Black Hat USA 2011 //sponsors
Caesars Palace Las Vegas, NV • July 30 - August 4
Diamond Sponsor:
Qualys, Inc. is the leading provider of on demand IT security risk and compliance management solutions – delivered as a service. Qualys' Software-as-a-Service solutions are deployed in a matter of hours anywhere in the world, providing customers an immediate and continuous view of their security and compliance postures.
The QualysGuard® service is used today by more than 5,000 organizations in 85 countries, including 47 of the Fortune Global 100, and performs more than 500 million IP audits per year. Qualys has the largest vulnerability management deployment in the world at a Fortune Global 50 company, and has been recognized by leading industry analysts for its market leadership. Qualys was recently named Best Security Company in the Excellence Awards category of the 2011 SC Awards U.S.
Qualys has established strategic agreements with leading managed service providers and consulting organizations including BT, Etisalat, Fujitsu, IBM, I(TS)2, LAC, NTT, SecureWorks, Symantec, Tata Communications and TELUS. Qualys is a founding member of the Cloud Security Alliance (CSA).
For more information, please visit: www.qualys.com
Platinum Sponsors:
Accuvant is the nation's premier information security and risk compliance management consulting firm. Our consultants use industry expertise and proven methodologies to help large enterprises assess their environments, improve their compliance postures, and secure their infrastructures. Accuvant LABS is the security assessment and vulnerability research division of Accuvant, providing an array of strategic and tactical services including penetration testing, vulnerability assessments, reverse engineering, advanced security research, and exploit development.
Blue Coat Systems, Inc. is a leading provider of Web security and WAN optimization solutions, built to optimize and secure the flow of information across the network. Our technologies enable organizations to tightly align network investments with business requirements, speed decision making and secure business applications for long-term competitive advantage. In addition, these technologies increase user satisfaction, maximize employee productivity and reduce bandwidth costs, all while ensuring the environment is safe from web-based threats. For additional information, please visit: www.bluecoat.com
Today's borderless organizations are facing unprecedented security challenges. The consumerization of IT, the rise of mobility and the smartphone, the coming of the cloud and XaaS all bring new capabilities, along with new security threats. Network guests, contractors, employees, and partners all need differing levels of access. At the same time hackers, botnets, spam, phishing and trojan viruses present their own challenges.
The Cisco SecureX Architecture, powered by Cisco Security Intelligence Operations, integrates realtime telemetry from over 700,000 appliances which process 5 Billion HTTP requests and 100 Million email messages a day. Analysis and correlation of this data, along with detailed samples of approximately 35% of the world's internet traffic, allows SIO to enable context aware security in Cisco security products. This provides organizations with an effective way to define and enforce security policies that allow the flexible, any-device connectivity that organizations want with the accurate, effective enforcement that they need, across the entire network, without the vulnerabilities associated with content only filters and scanning.
With the industry's largest portfolio of security products and solutions that include appliance, cloud and integrated network security offerings and products as diverse as the ASA firewall family, Cisco IronPort and ScanSafe content security, IPS Sensors, AnyConnect VPN and Security clients and TrustSec enabled by the Identity Services Engine, Cisco is proud to be a BlackHat sponsor.
For more information on Cisco Security, please visit www.cisco.com/go/security
Microsoft is proud to be a continuing sponsor of the Black Hat Security conference. We appreciate Black Hat providing a unique forum in which security researchers from all over the world, IT Pros and industry luminaries can gather to share insights, knowledge and information to advance security research.
Microsoft remains dedicated to software security and privacy and continues to collaborate with the community of people and technology organizations helping to protect customers and the broader ecosystem, Microsoft is also dedicated to software security and privacy.
Since the onset of Trustworthy Computing we have fostered a culture of security within Microsoft that includes developing secure code, building strong relationships with industry researchers and partners, and providing guidance to help protect customers. We would like to thank all of the customers, partners and security researchers who have worked with us to advance the state of the art in security science. Only by working together with partners, researchers and the community can we all ensure the advancement and success of the technology industry.
LogRhythm delivers comprehensive, useful and actionable visibility into what is really going on in and around an enterprise IT environment. It fully integrates traditionally separate log management and security event management functions to collect, analyze and correlate all log data. It builds on an advanced data management structure with extensive data enrichment for real-time analysis. Automated risk-based prioritization, powerful forensics, advanced visualization, file integrity monitoring, network and user monitoring, out-of-the-box compliance reporting packages, TrueTime™ for accurate event sequencing, incident response management and alerting are all accessed via a single, simple-to-use universal console. The Advanced Intelligence (AI) Engine™ delivers advanced correlation and pattern recognition via a simple, drag and drop GUI. Extensive preconfigured rules are combined with the ability to easily create or modify rules, allowing customers to target specific behavior patterns or cast a wider net for greater adaptability
LogRhythm can be architected as a single, all-in-one software solution on dedicated customer hardware, or with a high-volume, distributed enterprise architecture leveraging any combination of hardware and software based components. It delivers comprehensive protection tailored to any environment, with over 500 customers spanning numerous vertical markets, including Banking and Finance, Education, Energy, Government, Healthcare, Insurance, Retail, and others, LogRhythm delivers solutions to organizations of all sizes. Our deployments range in size from modest Small-to-Medium Enterprise environments, to large, distributed architectures designed to support Fortune 500 and multinational organizations with global infrastructure requirements.
NitroSecurity develops security information and compliance management solutions that protect business information and infrastructure. NitroSecurity solutions reduce business risk exposure and increase network and information availability by removing the scalability and performance limitations of security information management. Utilizing the industry's fastest analytical tools, NitroSecurity identifies correlates and remediates threats in minutes instead of hours, allowing organizations to quickly mitigate risks to the organization's information and infrastructure. NitroSecurity serves more than 500 enterprises across many vertical markets, including healthcare, education, financial services, government, retail, hospitality and managed services. For more information, please visit: www.nitrosecurity.com
RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.
Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention and Fraud Protection with industry leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.
Rackspace® Hosting is the world's leading specialist in the hosting and cloud computing industry, and the founder of OpenStack™, an open source cloud platform. The San Antonio-based company provides Fanatical Support® to its customers, across a portfolio of IT services, including Managed Hosting and Cloud Computing. In 2010, Rackspace was recognized by Bloomberg BusinessWeek as a Top 100 Performing Technology Company and listed on the InformationWeek 500 as one of the nation's most innovative users of business technology. The company was also positioned in the Leaders Quadrant by Gartner Inc. in the "2010 Magic Quadrant for Cloud Infrastructure as a Service and Web Hosting." For more information, visit www.rackspace.com
Symantec is a global leader in providing security, storage and systems management solutions to help our customers – from consumers and small businesses to the largest global organizations – secure and manage their information, identities, technology infrastructures and related processes against more risks at more points, more completely and efficiently than any other company. Our unique focus is to eliminate information, technology and process risks independent of device, platform, interaction or location. Our software and services protect completely, in ways that can be managed easily and with controls that can be enforced automatically – enabling confidence wherever information is used or stored.
As the world becomes increasingly technology-centric and information-driven, Symantec is providing the leading products to ensure the availability of data, to backup and recover information, and prevent its loss. This includes helping consumers organize, backup and easily access their digital music, photos, files and more. Small businesses and large organizations can access and ensure the availability of information, whenever it is needed, with company-wide data protection, archiving and high availability clustering solutions. Since information now resides and is used in more places than ever – on phones, notebooks, USB devices, online portals and over global networks, protecting information is increasingly critical. Symantec has leading solutions that can identify and automatically prevent loss of valuable and confidential information – on the endpoint, in storage and over the network.
