-inc","description":"<p class=\"align-center\"><b>The Threat </b></p>\r\nBad actors are constantly looking for ways to cause havoc either for monetary gains, to disrupt internal and external facing customer services, or just do reconnaissance into the entire corporate network. And, the rapid pace of growth for SIP-based real-time communications (RTC) has caught the attention of bad actors. \r\n<p class=\"align-center\"><b>Solution</b></p>\r\nTo address the numerous types of RTC threats, Ribbon Analytics NetProtect application is the answer for your communication network that cannot be secured at any individual device or application layer. NetProtect coordinates RTC protection at the IP, application, and call layers which changes how RTC security is implemented. \r\n<p class=\"align-center\"><b>Ribbon Protect Platform </b></p>\r\nNetProtect leverages Ribbon’s Protect big data analytics platform to respond to real-time communications security and network quality incidents faster, more intelligently, and more efficiently. The heart of the Protect platform is its UC anomaly detection and policy mitigation capability. The anomaly detection module collects and analyzes data across the entire communications network which is then made available to Ribbon Analytics applications. With customer-defined policy management functionality, detected anomalies generate alerts (e.g. SMS, email) and can be mitigated with actions to the appropriate network elements in real-time. \r\n<b>Features & Benefits </b>\r\n<ul> <li>Rapidly pinpoints UC security threats and closes the security aperture in your UC network </li> <li>Data ingested from Ribbon SBCs and PSX platforms as well as other 3rd party UC network devices </li> <li>Disseminate security policies across network “enforcers” such as SBCs and firewalls </li> <li>Provides a single repository for an end-to-end view of your network operations </li> <li>Virtualized, micro-services architecture for rapid deployment </li> <li>No separate hardware or software probes required </li> <li>Supports applications for UC security, fraud management and network-wide intelligence </li> </ul>","shortDescription":"Redefining the Real-time Communications Security Perimeter","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":4,"sellingCount":9,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Ribbon Communications NetProtect","keywords":"","description":"<p class=\"align-center\"><b>The Threat </b></p>\r\nBad actors are constantly looking for ways to cause havoc either for monetary gains, to disrupt internal and external facing customer services, or just do reconnaissance into the entire corporate network. And, th","og:title":"Ribbon Communications NetProtect","og:description":"<p class=\"align-center\"><b>The Threat </b></p>\r\nBad actors are constantly looking for ways to cause havoc either for monetary gains, to disrupt internal and external facing customer services, or just do reconnaissance into the entire corporate network. And, th","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Ribbon_Communications.png"},"eventUrl":"","translationId":5392,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":4882,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/videc_logo.png","logo":true,"scheme":false,"title":"Videc IRMA","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"videc-irma","companyTitle":"VIDEC Data Engineering GmbH","companyTypes":["supplier","vendor"],"companyId":7431,"companyAlias":"videc-data-engineering-gmbh","description":"With <span style=\"font-weight: bold;\">IRMA® (Industry Risk Management Automisation)</span>, you can fall back on an effective industrial computer system that can be used to quickly identify and fight off cyberattacks. Without carrying out any kind of activity in your IT network, IRMA® constantly monitors your production plants, provides information on cyber attacks, and enables risk-based analysis, as well as an intelligent alarm system via a clearly-organized management console. This means that risks can be evaluated in good time and actions to stop an attack or to effectively mitigate its consequences can be initiated without hesitation.\r\nThe particular highlight: from the current version, 18.06, the IT-SiG Sicherheitsstandard (B3S) Wasser / Abwasser [IT Security Act safety standard (B3S) for the water/wastewater sector] from the DVGW [German Technical and Scientific Association for Gas and Water] and the DWA [German Association for Water, Wastewater and Waste] (W1060/M1060) is integrated into the IRMA® security appliance.\r\nIRMA® was developed as an innovative, state-of-the-art IT solution and thus guarantees your ability to act in the event of a cyber attack.\r\n<span style=\"font-weight: bold;\">FUNCTIONS:</span>\r\n<ul><li>Cognitive anomaly recognition & immediate IT visualization.</li><li>Constant monitoring with a passive approach.</li><li>Swift usage – simple operability.</li><li>Integration of IT-SiG Sicherheitsstandard Wasser / Abwasser (W1060/M1060).</li></ul>\r\n<span style=\"font-weight: bold;\">ADVANTAGES:</span>\r\n<ul><li>Optimal IT security state of the art.