Symantec provides comprehensive security that more people and organizations count on, with the best-of-breed and market-leading products in each of the company's business categories. From zero-day detection of new security threats to anti-fraud countermeasures, Symantec products continue to receive recognition from analysts and industry publications for providing superior threat detection and more in-depth and comprehensive security and data protection. This protection now extends to more information points, from mobile devices to servers, storage, networks and external and unmanaged systems. Symantec software reaches and protects more information points against more risks than any other company.
Symantec has established some of the most comprehensive sources of Internet threat data in the world through the Symantec™ Global Intelligence Network. This network captures worldwide security intelligence data that gives Symantec analysts unparalleled sources of data to identify and analyze, to deliver protection and provide informed commentary on emerging trends in attacks, malicious code activity, phishing, and spam.
More than 240,000 sensors in more than 200 countries and territories monitor attack activity through a combination of Symantec products and services such as Symantec DeepSight™ Threat Management System, Symantec ™ Managed Security Services and Norton™ consumer products, as well as additional third-party data sources.
Symantec gathers malicious code intelligence from more than 133 million client, server, and gateway systems that have deployed its antivirus products. In addition, Symantec maintains one of the world's most comprehensive vulnerability databases, currently consisting of more than 40,000-recorded vulnerabilities (spanning more than two decades) affecting more than 105,000 technologies from more than 14,000 vendors. Symantec also facilitates the BugTraq™ mailing list, one of the most popular forums for the disclosure and discussion of vulnerabilities on the Internet, which has approximately 24,000 subscribers who contribute, receive, and discuss vulnerability research on a daily basis.
More than half of the world's data is protected by Symantec – in the home, small business and enterprise, including security of a third of the world's email. At Symantec, we envision a world where security follows information everywhere. Through an information- and identity-centric approach that is device and platform independent, our Security 2.0 vision is fast becoming a reality. Information, personal identities, interactions and communications can be protected against online fraud, spam, viruses, malware, inadvertent loss, theft and more, regardless of the system or technology. It's part of a comprehensive strategy to help customers protect their information more completely than any other software company.
Gold Sponsors:
ArcSight, an HP company, is a leading global provider of cybersecurity and compliance solutions that protect organizations from enterprise threats and risks. Based on the market-leading SIEM offering, the ArcSight Enterprise Threat and Risk Management (ETRM) platform enables businesses and government agencies to proactively safeguard digital assets, comply with corporate and regulatory policy and control the internal and external risks associated with cybertheft, cyberfraud, cyberwarfare and cyberespionage. For more information, visit www.arcsight.com.
Core Security Technologies enables organizations to get ahead of threats with security test and measurement solutions that continuously identify and prove real-world exposures to their most critical assets. Our customers can gain real visibility into their security standing, real validation of their security controls, and real metrics to more effectively secure their organizations.
Core Security's software solutions build on over a decade of trusted research and leading-edge threat expertise from the company's Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at +1 (617) 399-6980 or on the Web at: http://www.coresecurity.com.
IBM Security Solutions include an extensive portfolio of hardware, software solutions, professional and managed services offerings covering the spectrum of IT and business security risks: people and identity, data and information, application and process, network, server and endpoint and physical infrastructure, empowering clients to innovate and operate their businesses on the most secure infrastructure platforms. Through world-class solutions that address risk across the enterprise, IBM helps organizations build a strong security posture that helps reduce costs, improve service, and manage risk. IBM X-Force(R) Research and Development is one of the most renowned commercial security research and development groups in the world. For more information on how to address today's biggest risks and to see a demonstration of IBM Rational AppScan, AppScan Source Edition, IBM Security Network Intrusion Prevention System (IPS) and IBM Tivoli Endpoint Manager, please visit us at ibm.com/security.
Established in 1998, IOActive is an industry leader that offers comprehensive computer security services with specializations in smart grid technologies, application security and compliance. Boasting a well-rounded and diverse clientele, IOActive works with a majority of Global 500 companies including power and utility, game, hardware, retail, financial, media, travel, aerospace, healthcare, high-tech, social networking and software development organizations.
IOActive offers a level of customer commitment and quality that has prompted its selection as one of the three firms in the world trusted to perform the mission-critical code reviews and penetration-tests of all of Microsoft's flagship operating system products. Headquartered in Seattle, Washington and London, England, with satellite offices around the world, we are ready to help you with your global enterprise security needs.
As a home for highly skilled and experienced professionals, IOActive attracts the likes of Barnaby Jack, Ilja van Sprundel, Mike Davis and Michael Milvich—talented consultants who contribute to the growing body of security knowledge by speaking at such elite conferences as Black Hat and Ruxcon.
McAfee, Inc., headquartered in Santa Clara, California, is the world's largest dedicated security technology company. McAfee is relentlessly committed to tackling the world's toughest security challenges. The company delivers proactive and proven solutions and services that help secure systems and networks around the world, allowing users to safely connect to the Internet, browse and shop the web more securely. Backed by an award-winning research team, McAfee creates innovative products that empower home users, businesses, the public sector and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security.
NetWitness® is a revolutionary network monitoring platform that provides enterprises a precise and actionable understanding of everything happening on the network. NetWitness solutions are deployed in customer environments to solve a wide range of tough information security problems including: insider threats, zero-day exploits, advanced persistent threats, fraud, espionage, data leakage, targeted malware, and continuous monitoring of security controls. NetWitness customers include enterprises in the Global 1000 in sectors such as financial services, power and energy, telecommunications, retail, and high-tech, as well as government agencies around the world in defense, homeland security, law enforcement, and intelligence. To learn how your security team can 'Know Everything and Answer Anything,' visit www.netwitness.com.
Through its technology platform, Norman delivers core antimalware protection for clients, servers and network security. These products and services are designed to protect business communications and resources, including corporate networks and applications, remote employees, branch offices, and extranets. The company also offers market-leading advanced malware analyzers which enable organizations to automate the process of analyzing suspicious files, identifying types of malware, and assessing threats. Norman's award-winning security solutions protect millions of consumer PCs from hackers, spyware and identity theft. For more information, please visit www.norman.com
Novell offers a compelling set of security management tools. Novell* Sentinel* is an award winning SIEM tool that enables organizations to meet compliance goals and harden their IT environment. Sentinel automates incident identification and resolution based on built-in business rules. With Sentinel*, IT administrators can monitor and track the status of violations and remediation actions, and can quickly identify new trends or attacks across the extended enterprise using virtually any data source.
To simplify compliance with PCI-DSS, Sarbanes-Oxley and other regulations, Novell* Sentinel* Log Manager enables you to collect, store, analyze and manage data logs from all across your enterprise. It is a powerful log management solution that lights a clear path to complete, real-time security information and event management.
Follow us on Twitter: @novellsentinel
Rapid7 is the leading provider of unified vulnerability management and penetration testing solutions, delivering actionable intelligence about an organization's entire IT environment. Rapid7 offers the only integrated threat management solution that enables organizations to implement and maintain best practices and optimize their network security, Web application security and database security strategies. Rapid7 also manages the Metasploit Project, the leading open-source penetration testing platform with the world's largest database of public, tested exploits.
Recognized as the fastest growing vulnerability management company in the U.S. by Inc. Magazine, Rapid7 helps leading organizations such as Liz Claiborne, Southern Company, the United States Postal Service, the New York Times, Carnegie Mellon University and the National Nuclear Security Administration (NNSA) to mitigate risk and maintain compliance for regulations such as PCI, HIPAA, FISMA, SOX and NERC . Rapid7 also manages the Metasploit Project, the leading open-source penetration testing platform with the world's largest database of public, tested exploits.
For more information, visit: www.rapid7.com
Red Lambda, Inc. is a leader in ultra-fast, ultra-scalable and identity-aware network security software for enterprise, higher education, government and service provider organizations. Red Lambda makes it possible for organizations to securely compute, communicate and collaborate without borders or limitations. The company's AppIron™ is a high-performance security platform that protects vital people, resources and assets from a broad spectrum of threats regardless of their physical topology or geography. The first Red Lambda Virtual Grid Appliance to run on AppIron isIntegrity™ for control of P2P traffic and protection against illicit file-sharing and the loss of proprietary data. Red Lambda's products are sold through direct, indirect, and strategic partnerships worldwide.
For more information, please visit www.redlambda.com.
Like a surveillance camera for your network, Solera Networks™ enables real-time network forensics and threat prevention by recording all network traffic on both physical and virtual networks. Every network packet is stored, indexed, and can be searched and replayed at anytime to determine the full source and scope of any event. Solera Networks integrates with security innovators like ArcSight, FireEye, Palo Alto Networks, Sourcefire and SonicWALL and others to provide full-fidelity replay and greater context to security notifications and events.
For more information, visit www.soleranetworks.com.
Trustwave is the leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper® compliance management software and other proprietary security solutions including SIEM, EV SSL certificates and secure digital certificates. Trustwave has helped thousands of organizations-ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers-manage compliance and secure their network infrastructure, data communications and critical information assets.
SpiderLabs is the elite security team at Trustwave, offering clients the most advanced information security expertise available today. The SpiderLabs team has performed more than 1,000 computer incident response and forensic investigations globally and has run over 10,000 penetration and application security tests for clients. Companies and organizations in more than 50 countries rely on the SpiderLabs team¹s technical expertise to identify and anticipate cyber security attacks before they happen. In a rapidly evolving threat environment, SpiderLabs has the extensive field experience to asses threat levels, anticipate weaknesses, investigate breaches, and fortify environments against attacks.
Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, Asia and Australia.
Silver Sponsors:
Adobe Systems Incorporated offers business, creative, and mobile software solutions that revolutionize how the world engages with ideas and information. With a reputation for excellence and a portfolio of many of the most respected and recognizable software brands, Adobe is one of the world's largest and most diversified software companies. For more info, visit: www.adobe.com
Amazon.com, a Fortune 500 company based in Seattle, opened on the World Wide Web in July 1995 and offers Earth's Biggest Selection, where customers can find and discover anything they might want to buy online. The brightest minds come to Amazon to develop technology that improves the lives of shoppers and sellers around the world. Pioneering technical challenges of unprecedented scale and complexity, Amazon also provides developers access to Amazon's own back-end platform and in-the-cloud infrastructure. Examples include Amazon Elastic Compute Cloud, Amazon Simple Storage Service, Amazon SimpleDB, Amazon Simple Queue Service, Amazon Flexible Payments Service, and Amazon Mechanical Turk. For more info, visit: www.amazon.com
Aruba Networks is a leading provider of next-generation network access solutions for the mobile enterprise. Aruba Networks' DoD WLAN Policy compliant, FIPS 140-2 level 2 validated, Common Criteria EAL-4, UC-APL certified mobility solutions enable secure access to classified and unclassified data, voice and video applications across wireless, wireline, enterprise and remote networks. Aruba products have been installed in hundreds of Federal agency facilities including the US Army, US Air Force, Air National Guard, and Army National Guard locations. To learn more, visit www.arubanetworks.com
BeyondTrust is the global leader in securing the perimeter within to mitigate internal threat and the misuse of privileges. BeyondTrust offers consistent policy-driven, role-based access control, monitoring, logging, and reporting to protect internal assets from the inside out. The company's products empower IT governance to strengthen security, improve productivity, drive compliance, and reduce expense across physical, virtual, public, private, and hybrid cloud environments.
To learn more, visit www.beyondtrust.com
The company's award-winning products provide total visibility and control over all software on endpoints, eliminating the risk caused by malicious, illegal and unauthorized software. Bit9 specializes in protecting organizations against Advanced Persistent Threats.
Bit9 leverages the Bit9 Global Software Registry™ -- the world's largest database of software intelligence -- to identify and classify software, delivering the highest levels of endpoint security, compliance, and manageability. The company's global customers come from a wide variety of industries, such as government, financial services, retail, healthcare, e-commerce and education. For more info, visit: www.Bit9.com
BluePoint Security is a cutting edge software company specializing in the development of cloud based antivirus software with whitelisting for consumers, businesses, and mobile device users. Our products focus on preventing costly security incidents before they occur. BluePoint Security delivers superior protection against known and elusive undiscovered viruses and designer threats targeted against specific organizations. Whether you're protecting one computer or one million computers, we have the right solution for you. Come experience the difference - we're revolutionizing computer security.
Booz Allen Hamilton has been at the forefront of strategy and technology consulting for nearly a century. Today, the firm is a major provider of professional services primarily to US government agencies in the defense, intelligence, and civil sectors, as well as to corporations, institutions, and not-for-profit organizations. Booz Allen offers clients deep functional knowledge spanning strategy and organization, engineering and operations, technology, and analytics—which it combines with specialized expertise in clients' mission and domain areas to help solve their toughest problems.
The firm's management consulting heritage is the basis for its unique collaborative culture and operating model, enabling Booz Allen to anticipate needs and opportunities, rapidly deploy talent and resources, and deliver enduring results. By combining a consultant's problem-solving orientation with deep technical knowledge and strong execution, Booz Allen helps clients achieve success in their most critical missions—as evidenced by the firm's many client relationships that span decades. Booz Allen helps shape thinking and prepare for future developments in areas of national importance, including cybersecurity, homeland security, healthcare, and information technology.
Booz Allen is headquartered in McLean, Virginia, employs more than 25,000 people, and has annual revenues of over $5 billion. Fortune has named Booz Allen one of its "100 Best Companies to Work For" for seven consecutive years. Working Mother has ranked the firm among its "100 Best Companies for Working Mothers" annually since 1999. More information is available at www.boozallen.com.
Cenzic, a trusted provider of software and SaaS security products, helps organizations secure their websites against hacker attacks.
Cenzic focuses on Web Application Security, automating the process of identifying security defects at the Web application level where more than 75 percent of hacker attacks occur. Our dynamic, black box Web application testing is built on a non-signature-based technology that finds more "real" vulnerabilities as well as provides vulnerability management, risk management, and compliance for regulations and industry standards such as PCI. Cenzic solutions help secure the websites of numerous Fortune 1000 companies, all major security companies, leading government agencies and universities, and hundreds of SMB companies -- overall helping to secure trillions of dollars of e-commerce transactions. The Cenzic solution suite fits the needs of companies across all industries, from a cloud solution (Cenzic ClickToSecure Cloud™), to testing remotely via our managed service (Cenzic ClickToSecure® Managed), to a full enterprise software product (Cenzic Hailstorm® Enterprise ARC™) for managing security risks across the entire company
For additional information, please visit: www.cenzic.com
SPARTA, Inc. (dba Cobham Analytic Solutions), acquired by Cobham in 2008, applies more than 25 years of experience in quick reaction systems integration, testing, and fielding to today's cybersecurity challenges. SPARTA provides a comprehensive range of scientific, systems engineering, and systems integration products and services to the U.S. Defense and National Security markets. SPARTA's National Security Business Unit (NSBU), the cornerstone of SPARTA's cybersecurity innovation, is a leading integrator of cyber capabilities and provider of unique & specific solutions. The NSBU employs its unique engineering skills, including reverse engineering, repeatable processes, advanced methods, and dedicated laboratories in offering a comprehensive suite of cyber products and services. The Cyber Spartans, through their unparalleled skills, experience, and trusted relationships, delivers full-spectrum cyber capabilities and solutions to include collection, processing, analysis, production and dissemination of information, and provisioning of tools for network, and information security. SPARTA's Cyber Spartans utilize - novel approaches and proprietary tools to solve the most difficult cybersecurity issues by combining network defense, enabling mission systems; active defensive capabilities, to collect, process and analyze the threat; and cyber R&D, ensuring pro-active engagement. With unique cybersecurity tactics, techniques and procedures, coupled with proven tools insures mission success, and makes SPARTA an industry leader in network security, network operations, and cyber analytics.