</li><li>Immediate recognition of anomalies in the IT network.</li><li>Passive automated monitoring.</li><li>Safeguarding of systems that cannot be patched e.g. Windows NT/2000/XP, old PLCs, OPC Classic.</li><li>Safeguarding of certified production plants and processes without re-certification (e.g. for the pharmaceutical, chemical or food sectors).</li><li>Immediately ready for use thanks to its simple installation and manufacturer-independent concept.</li><li>Complete oversight and security for your IT systems, network connections, and data connections.</li><li>Integrated alarm management for cybersecurity incidents.</li><li>In real-time constant monitoring, recognition of attacks and reporting.</li><li>Methodical tool for targeted risk analysis, as well as support in firewall parameterization.</li></ul>","shortDescription":"Holistic protection from cyber-attacks in your production plants.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":16,"sellingCount":1,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Videc IRMA","keywords":"","description":"With <span style=\"font-weight: bold;\">IRMA® (Industry Risk Management Automisation)</span>, you can fall back on an effective industrial computer system that can be used to quickly identify and fight off cyberattacks. Without carrying out any kind of activity ","og:title":"Videc IRMA","og:description":"With <span style=\"font-weight: bold;\">IRMA® (Industry Risk Management Automisation)</span>, you can fall back on an effective industrial computer system that can be used to quickly identify and fight off cyberattacks. Without carrying out any kind of activity ","og:image":"https://old.roi4cio.com/fileadmin/user_upload/videc_logo.png"},"eventUrl":"","translationId":4883,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":840,"title":"ICS/SCADA Cyber Security","alias":"icsscada-cyber-security","description":"SCADA security is the practice of protecting supervisory control and data acquisition (SCADA) networks, a common framework of control systems used in industrial operations. These networks are responsible for providing automated control and remote human management of essential commodities and services such as water, natural gas, electricity and transportation to millions of people. They can also be used to improve the efficiencies and quality in other less essential (but some would say very important!) real-world processes such as snowmaking for ski resorts and beer brewing. SCADA is one of the most common types of industrial control systems (ICS).\r\nThese networks, just like any other network, are under threat from cyber-attacks that could bring down any part of the nation's critical infrastructure quickly and with dire consequences if the right security is not in place. Capital expenditure is another key concern; SCADA systems can cost an organization from tens of thousands to millions of dollars. For these reasons, it is essential that organizations implement robust SCADA security measures to protect their infrastructure and the millions of people that would be affected by the disruption caused by an external attack or internal error.\r\nSCADA security has evolved dramatically in recent years. Before computers, the only way to monitor a SCADA network was to deploy several people to each station to report back on the state of each system. In busier stations, technicians were stationed permanently to manually operate the network and communicate over telephone wires.\r\nIt wasn't until the introduction of the local area network (LAN) and improvements in system miniaturization that we started to see advances in SCADA development such as the distributed SCADA network. Next came networked systems that were able to communicate over a wide area network (WAN) and connect many more components together.\r\nFrom local companies to federal governments, every business or organization that works with SCADA systems are vulnerable to SCADA security threats. These threats can have wide-reaching effects on both the economy and the community. Specific threats to SCADA networks include the following:\r\n<span style=\"font-weight: bold;\">Hackers.</span> Individuals or groups with malicious intent could bring a SCADA network to its knees. By gaining access to key SCADA components, hackers could unleash chaos on an organization that can range from a disruption in services to cyber warfare.\r\n<span style=\"font-weight: bold;\">Malware.</span> Malware, including viruses, spyware and ransomware can pose a risk to SCADA systems. While malware may not be able to specifically target the network itself, it can still pose a threat to the key infrastructure that helps to manage the SCADA network. This includes mobile SCADA applications that are used to monitor and manage SCADA systems.\r\n<span style=\"font-weight: bold;\">Terrorists.</span> Where hackers are usually motivated by sordid gain, terrorists are driven by the desire to cause as much mayhem and damage as possible.\r\n<span style=\"font-weight: bold;\">Employees.