Aligned with our cybersecurity mission, SPARTA focuses on providing high-end, specialized engineering services in the Scientific and Technical Intelligence (S&TI) domain. We are experts in foreign material exploitation and associated production and operational infrastructure, as well as implications for operational doctrine and tactics.
For additional information, please visit: www.sparta.com
Damballa is the pioneer in the fight against advanced malware, botnets and other persistent threats used for targeted attacks. With the industry's leading cyber threat intelligence, Damballa detects malicious malware and their command-and-control communications and stops cyber threats from stealing intellectual information, conducting espionage and performing fraudulent transactions. Damballa solutions are current protecting networks in Fortune 1000 enterprises, service providers, universities and government agencies.
For additional information, please visit: www.damballa.com
Since 1998, eEye Digital Security has made vulnerability and compliance management simpler and more efficient by providing the only unified solution that integrates assessment, mitigation, protection, and reporting into a complete offering with optional add-on modules for configuration compliance, regulatory reporting, and integrated patch management. eEye's world-renowned research and development team is consistently the first to uncover critical vulnerabilities and build new protections into our solutions to prevent their exploit. Thousands of mid-to-large-size private-sector and government organizations, including the largest vulnerability management installations in the world, rely on eEye to protect against the latest known and zero-day vulnerabilities.
For additional information, please visit: http://www.eeye.com
Since 2002, Fidelis Security Systems has been providing organizations with the network visibility, analysis and control necessary to manage advanced threats and prevent data breaches. Built on a patented Deep Session Inspection®, platform, the Fidelis Extrusion Prevention System® is the industry's only network security solution capable of seeing, studying, and stopping advanced threats in real-time by uniquely working at the session-level where today's threats occur. Fidelis enables their government, military, and commercial enterprise customers around the globe to achieve proactive situational awareness, content protection, threat mitigation, and application activity control.
www.fidelissecurity.com
FireHost is a secure cloud hosting company that delivers secure web hosting solutions to eCommerce, SaaS, healthcare IT, and security companies around the world. Specializing in protecting websites with compliance and high traffic needs, FireHost makes hacker awareness, management and prevention a standard part of every hosting plan. Advanced security combined with a comprehensive portfolio of hosting solutions helps FireHost protect companies of all sizes from threats to their websites, Web applications, and other valuable data.
Fluke Networks is the leader in security, performance and compliance solutions for wireless LANs (WLANs). The company's AirMagnet product line provides unrivaled visibility into all aspects of the wireless airspace with the intelligence to automatically diagnose, explain and respond to any wireless challenge. Innovative products include AirMagnet Enterprise, the industry's premier wireless intrusion prevention system (WIPS) for managing and securing corporate WLAN deployments. AirMagnet Enterprise provides a simple, scalable WLAN security monitoring solution that enables any organization to proactively mitigate all types of wireless security threats, enforce enterprise policies, prevent wireless performance problems and audit the regulatory compliance of all their Wi-Fi assets and users worldwide. In addition, it offers the only comprehensive, real-time approach to threat analysis and updating, taking WLAN threat protection to a new level with the introduction of dynamic threat protection. Other products, including AirMagnet WiFi Analyzer - known as the "de facto tool for wireless LAN troubleshooting and analysis" - provide WLAN site survey and design, RF interference detection, remote diagnostics, and the world's first voice over WiFi analysis solution. AirMagnet products have been sold to over 9,500 customers worldwide, including 75 of the Fortune 100.
Taking a strategic approach to security, Foreground Security helps organizations align information security with key business objectives. The company was founded by security professionals with over 20 years of experience to provide organizations with cutting-edge information and network security services, designed to significantly refine and improve their protection efforts. Foreground Security enables customers to optimize their network security investments while taking a proactive approach to protecting their most important information assets from potential threats.
Foreground Security offers comprehensive security services that enable Government agencies and commercial organizations to secure critical data, protect identities and demonstrate compliance. The company leverages its experts' unparalleled insights to provide customers with the strategy and know-how required to develop, implement and maintain on-going secure and compliant policies, infrastructure and training.
Foreground Security performs in-depth technical testing of networks, applications, and various security related infrastructure components such as firewalls, virtual and wireless networks. The company employs experienced professionals who hold CISSP, CCSP, CISM, CEH, CHFI and MCSE certifications and who have conducted Penetration Tests, C&A Projects, and Policy development for well over 100 Government agencies and corporations, making Foreground Security the ideal information security partner.
GFI Software is a leading IT security provider with advanced technology solutions for endpoint security and malware analysis. GFI delivers comprehensive network protection with its sandbox malware analysis tools, ThreatTrack™ Data Feeds and the VIPRE® anti-malware product line and gives leading security vendors, ISPs and large enterprises the ability to rapidly analyze malware. GFI's security tools leverage the research efforts from GFI Labs, specializing in the discovery and analysis of dangerous vulnerabilities that could be exploited for Internet and email attacks. The company has offices in the United States, UK, Austria, Australia, Malta, Hong Kong, the Philippines and Romania. For more information please visit: www.gfi.com/ATG
Guidance Software is recognized worldwide as the industry leader in digital investigative solutions. Its EnCase® platform provides proven solutions for government, corporate and law enforcement organizations to respond to computer security incidents, eDiscovery requests or regulatory inquiries; conduct internal investigations; perform data and compliance auditing; and secure sensitive data. There are more than 30,000 licensed users of the EnCase technology worldwide, and thousands attend Guidance Software's renowned training programs annually. For more information, visit: www.guidancesoftware.com.
HBGary, Inc. was founded in 2003 to develop products to counter advanced and unknown cyber threats. HBGary has in-depth expertise in advanced malware, rootkits, zero-day exploits, and targeted cyber threats. HBGary's Digital DNA product offers enterprise scalable behavior-based malware detection without signatures. Also, HBGary offers the best-of-breed memory physical memory forensics product, Responder™. In addition, HBGary also offers some of the best free security tools available in the market today including Responder Community Edition, Fingerprint, FastDump and FGet. Current customers include Fortune 500 financial, pharmaceutical and entertainment companies as well as the Department of Defense, Intelligence Community and other U.S. government agencies. HBGary is headquartered in Sacramento and has offices in Washington D.C. For more information on HBGary, please visit http://www.hbgary.com
HP's application security solutions are part of the industry's most comprehensive suite of IT management software, HP's business technology optimization (BTO). HP's BTO software is designed to help IT make every dollar deliver positive business outcomes. HP has paired SPI Dynamics' security expertise with the full range of HP application security products, SaaS and services to help drive lower costs, improve delivery time and reduce risk. Stop by our booth to see the latest versions of HP WebInspect, HP QAInspect and HP Assessment Management Platform.
www.hp.com/go/securitysoftware
Imperva is the global leader in data security. Thousand of the world's leading businesses, government organizations, and managed service providers rely on Imperva solutions to prevent data breaches, meet compliance mandates, and manage data risk.