</span> Insider threats can be just as damaging as external threats. From human error to a disgruntled employee or contractor, it is essential that SCADA security addresses these risks.\r\nManaging today's SCADA networks can be a challenge without the right security precautions in place. Many networks are still without the necessary detection and monitoring systems and this leaves them vulnerable to attack. Because SCADA network attacks exploit both cyber and physical vulnerabilities, it is critical to align cybersecurity measures accordingly.","materialsDescription":"<span style=\"font-weight: bold;\">What is the difference between ICS/SCADA cybersecurity and information security?</span>\r\nAutomated process control systems (SCADA) have a lot of differences from “traditional” corporate information systems: from the destination, specific data transfer protocols and equipment used and ending with the environment in which they operate. In corporate networks and systems, as a rule, the main protected resource is information that is processed, transmitted and stored in automated systems, and the main goal is to ensure its confidentiality. In ICS, the protected resource, first of all, is the technological process itself, and the main goal is to ensure its continuity (accessibility of all nodes) and integrity (including information transmitted between the nodes of the ICS). Moreover, the field of potential risks and threats to ICS, in comparison with corporate systems, expands with risks of potential damage to life and health of personnel and the public, damage to the environment and infrastructure. That is why it is incorrect to talk about “information security” in relation to ICS/SCADA. In English sources, the term “cybersecurity” is used for this, a direct translation of which (cybersecurity) is increasingly found in our market in relation to the protection of process control systems.\r\n<span style=\"font-weight: bold;\">Is it really necessary?</span>\r\nIt is necessary. There are a number of myths about process control systems, for example: “process control systems are completely isolated from the outside world”, “process control systems are too specific for someone to crack”, “process control systems are reliably protected by the developer”, or even “No one will ever try us, hacking us is not interesting. ” All this is no longer true. Many modern distributed process control systems have one or another connection with the corporate network, even if the system owners are unaware of this. Communication with the outside world greatly simplifies the task of the attacker, but does not remain the only possible option. Automated process control software and data transfer protocols are, as a rule, very, very insecure against cyber threats. This is evidenced by numerous articles and reports of experts involved in the study of the protection of industrial control systems and penetration tests. The PHDays III section on hacking automated process control systems impressed even ardent skeptics. Well, and, of course, the argument “they have NOT attacked us, therefore they will not” - can hardly be considered seriously. Everyone has heard about Stuxnet, which dispelled almost all the myths about the safety of ICS at once.\r\n<span style=\"font-weight: bold;\">Who needs this?</span>\r\nWith the phrase ICS/SCADA, most imagine huge plants, automated CNC machines or something similar. However, the application of process control systems is not limited to these objects - in the modern age of automation, process control systems are used everywhere: from large production facilities, the oil and gas industry, transport management to smart home systems. And, by the way, with the protection of the latter, as a rule, everything can be much worse, because the developer silently and imperceptibly shifts responsibility to the shoulders of the user.\r\nOf course, some of the objects with automated process control systems are more interesting for attackers, others less. But, given the ever-growing number of vulnerabilities discovered and published in the ICS, the spread of "exclusive" (written for specific protocols and ICS software) malware, considering your system safe "by default" is unreasonable.\r\n<span style=\"font-weight: bold;\">Are ICS and SCADA the same thing?</span>\r\nNo. SCADA systems (supervisory control and data acquisition, supervisory control and data collection) are part of the control system. Usually, a SCADA system means centralized control and management systems with the participation of a person as a whole system or a complex of industrial control systems. SCADA is the central link between people (human-machine interfaces) and PLC levels (programmable logic controller) or RTU (remote terminal unit).\r\n<span style=\"font-weight: bold;\">What is ICS/SCADA cybersecurity?</span>\r\nIn fact, ICS cybersecurity is a process similar to “information security” in a number of properties, but very different in details. And the devil, as you know, lies in them. ICS/SCADA also has similar information security-related processes: asset inventory, risk analysis and assessment, threat analysis, security management, change management, incident response, continuity, etc. But these processes themselves are different.<br />The cyber security of ICSs has the same basic target qualities - confidentiality, integrity and accessibility, but the significance and point of application for them are completely different. It should be remembered that in ICS/SCADA we, first of all, protect the technological process. Beyond this - from the risks of damage to human health and life and the environment.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_SCADA_Cyber_Security.png"},{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":5139,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/nid.png","logo":true,"scheme":false,"title":"NiD Sonar","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"nid-sonar","companyTitle":"NiD SA","companyTypes":["supplier","vendor"],"companyId":7114,"companyAlias":"nid-sa","description":"NiD (formerly Nagra ID), an expert in secure data processing, has developed a turnkey solution called NiD Sonar, revolutionizing the retail industry. Developed for businesses, this innovative and user-friendly system enables brands to track retailers’ sales in real time, providing a valuable source of information. The data it provides, summarized in live dashboards and sent to brands at the frequency they require, provides a mine of information for every department of a business.\r\n<b>Features and Benefits:</b>\r\n<ul> <li>Supplu Chain manager. Optimized management of stock and replenishment. NiD Sonar is intelligent – simplifying the management of stock and replenishment and enabling brands to benefit from enhanced logistics reactivity. </li> <li> Marketing. Key information on market preferences and trends. With this innovative system, your marketing department has access to information broken down by segment and by market, while identifying consumer tastes and habits worldwide. </li> <li> CEO & CFO. A comprehensive performance and business overview. NiD Sonar offers a 360° view of your business and cash flows. It is an effective way for CEOs and CFOs to evaluate and optimize performance across all markets. </li> <li>Customer Care. Cutting-edge Customer Care. Once it has been scanned through the payment terminal, the NiD Sonar card can serve as a warranty and as a certificate of authenticity. It can also be used as a dynamic record to track sold items </li> <li> Sales Team. Optimal understanding of retailers and customers. An infinite source of information for sales departments, NiD Sonar provides an ingenious solution for gaining a better understanding of retailers and customers. With its end-to-end system, it gives sales teams clear insight into stock status, allowing them to react to market demand. </li> </ul>","shortDescription":"NiD Sonar is an asset to face the new challenges of retail as it is fully customizable to suit the needs of each customer.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"NiD Sonar","keywords":"","description":"NiD (formerly Nagra ID), an expert in secure data processing, has developed a turnkey solution called NiD Sonar, revolutionizing the retail industry. Developed for businesses, this innovative and user-friendly system enables brands to track retailers’ sales in","og:title":"NiD Sonar","og:description":"NiD (formerly Nagra ID), an expert in secure data processing, has developed a turnkey solution called NiD Sonar, revolutionizing the retail industry. Developed for businesses, this innovative and user-friendly system enables brands to track retailers’ sales in","og:image":"https://old.roi4cio.com/fileadmin/user_upload/nid.png"},"eventUrl":"","translationId":5138,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":5395,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/RioRey.png","logo":true,"scheme":false,"title":"RioRey rWeb","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"riorey-rweb","companyTitle":"RioRey","companyTypes":["vendor"],"companyId":8442,"companyAlias":"riorey","description":"Highly scalable and easy to deploy, rWeb combines network visibility, powerful tools, and educational resources to create a cost-effective, “all-in-one” platform for managing DDoS defense. Designed to be powerful yet simple to learn, rWeb gives your team visibility into your network and the availability to provide your own tiered DDoS service to your customer base, or control precisely who has access to your DDoS solution within your organization. \r\n<b>Key Features of rWeb</b>\r\n<ul> <li>Centrally manage all RioRey devices in your network with rWeb regardless of network size, number or location </li> <li>rWeb’s browser-based user interface has a wide range of tools that allows for clear, real- time statistical reporting and analysis of your network traffic </li> <li>Full multi-tenancy and user permission controls </li> <li>Functions as a user portal for credentialed users to access reporting and controls for their assigned groups and zones </li> <li>Designed to allow users to easily offer a tiered DDoS solution to downstream customers </li> <li>Manage single filtering devices, or large, globally distributed filtering deployments </li> <li>Customizable automatic real-time attack alerts </li> <li>Automatic periodic attack summary reporting with automatic email distribution </li> <li>rWeb’s Robust API makes all functions available for integration into internal systems and provides almost unlimited reporting flexibility </li> <li>rWeb is delivered on a pre- installed 1U server or it is available as a VM </li> </ul>\r\n<b>Visualize Network Disruptions </b>\r\nrWeb allows network operators to have complete visibility into the traffic passing through their network, the specifics of what attacks are occurring and how they being handled. Within rWeb’s simple-to-use interface, operators can quickly analyze both sophisticated attacks and line-rate floods with rWeb’s comprehensive range of tools: \r\n<ul> <li>Detailed graphs break down traffic and reveal anomalous patterns </li> <li>Algorithmic analysis describes the properties of detected attacks </li> <li>Real-time statistical reporting allows you to highlight and view top offenders </li> <li>View IP addresses with their correlated Autonomous Systems and country of origin </li> <li>View captured packets to easily see attack payloads and traffic flows Export and Integrate Data </li> </ul>","shortDescription":"A powerful multi-tenant management and reporting system for RioRey DDoS defense platforms ","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":19,"sellingCount":10,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"RioRey rWeb","keywords":"","description":"Highly scalable and easy to deploy, rWeb combines network visibility, powerful tools, and educational resources to create a cost-effective, “all-in-one” platform for managing DDoS defense. Designed to be powerful yet simple to learn, rWeb gives your team visib","og:title":"RioRey rWeb","og:description":"Highly scalable and easy to deploy, rWeb combines network visibility, powerful tools, and educational resources to create a cost-effective, “all-in-one” platform for managing DDoS defense. Designed to be powerful yet simple to learn, rWeb gives your team visib","og:image":"https://old.roi4cio.com/fileadmin/user_upload/RioRey.png"},"eventUrl":"","translationId":5394,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":5397,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Security_Compass.png","logo":true,"scheme":false,"title":"Security Compass SD Elements","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"security-compass-sd-elements","companyTitle":"Security Compass","companyTypes":["supplier","vendor"],"companyId":5809,"companyAlias":"security-compass","description":"SD Elements automatically identifies and classifies risks and translates complex requirements into actionable tasks that improve your security posture. It automates Risk Assessments, Threat Modeling, Secure Development, and Regulatory Compliance - at scale.\r\n<b>How SD Elements works</b>\r\n<ul> <li>Analyze. Analyzes application or system characteristics via survey or 1 automated tools</li> <li>Classify. Classifies the application or system based on inherent risks</li> <li>Translate. Translates security and compliance policies into prescriptive controls including detailed requirements, sample code, and test plans to mitigate risks</li> <li>Validate. Validates that controls are implemented through test cases 4 and integrations with security tools</li> <li>Monitor. Continuously monitors security profile and audit readiness</li> </ul>\r\n<b>Features:</b>\r\n<b>Secure Development </b>\r\n<i>Translate design, development and testing guidelines into actionable and enforceable tasks</i>\r\nSecurity requirements and guidelines for development and QA are constantly changing - and are applied inconsistently. SD Elements corrects this. On completion of a brief survey, SD Elements automatically identifies applicable secure development guidelines and translates those into actionable development tasks. \r\n<b>Threat Modeling </b>\r\n<i>Identify common threats and assign actionable tasks to mitigate risk</i>\r\nManual processes are expensive, slow, and require hard-tofind subject matter experts. SD Elements automates threat modeling activities to uncover inherent risks, significantly expediting these processes while reserving manual STRIDEstyle activities for your most critical assets.\r\n<b>Risk Assessments</b>\r\n<i>Classify risk and generate actionable tasks to comply with your security policies</i>\r\nSD Elements accelerates risk assessments, reducing demands on scarce security resources and providing visibility to risk across a broader portion of your projects. On completion of a configurable survey, SD Elements assigns a risk classification to a project, then generates and assigns prioritized, actionable controls based on your company’s existing internal policies. Controls can include code samples and test cases to verify successful implementation. Instant reports and a robust API provide continuous visibility into risk posture.