Underscoring Imperva's commitment to data security excellence, our Application Defense Center (ADC) is a world-class security research organization that maintains SecureSphere's cutting edge protection against evolving threats.
The award-winning Imperva SecureSphere is the market leading data security and compliance solution. SecureSphere protects sensitive data from hackers and malicious insiders, provides a fast and cost-effective route to regulatory compliance and establishes a repeatable process for mitigating data risk.
For more information, visit: www.imperva.com
Integralis has been a trusted name in global information risk management for over 20 years. We work in partnership with our customers to identify and assess their unique information risk profiles. We help create actionable strategic and tactical plans to address these risks, aligning the risk mitigation measures with strategic business goals.
Integralis' offerings provide a proactive, holistic, on-demand approach to addressing information risk. Our comprehensive suite of information risk management solutions are a blend of managed and consulting services - from assessment to policy development to remediation and finally on-going 24x7 monitoring and management – to help clients address all areas of information risk. Global enterprises choose Integralis to deliver risk assessments, consulting, technology integration and managed security services around the world. Integralis helps organizations lower IT costs while increasing security protection, meeting compliance requirements and while improving availability. Integralis is a wholly owned subsidiary of NTT Communications. For more information, visit Integralis on the web at www.integralis.com
Lieberman Software Corporation is a USA based cross-platform security software developer. We provide tools for the mass security/configuration reporting and remediation of Microsoft Windows workstations and servers with real time reporting and repair capabilities. We also provide cross-platform solutions to proactively manage privileged identities such as root, administrator, sa and other accounts (located in routers, switches, embedded systems, host hardware, virtualization hypervisors, host OS, databases, middleware, applications, etc) at both the user and application level. Using automation, we provide auto-discovery, correlation and propagation to make it possible to discover what credentials you have, where they are being used, and give you the ability to regularly change credentials as needed or required. Our goal is to provide sharp tools for your IT administrators and solutions that give you the ability to understand where and how credentials are used as well as the power to change them as needed. To learn more about our tools and solutions stop by our booth for a hands-on demo or visit our website at www.liebsoft.com.
LogLogic® is the leader in log and security management solutions. Supported by more than 200 partners and trusted by more than 1,000 customers worldwide, LogLogic solutions provide visibility and control to any IT infrastructure so that organizations can significantly improve security, compliance and network performance. LogLogic's open log management platform enables customers to collect, search, and store massive amounts of IT log data for a comprehensive fingerprint of activity. LogLogic's business applications correlate user activities and event data in real-time for an integrated approach to security event management, database security management, security change management and compliance management, resulting in improved accountability and lower costs for any organization.
For more information, visit: www.LogLogic.com
Headquartered in Fairfax, Va., with more than 10,000 professionals around the world, ManTech is a leading provider of innovative technologies and solutions for mission-critical national security programs for the intelligence community; the departments of Defense, State, Homeland Security, Energy and Justice; the space community; the National Oceanic and Atmospheric Administration; and other U.S. federal government customers. ManTech's expertise includes systems engineering, systems integration, enterprise architecture, cyber security, information assurance, intelligence operations and analysis support, network and critical infrastructure protection, information operations and information warfare support, information technology, communications integration, global logistics and supply chain management and service-oriented architectures. The ManTech-developed Web 2.0 intelligence community collaboration tool was chosen by TIME® Magazine as a 2009 top 50 invention. R&D Magazine selected ManTech's CORIN™ XLS, a transparent polyimide film used in space and electronics, as one of 2009's top 100 most innovative technologically significant new products. In 2010, ManTech was selected for FORTUNE® magazine's 100 fastest growing companies list; received the NASA Goddard Space Flight Center Contractor Excellence Award; was named a top 10 best employer for veterans by Military Times EDGE magazine; and, for the fourth year in a row, was selected as a top 10 military-friendly employer by G.I. Jobs magazine. ManTech's additional recognition includes the Northern Virginia Family Services CARE award for family-friendly policies (2009) and most valuable employer for the military by CivilianJobs.com (2009). ManTech has received a top rating for ethics and compliance programs from the Ethisphere Institute (2008). Additional information can be found at www.mantech.com
Merlin International® is one of the fastest growing information technology solutions providers in the country. Founded in 1997, the veteran-owned, privately held business has consistently grown both its revenue and its staff since the company's inception. Working alongside its system integrator and vendor partners, Merlin provides turn-key IT solutions that solve complex and critical problems while fulfilling mission objectives for federal government agencies and organizations involved in civilian services, defense, intelligence, health care and a variety of other areas. Merlin's hundreds of clients rely on the company to deliver its comprehensive solutions on time and on budget. The results are clear: improved productivity, lower costs and larger revenue streams. As your mission requirements expand, call on Merlin to help you bridge the gap between changing requirements and budgetary constraints. Key Merlin solutions include cyber security, full motion video, dynamic data centers, mobility solutions, DR/COOP, virtualization, service oriented architecture and business process management.
Mocana products help secure the "Internet of Things" - the 20 billion datacom, smartgrid, federal, consumer, industrial and medical devices that connect across every sector of our economy. Mocana is developing the industry's only device-independent security platform that protects devices and the information, apps and services that run on them. Every day, millions of people use products sold by over 150 companies that leverage Mocana's solutions, including Cisco, Honeywell, Dell, General Electric, General Dynamics, Avaya and Harris, among others. Mocana recently won Frost & Sullivan's Technology Innovation of the Year award for Device Security, and was named to the Red Herring Global 100 as one of the "top 100 privately-held technology companies in the world".
nCircle is the leading provider of automated security and compliance auditing solutions. More than 5,500 enterprises, government agencies and service providers around the world rely on nCircle's proactive solutions to manage and reduce security risk and achieve compliance on their networks. For more information, visit: www.ncircle.com
Since its inception in 1986, NCP Engineering has delivered innovative software that allows enterprises to implement a new way to secure remote access and overcome the complexities of creating, managing and maintaining network access. NCP's award winning product line spans the spectrum of remote access, from hybrid IPSec / SSL VPN to end-point firewalls and network access control (NAC) functions. The company's products support organizations with complex remote user needs, who want to leverage the latest end-devices to increase staff productivity, reduce network administration and adapt policy changes on-the-fly. Each solution is interoperable with existing third-party software or hardware. Headquartered in the San Francisco Bay Area, the company serves 30,000+customers worldwide throughout the healthcare, financial, education and government markets, as well as many Fortune 500 companies. NCP has established a network of national and regional technology, channel, and OEM partners to serve their customers.
Net Optics Leads the Momentum into Intelligent Access, Monitoring, and Control
Net Optics is the leading provider of Intelligent Access and Monitoring Architecture solutions that deliver real-time IT visibility, monitoring and control. As a result, businesses achieve peak performance in network analytics and security. More than 7,000 enterprises, service providers and government organizations—including 85 percent of the Fortune 100—trust Net Optics' comprehensive smart access hardware and software solutions to plan, scale and future-proof their networks through an easy-to-use interface. Net Optics maintains a global presence through leading OEM partner and reseller networks.
This year marks 15 years of dynamic growth from our foundation as a Tap innovator. We have steadily expanded to embrace evolving technologies and address customer challenges. Today, we deliver a spectrum of enriched offerings to support our customers' virtualization, 10G, and 4G/LTE goals, enabling uncompromising security while simplifying implementation and controlling costs.
Our solution families include:
Phantom Virtual Tap—purpose-built for total visibility and control of network traffic in VMware ESX and ESXi environments; integrated with Indigo Pro™ management platform and Director™ family for maximum versatility.
Director xStream Pro—robust flagship of the Director family, built for 10G network deployments and offering Dynamic Load Balancing, DPI, time-stamping and more.
Indigo Pro 1.5—the latest advance in our comprehensive management platform, now integrated with Google Earth for instant pinpoint and visualization of devices worldwide.
appTap—integrated monitoring solution for remote sites with Internet broadband connections up to 100Mb, offering 100 percent plug-and-play visibility.
xBalancer—revolutionary inline monitoring and load-balancing solution, engineered for 10G challenges.
Onapsis is the leading provider of cybersecurity, compliance and continuous monitoring solutions for ERP systems and business-critical infrastructure. Through its innovative solutions, Onapsis helps its customers to protect their core business platforms from espionage, sabotage and fraud attacks.
Large organizations rely on SAP, Oracle E-Business Suite, PeopleSoft and Siebel platforms to store and process their most sensitive business information. Onapsis enables them to increase the security level of these systems while enforcing compliance requirements, decreasing financial fraud risks and reducing audit costs drastically. Onapsis solutions are trusted by several Fortune Global 100 companies, large governmental entities and military agencies.
Onapsis X1, the company's flagship product, is the industry's first comprehensive solution for the Automated Security Assessment of SAP platforms. Being the first and only SAP-certified solution of its kind, Onapsis X1 Enterprise allows customers to perform Automated Vulnerability Assessments and Security & Compliance Audits over their entire SAP platform. For organizations that need to go deeper, Onapsis X1 Consulting Pro also safely exploits existing weaknesses to illustrate the associated business impacts.
Onapsis is built upon a world-renowned team of experienced security researchers leading the SAP & ERP security fields. These experts were also the first to perform specialized SAP Penetration Tests, Vulnerability Assessments and Security Audits. Because of its cutting-edge research, Onapsis is continuously invited to lecture at the most important security conferences in the world, private companies and defense agencies.
If you are wondering whether your ERP systems and business-critical infrastructure are exposed, find more information at www.onapsis.com.
PhishMe.com provides organizations the ability to train their employees and customers about the risks of spear phishing with just a few simple clicks. With over one and a half million individuals trained since its launch in 2009, PhishMe provides a cost effective way to mitigate this challenge. The company has proven that its trainings can reduce the threat of employees and customers falling victim to phishing attacks by up to 80 percent. PhishMe.com facilitates and automates the execution of mock phishing exercises against employees and customers, provides clear and accurate reporting on user behavior, and most importantly provides instant, targeted training. PhishMe.com works with Federal Agencies and Fortune 1000 companies across multiple vertical market sectors including financial services, healthcare, higher education and defense. For additional information, please visit: www.phishme.com
Pico Computing offers scalable, FPGA-based platforms for embedded and high performance computing. Customer applications include cryptography, signal and video processing, DSP, bioinformatics and financial computing.
We specialize in highly integrated computing platforms based on Field Programmable Gate Array (FPGA) technologies. We offer standard and custom products, and we provide consulting and engineering services. We are the experts in FPGA-accelerated algorithms for data security.
Pico Computing E-Series cards are designed to be easy to use, fast to deploy, and scalable. Use a single E-Series card for rapid algorithm prototyping. Deploy your application as an embedded system, or scale to multiple FPGAs using an SC-Series FPGA cluster.
Pico EX-Series boards offer high performance for the most demanding data security applications. Deploy multiple EX-Series boards in a rack-mounted cluster for truly amazing levels of password cracking performance. Our latest FPGA computing board, the Pico EX-500, can be equipped with up to 12 Xilinx FPGAs on a single, 16-lane PCI Express card. Up to 11 EX-500 cards can be installed in a standard 4U rack mounted chassis.
Pico Computing is headquartered in Seattle, Washington and has customers worldwide. For more information or to request a free Data Security White Paper, visit www.picocomputing.com.
Radware (NASDAQ:RDWR), a global leader in integrated application delivery and network security solutions, assures the full availability, maximum performance, and complete security of business-critical applications for nearly 10,000 enterprises and carriers worldwide. Radware's family of cutting-edge security solutions provide integrated application and network security technologies to enhance best of breed, multi-layered security architectures.
The full suite of award-winning attack mitigation technologies include: intrusion prevention, web application firewall, DoS protection, network behavioral analysis, and reputation preservation capabilities. These are integrated into one solution – DefensePro® – for ease of deployment and cost-effectiveness. These technologies are complemented by an advanced SEIM management and forensics system (APSolute Vision™) and professional security services. Radware's Emergency Response Team (ERT) provides 24*7, on-site support for customers facing immediate attack. In addition, Radware' security operations center (SOC) provides necessary ongoing updates for emergency signature creation; emerging threat mitigation, detection and updates; and custom signature development. Both the ERT and SOC have been industry recognized for providing first and necessary safeguards against: WikiLeaks Operation Payback; South Korean DDoS attacks; and iPhone, Oracle, Italian Job and Windows vulnerabilities.
Radware also provides a custom Managed Security Service Provider (MSSP) solution for target customers in need. With this complete suite of products, services, and tailored offerings, Radware is optimally suited to meet your current and emerging security needs.
For more information on how Radware can take your security operations to the next level, please visit www.radware.com or contact us at info@radware.com.
RedSeal Systems (www.redseal.net) develops security posture management solutions that allow organizations to assess and strengthen their cyber-defenses to quickly adapt to ever-changing threats and business conditions. Unlike systems that detect attacks after they occur, RedSeal identifies risky holes in security infrastructure before they are discovered by hackers, allowing organizations to address issues proactively.
RedSeal's Network Advisor software analyzes the complex interaction of firewalls, routers, load balancers and hosts, delivering in-depth understanding of overall security posture, and enabling continuous compliance with regulations such as PCI, FISMA, and SOX.
RedSeal Vulnerability Advisor transforms scanner results into actionable data by automatically ranking vulnerabilities based on their exposure to untrusted networks and their ability to enable "pivot" attacks that delve deeper into the organization. RedSeal also identifies gaps in scanning so organizations know where to extend coverage to be secure.
RedSeal solutions provide organizations with the detailed risk metrics they need to track security performance over time.
For more information: www.redseal.net
Research In Motion Limited is a leading designer, manufacturer, and marketer of innovative wireless solutions for the worldwide mobile communications market. Through the development of integrated hardware, software, and services that support multiple wireless network standards, RIM provides platforms and solutions for seamless access to time-sensitive information including email, phone, SMS messaging, Internet and intranet-based applications. RIM technology also enables a broad array of third-party developers and manufacturers to enhance their products and services with wireless connectivity to data. RIM's portfolio of award-winning products, services, and embedded technologies are used by thousands of organizations around the world and include the BlackBerry® wireless platform, the RIM Wireless Handheld™ product line, software development tools, radio-modems, and software/hardware licensing agreements. Founded in 1984 and based in Waterloo, Ontario, RIM operates offices in North America, Europe, and Asia Pacific. For more information, visit: www.rim.com or www.blackberry.com
Rune Information Security Corporation Pte Ltd, based out of Singapore, was founded by a group of like-minded individuals that believe in empowering the defense of privacy. Rune is a leader in the information security marketplace delivering best-of-breed products and solutions to address the ever-increasing demand for security, both locally and in the cloud. Rune continues to invest and contribute to open source projects, delivering toolkits that information security professionals can easily use to integrate standards-based and Vernam encryption into many applications. Rune delivers appliances and software that make managing and using symmetric encryption systems practical.