\r\n<b>Compliance</b>\r\n<i>Translate complex internal and external requirements into actionable and auditable tasks</i>\r\nSD Elements enables compliance by providing organizations with continuous visibility and traceability of adherence to regulatory standards. It captures regulatory requirements for each project and translates them into actionable and auditable tasks that development teams can implement. Integrations with issue trackers and testing solutions allows organizations to track each task for completion and provides near real-time auditability.","shortDescription":"SD Elements Automatically Builds In And Enables Compliance Throughout The Software Lifecycle.\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":7,"sellingCount":13,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Security Compass SD Elements","keywords":"","description":"SD Elements automatically identifies and classifies risks and translates complex requirements into actionable tasks that improve your security posture. It automates Risk Assessments, Threat Modeling, Secure Development, and Regulatory Compliance - at scale.\r\n<","og:title":"Security Compass SD Elements","og:description":"SD Elements automatically identifies and classifies risks and translates complex requirements into actionable tasks that improve your security posture. It automates Risk Assessments, Threat Modeling, Secure Development, and Regulatory Compliance - at scale.\r\n<","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Security_Compass.png"},"eventUrl":"","translationId":5396,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"jobRoles":[{"id":58,"title":"Chief Executive Officer"},{"id":60,"title":"Chief Information Officer"},{"id":62,"title":"Chief Technical Officer"},{"id":64,"title":"Chief IT Security Officer"}],"organizationalFeatures":["GDPR Compliance","Internet access is available for employees"],"complementaryCategories":[],"solutions":["Inability to forecast execution timelines","Risk of data loss or damage","Non-compliant with IT security requirements","Shortage of information for decision making","Insufficient risk management"],"materials":[{"id":1494,"title":"","description":"CB Protection Datasheet","uri":"https://www.carbonblack.com/wp-content/uploads/2018/12/CB_Protection_DataSheet_122018_RGB.pdf"}],"useCases":[{"id":629,"title":"GDPR: Burden or Benefit?","description":" Ask a CISO what’s keeping them awake at night and all too often, they’ll mention their organisation’s readiness for the upcoming General Data Protection Regulation (GDPR) legislation. A recent survey showed that only a third of respondents are already compliant or on target to be compliant with the GDPR. But how has the GDPR earned its fearsome reputation? <link https://www.carbonblack.com/resource/gdpr-burden-benefit/ - external-link-new-window \"Opens internal link in current window\">Read more</link>","imageURL":"https://old.roi4cio.com/fileadmin/user_upload/carbon_black.png"}],"best_practices":[],"values":["Ensure Security and Business Continuity","Support Decision Making","Ensure Compliance","Manage Risks"],"implementations":[{"id":876,"title":"Carbon Black (CB) Protection, Carbon Black (CB) Response for Core-Mark International","url":"https://old.roi4cio.com/vnedrenija/vnedrenie/carbon-black-cb-protection-carbon-black-cb-response-for-core-mark-international/"}],"presenterCodeLng":"","productImplementations":[{"id":876,"title":"Carbon Black (CB) Protection, Carbon Black (CB) Response for Core-Mark International","description":"<span style=\"font-weight: bold;\">Summary</span>\r\nAs one of the largest and most valued distributors of consumer goods to convenience stores throughout North America, Core-Mark International is very invested in having a strong security posture. Director of Network Systems Ken Merrigan and his team chose Carbon Black to meet various security needs within the organization and have found the visibility and control into their environment unmatched.\r\n<span style=\"font-weight: bold;\">Expanding Their Security Footprint</span>\r\nSeveral years ago when high profile company breaches became increasingly news-worthy, Core-Mark received a mandate from their executives to increase the security footprint of the organization. With the very basic antivirus product that they had, the security team set out to upgrade to a solution that would provide them both visibility and protection.\r\n<span style=\"font-style: italic;\">“We didn’t have that comprehensive protection that traditional antivirus doesn’t give,”</span> said Julian Alexander, Network Analyst. <span style=\"font-style: italic;\">“We needed visibility into our environment that we didn’t have in the past.”</span><br />After evaluating several vendors they found Carbon Black’s products best met the needs of the security team and the organization.\r\n<span style=\"font-weight: bold;\">Gaining Control Over Their Environment</span>\r\nAfter deploying both CB Protection and CB Response, Core-Mark International gained both the insight into their environment and the application whitelisting capabilities they had been looking for.\r\n<span style=\"font-style: italic;\">“By having chosen Carbon Black we now have visibility, awareness and control over our environment,”</span> said Alexander. <span style=\"font-style: italic;\">“When we looked into the Carbon Black technology we wanted the change control approach which Carbon Black definitely had. We looked at other vendors in the space and Carbon Black was definitely the best choice.”</span>\r\n<span style=\"font-weight: bold;\">Conclusion</span>\r\nAs strong believers in the whitelisting approach to security for their critical systems the team has found Carbon Black continues to prevent unwanted files from running and gives them the insight they need into what is happening on their endpoints.<br /><span style=\"font-style: italic;\">“Carbon Black has a wide variety of products that could fit the need of almost any company,”</span> concludes Merrigan. ","alias":"carbon-black-cb-protection-carbon-black-cb-response-for-core-mark-international","roi":0,"seo":{"title":"Carbon Black (CB) Protection, Carbon Black (CB) Response for Core-Mark International","keywords":"","description":"<span style=\"font-weight: bold;\">Summary</span>\r\nAs one of the largest and most valued distributors of consumer goods to convenience stores throughout North America, Core-Mark International is very invested in having a strong security posture. Director of Netw","og:title":"Carbon Black (CB) Protection, Carbon Black (CB) Response for Core-Mark International","og:description":"<span style=\"font-weight: bold;\">Summary</span>\r\nAs one of the largest and most valued distributors of consumer goods to convenience stores throughout North America, Core-Mark International is very invested in having a strong security posture. Director of Netw"},"deal_info":"","user":{"id":5984,"title":"Core-Mark Holding Company","logoURL":"https://old.roi4cio.com/uploads/roi/company/core-mark_logo.jpg","alias":"core-mark-holding-company","address":"","roles":[],"description":" Core-Mark Holding Company (NASDAQ: CORE) distributes fresh, chilled and frozen merchandise mainly to convenience stores in the United States. It also provides associated business services such as category management and management of promotions.\r\nFounded in 1888, Core-Mark serves 44,000 customer locations in the U.S. and Canada. The company operates 32 distribution centers (excluding two distribution centers which are operated as a third party logistics provider). Core-Mark's headquarters are in Westlake, TX and it employs about 8,100 employees throughout North America. Core-Mark services convenience retailers including traditional convenience stores as well as grocery stores, big box retailers, drug stores, liquor and specialty stores, and other stores that carry convenience products.\r\n\r\nSource: https://en.wikipedia.org/wiki/Core-Mark","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.core-mark.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Core-Mark Holding Company","keywords":"","description":" Core-Mark Holding Company (NASDAQ: CORE) distributes fresh, chilled and frozen merchandise mainly to convenience stores in the United States. It also provides associated business services such as category management and management of promotions.\r\nFounded in 1","og:title":"Core-Mark Holding Company","og:description":" Core-Mark Holding Company (NASDAQ: CORE) distributes fresh, chilled and frozen merchandise mainly to convenience stores in the United States. It also provides associated business services such as category management and management of promotions.\r\nFounded in 1","og:image":"https://old.roi4cio.com/uploads/roi/company/core-mark_logo.jpg"},"eventUrl":""},"supplier":{"id":4070,"title":"Carbon Black","logoURL":"https://old.roi4cio.com/uploads/roi/company/Carbon_Black.png","alias":"carbon-black","address":"","roles":[],"description":"Carbon Black was founded by former members of the U.S. government’s elite team of offensive security hackers. Trained by the NSA and CIA, our founders possessed early insights into the tools and techniques of 21st century cyber hackers. For more than 15 years, our leadership and software have outpaced increasingly sophisticated attacks.\r\nPioneers in the Market\r\nWe’re delivering a new generation of endpoint security, purposely designed to protect your organization from the most advanced cyberattacks. Our pioneering approach to application control, endpoint detection and response (EDR), and next-generation antivirus (NGAV) has been rigorously tested and proven by highly regarded third-party industry analysts. Some of this recognition is highlighted, below, under Awards.\r\nCustomer Driven\r\nThirty of the Fortune 100 rely on Carbon Black. Our diverse customer base includes Silicon Valley leaders in internet search, social media, transportation, government, finance, and higher education. Collectively, 3,000+ organizations trust us to protect more than 9 million endpoints around the world. With an eye on empowering every security team and protecting every endpoint, we stand true to our founding vision: To create a world safe from cyberattacks.","companyTypes":[],"products":{},"vendoredProductsCount":7,"suppliedProductsCount":7,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":4,"vendorImplementationsCount":4,"vendorPartnersCount":0,"supplierPartnersCount":2,"b4r":0,"categories":{},"companyUrl":"https://www.carbonblack.