SRA is a leading provider of information technology and strategic consulting services for government organizations serving the national security, civil government and global health markets. A trusted leader in cyber security, SRA operates some of the largest security operations centers within the U.S. federal government. Through SRA One Vault™ – our end-to-end cyber security solution suite – we combine leading-edge technologies, proven methodologies and multi-disciplined cyber expertise to provide our clients with a proactive approach that enables them to stay ahead of today's most sophisticated cyber threats while minimizing the gap to exposure. SRA One Vault...Intelligent Cyber Security.
SAINT Corporation, a global leader in network security, offers the first integrated vulnerability assessment and penetration testing. Examine your network with the SAINT vulnerability scanner, and expose where an attacker could breach your network. Go to a higher level of visibility with the SAINTexploit™ penetration testing tool and exploit the vulnerability to prove its existence without a doubt. The SAINT scanner and penetration testing tools are fully integrated within the same interface, making it easy to determine where to begin remediation—with the exploitable vulnerabilities found by the scanner. WebSAINT, the online SaaS (Software as a Service) vulnerability scanner, is ideal for organizations that need to perform vulnerability scans or meet PCI ASV third party quarterly scanning requirements. SAINT is a PCI Approved Scanning Vendor (ASV). WebSAINT Pro is the online SaaS solution that includes vulnerability scanning, penetration testing, and Web application scanning along with the full functionality of the award winning SAINT scanner and exploit technology. SAINT provides support to the Security Content Automation Protocol (SCAP) specification as an Unauthenticated Vulnerability Scanner and Authenticated Vulnerability and Patch Scanner. SAINT SCAP supports includes OVAL, CPE and CVE enumeration, and CVSS scoring.
SAINT can help to –
- Manage and reduce security risks to your network
- Document compliance with government and industry regulations like PCI, HIPAA, SOX, FISMA, and with internal policies
- Emulate potential attackers with the suite of exploit tools.
For more information, visit www.saintcorporation.com, call 1(800) 596-2006 x0119 or send a message to sales@saintcorporation.com.
Dell Inc. (NASDAQ: DELL) listens to customers and delivers worldwide innovative technology and business solutions they trust and value. Recognized as an industry leader by top analysts, Dell SecureWorks provides world-class information security services to help organizations of all sizes protect their IT assets, comply with regulations and reduce security costs.
Splunk was born from our founders' frustration in managing and securing some of the world's largest IT infrastructures. Armed with state-of-the-art IT tools, they found it nearly impossible to locate the root cause of problems, investigate security attacks and assemble all the data required for compliance audits. Their conclusion: the silo approach to managing IT, with separate tools for every technology and IT function, was cumbersome, costly and didn't scale.
So, they founded Splunk to develop a new approach. The concept is simple. If Google can index and let users instantly search billions of pages of Web content, why not do the same for the datacenter? This new approach, called IT Search, is changing the way we manage, secure and audit IT infrastructures. Using Splunk IT Search software, organizations can now search and analyze all their IT data from one place in real time.
With Splunk, they can now troubleshoot outages, investigate security incidents and demonstrate compliance in minutes, instead of hours or days. Splunk arms IT with a new level of visibility and insight to protect critical resources, increase productivity and deliver improved service quality. Download a free version of Splunk today: http://www.splunk.com/download http://www.splunk.com/download
At StillSecure, we believe IT executives should be able to focus on driving the success of their company versus being distracted by security and compliance demands.
For IT executives facing escalating security threats and evolving compliance requirements, and data centers looking to cement long-term customer relationships, StillSecure designs and delivers managed network security and certified compliance solutions so you can focus on growing your core business.
As opposed to vendors with uncertified partial fixes, or worse, self-audited solutions, StillSecure unites our security experts with our certified processes and innovative technologies to provide holistic solutions that eliminate the need for dedicated resources juggling multiple vendors, products and requirements.
Headquartered in Superior, Colorado, StillSecure protects some of the most sensitive and important computer networks in the world.
For more information please call (303) 381-3830, visit http://www.stillsecure.com, or check out more on the StillSecure blog at http://www.thesecuritysamurai.com.
Follow us on Twitter: http://twitter.com/securitysamurai
Follow us on Facebook: www.facebook.com/StillSecure
Stonesoft is a global provider of proven, next generation solutions that simplify network security management. The company's long history of innovation, including pioneering research into advanced evasion techniques, has kept Stonesoft at the forefront of advanced security solution delivery for the past 20 years. Today, Stonesoft delivers the powerful StoneGate Next Generation Platform which uniquely integrates the most advanced security solutions – StoneGate NextGen Firewall/VPN, IPS, SSL VPN and Virtual Security solutions – with our patented high availability technologies and sophisticated management capabilities. These industry-leading management capabilities drastically simplify network security management by enabling real-time monitoring, alerting, troubleshooting, managing and reporting from a single management console, giving administrators proactive control of both physical and virtual security networks. With more than 10,000 installations in more than 90 countries, Stonesoft customers represent many of the world's largest organizations. For more information, visit: www.stonesoft.com/us
Tenable Network Security is a privately held company founded in 2002 by security product innovators Ron Gula, Renaud Deraison and Jack Huffard. Together with Tenable CSO Marcus Ranum, they have developed a Unified Security Monitoring™ approach based on the award-winning Nessus® scanner engine for securing enterprise networks world-wide.
Tenable's technical leaders have all created market leading and award winning products individually (Nessus, Dragon IDS, Gauntlet Firewall, TIS firewall tool kit) prior to joining forces at Tenable. Tenable Network Security's Unified Security Monitoring solution consists of four fully-integrated software applications: SecurityCenter, Nessus, the Passive Vulnerability Scanner and the Log Correlation Engine.
TippingPoint, now part of HP Networking, provides security solutions that secure next-generation data centers for enterprises, government agencies, service providers and academic institutions. The TippingPoint modern network security platform and intrusion prevention system (IPS) can be rapidly deployed, providing immediate protection at critical entry and isolation points in the network. With TippingPoint solutions, data centers remains protected through network security filters continually updated by Digital Vaccine® Labs (DVLabs), TippingPoint's cutting-edge team of top security researchers. TippingPoint solutions automate most security functions, freeing organizations from the growing associated cost burden and helping security executives drive to zero administration. The TippingPoint solution sits transparently inline at critical points in the network, performing deep packet inspection to protect the data center, major segmentation points, network entry points, and the network core against current and emerging attacks originating from inside or outside the network. Through the TippingPoint Digital Vaccine filter update service, networks are protected against operating system, client-side application, and Web application vulnerabilities, as well as from zero-day threats. TippingPoint blocks traditional attacks such as worms, viruses, and Distributed Denial of Service (DDoS) attacks, as well as more cutting-edge threats, including cross-site scripting, SQL injection, and VoIP protocol attacks across the entire expanse of the data center network, covering the perimeter, DMZ, access network segments, and the network core.