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Carbon Black","keywords":"endpoint, security, Carbon, Black, world, more, cyberattacks, from","description":"<div>Carbon Black was founded by former members of the U.S. government’s elite team of offensive security hackers. Trained by the NSA and CIA, our founders possessed early insights into the tools and techniques of 21st century cyber hackers. For more than 15 y","og:title":"Carbon Black","og:description":"<div>Carbon Black was founded by former members of the U.S. government’s elite team of offensive security hackers. Trained by the NSA and CIA, our founders possessed early insights into the tools and techniques of 21st century cyber hackers. For more than 15 y","og:image":"https://old.roi4cio.com/uploads/roi/company/Carbon_Black.png"},"eventUrl":""},"vendors":[{"id":4070,"title":"Carbon Black","logoURL":"https://old.roi4cio.com/uploads/roi/company/Carbon_Black.png","alias":"carbon-black","address":"","roles":[],"description":"Carbon Black was founded by former members of the U.S. government’s elite team of offensive security hackers. Trained by the NSA and CIA, our founders possessed early insights into the tools and techniques of 21st century cyber hackers. For more than 15 years, our leadership and software have outpaced increasingly sophisticated attacks.\r\nPioneers in the Market\r\nWe’re delivering a new generation of endpoint security, purposely designed to protect your organization from the most advanced cyberattacks. Our pioneering approach to application control, endpoint detection and response (EDR), and next-generation antivirus (NGAV) has been rigorously tested and proven by highly regarded third-party industry analysts. Some of this recognition is highlighted, below, under Awards.\r\nCustomer Driven\r\nThirty of the Fortune 100 rely on Carbon Black. Our diverse customer base includes Silicon Valley leaders in internet search, social media, transportation, government, finance, and higher education. Collectively, 3,000+ organizations trust us to protect more than 9 million endpoints around the world. With an eye on empowering every security team and protecting every endpoint, we stand true to our founding vision: To create a world safe from cyberattacks.","companyTypes":[],"products":{},"vendoredProductsCount":7,"suppliedProductsCount":7,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":4,"vendorImplementationsCount":4,"vendorPartnersCount":0,"supplierPartnersCount":2,"b4r":0,"categories":{},"companyUrl":"https://www.carbonblack.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Carbon Black","keywords":"endpoint, security, Carbon, Black, world, more, cyberattacks, from","description":"<div>Carbon Black was founded by former members of the U.S. government’s elite team of offensive security hackers. Trained by the NSA and CIA, our founders possessed early insights into the tools and techniques of 21st century cyber hackers. For more than 15 y","og:title":"Carbon Black","og:description":"<div>Carbon Black was founded by former members of the U.S. government’s elite team of offensive security hackers. Trained by the NSA and CIA, our founders possessed early insights into the tools and techniques of 21st century cyber hackers. For more than 15 y","og:image":"https://old.roi4cio.com/uploads/roi/company/Carbon_Black.png"},"eventUrl":""}],"products":[],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{},"categories":[],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"https://www.carbonblack.com/wp-content/uploads/2018/12/cb-case-study-core-mark-intl.pdf","title":"-"}},"comments":[],"referencesCount":0}]}},"aliases":{},"links":{},"meta":{},"loading":false,"error":null,"useProductLoading":false,"sellProductLoading":false,"templatesById":{},"comparisonByTemplateId":{}},"filters":{"filterCriterias":{"loading":false,"error":null,"data":{"price":{"min":0,"max":6000},"users":{"loading":false,"error":null,"ids":[],"values":{}},"suppliers":{"loading":false,"error":null,"ids":[],"values":{}},"vendors":{"loading":false,"error":null,"ids":[],"values":{}},"roles":{"id":200,"title":"Roles","values":{"1":{"id":1,"title":"User","translationKey":"user"},"2":{"id":2,"title":"Supplier","translationKey":"supplier"},"3":{"id":3,"title":"Vendor","translationKey":"vendor"}}},"categories":{"flat":[],"tree":[]},"countries":{"loading":false,"error":null,"ids":[],"values":{}}}},"showAIFilter":false},"companies":{"companiesByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"implementations":{"implementationsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"agreements":{"agreementById":{},"ids":{},"links":{},"meta":{},"loading":false,"error":null},"comparison":{"loading":false,"error":false,"templatesById":{},"comparisonByTemplateId":{},"products":[],"selectedTemplateId":null},"presentation":{"type":null,"company":{},"products":[],"partners":[],"formData":{},"dataLoading":false,"dataError":false,"loading":false,"error":false},"catalogsGlobal":{"subMenuItemTitle":""}}