Tripwire is a leading global provider of IT security and compliance automation solutions that help businesses, government agencies, and service providers take control of their physical, virtual, and cloud infrastructure. Thousands of customers rely on Tripwire's integrated solutions to help protect sensitive data, prove compliance and prevent outages. Tripwire VIA, the integrated compliance and security solution delivers best-of-breed file integrity, policy compliance and log and event management solutions, paving the way for organizations to proactively achieve continuous compliance, mitigate risk, and ensure operational control through Visibility, Intelligence and Automation. Learn more at http://www.tripwire.com and @TripwireInc on Twitter.
VMware(NYSE: VMW), the global leader in virtualization and cloud infrastructure, delivers customer-proven solutions that accelerate IT by reducing complexity and enabling more flexible, agile service delivery. VMware enables enterprises to adopt a cloud model that addresses their unique business challenges. VMware's approach accelerates the transition to cloud computing while preserving existing investments and improving security and control. With more than 250,000 customers and 25,000 partners, VMware solutions help organizations of all sizes lower costs, increase business agility and ensure freedom of choice.
Visit www.vmware.com for more information.
ValidEdge offers the world's leading anti-malware solution delivering the fastest, deepest and most accurate analysis of any new, unknown or targeted malware in real time. Designed for enterprises and government agencies, the ValidEdge purpose-built malware intelligence systems gives the most detailed analysis of the toughest malware, and includes a unique universal unpacker/de-crypter, both dynamic and static analysis engines and the automatic generation of repair tools to heal compromised systems. ValidEdge is a wholly owned subsidiary of LynuxWorks™, Inc., a leader in security software solutions.
Visit www.validedge.com for more information.
Venafi is the inventor of and market leader in Enterprise Key and Certificate Management (EKCM) solutions. Venafi delivered the first enterprise–class solution to automate the provisioning, discovery, monitoring and management of digital certificates and encryption keys—from the desktop to the datacenter—built specifically for encryption management interoperability across heterogeneous environments. Venafi products reduce the unquantified and unmanaged risks associated with encryption deployments that result in data breaches, security audit failures and unplanned system outages. Venafi also publishes best practices for effective key and certificate management at www.venafi.com/best-practices. Venafi customers include the world's most prestigious Global 2000 organizations in financial services, insurance, high tech, telecommunications, aerospace, healthcare and retail. Venafi is backed by top–tier venture capital funds, including Foundation Capital, Pelion Venture Partners and Origin Partners. For more information, visit www.venafi.com
Vineyard Networks is the technology leader in Application Intelligent Network Classification and Reporting solutions. Vineyard's solutions integrate key requirements in network monitoring, management, optimization, and security into a single classification engine providing a complete understanding of network traffic, in real-time. We partner with today's leading providers of network infrastructure solutions to deliver best-of-breed application intelligence technology. Vineyard enables its partners to deliver the next generation of application-aware network infrastructure.
www.vineyardnetworks.com
Headquartered in Santa Clara, California, WhiteHat Security is the leading provider of website risk management solutions that protect critical data, ensure compliance and narrow the window of risk. WhiteHat Sentinel, the company's flagship product family, is the most accurate, complete and cost-effective website vulnerability management solution available. It delivers the flexibility, simplicity and manageability that organizations need to take control of website security and prevent Web attacks. Furthermore, WhiteHat Sentinel enables automated mitigation of website vulnerabilities via integration with Web application firewalls and Snort-based intrusion prevention systems.
Additional Supporter:
MITRE's "Making Security Measurable" cybersecurity effort provides standards-based building blocks for transforming security in the enterprise. Through development and adoption of standard enumerations, establishment of languages and interface standards for conveying information amongst tools and organizations, and by sharing security guidance and measurement goals with others by encoding them in these standard languages and concepts, organizations across the world can dramatically change their security posture, vendor independence and flexibility. Come visit us to learn more about MITRE's community efforts: CVE®, CCE™, CPE™, CAPEC™, CWE™, CEE™, MAEC™, and OVAL™ initiatives.
Associated Partners:
CHROOT.ORG is a non-profit group dedicated to information security research. We gathered best security people (hackers) in Taiwan. Our members are from different fields, including security vendors, government units, university professors, security experts of ISPs and independent researchers, etc. We shared the latest news, interesting findings, researches and also wrote the wargame books. Since 2005, we annually hold the largest technical security conference in Taiwan , the Hacks in Taiwan Conference (HITCon ). It is an event with more than 500 attendees, including many security researchers from Asia areas. Visit http://www.hitcon.org/hit2011/en/ for more info. .
The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.
IEEE Security & Privacy magazine:-keep up with emerging threats and find solutions to protect your network.
In 2002, Alta Associates the leading search firm in IT Risk Management, Information Security, GRC and Privacy founded the Executive Women's Forum (EWF). The EWF is a prominent community of the nation's most influential female executives within the Information Security, Privacy, and Risk Management industries. The EWF community is a home base for women to grow their professional skills, build important networks and gather industry business intelligence. Dialog that begins at the national conference continues throughout the year during regional meetings, meet & greet events, peer/mentoring, outreach and scholarship programs and individual thriving networks.
The Information Systems Security Association (ISSA) is the largest international professional association for information security specialists, with members in 70 countries supported by a network of more than 150 chapters. Members are consistently recognized as experts on critical issues in the field and are seen as important resources for small businesses, global enterprises, and government organizations.
Special Offer for Black Hat Conference attendees: A $20 discount for the first year on new General memberships. Contact ISSA Headquarters, 866 349 5818 (toll free within the US), +1 206 388 4584 (international), extension 103. Discount code: BHLV2011.
NETpeas - NETwork PEnetration test As a Service - consultants are specialized in Vulnerability Assessment & Penetration Testing and used their 10+ more years expertise to develop an innovative Security Marketplace Solutions in SaaS mode. NETpeas created a multidisciplinary team and has associated with prestigious Technology Partners to bring an unequalled value to our customers.
NETpeas is also happy to propose for free to the security community the First Collaborative Vulnerability & Tools Watch Service. The platform is a real source of information on security tools and the latest vulnerabilities: www.netwio.com
Toronto Area Security Klatch provides a forum for experts to encourage discussion and share expertise in understanding the latest trends and security threats facing computer networks, systems and data. Our membership includes Information Security practitioners, managers, sysadmins, students, and anyone interested in learning more about securing information. Membership is free. Visit www.task.to for more info.
VXRL is found in Hong Kong, connecting various hackers in the globe and focusing on exploit study, reverse engineering and threat analysis as well as web hacking
Media Partners:
Beyond Security automates the assessment and management of network security and secures networks against data loss, meets security policy requirements and exceeds industry testing standards with a fraction of the manpower normally required.
For more information, visit www.beyondsecurity.com
CLUSIF is a French non for profit organization focused on risks exposures and best practices linked with Information Security. This professional Club is a gateway for exchanges where all sectors (public, private, education) are represented.
Every year, CLUSIF studies are published and can be downloaded free: Analysis and statistics on computer system losses in France, Cybercrime overview, CLUSIF guidelines.
CLUSIF is taking part in many conferences, seminars organized by companies, public authorities, Universities... It is also participating to national and international debates with authorities.
CLUSIF has regional offices - Clusir - and European parallel organizations in Belgium, Italy, Luxemburg and Switzerland.
For more information, visit www.clusif.com
Dark Reading focuses on IT security, helping information security professionals manage the balance between data protection and user access. Our mission is to be the top security news source for enterprise IT and network security professionals, providing the most up-to-date information about products, management strategies, architectures, and security policy.
For more information, visit www.darkreading.com
InformationWeek is the industry's foremost technology media brand focused on the business value of technology. Our magazines and events help CIOs and IT executives define and frame their business technology objectives, while our vast portfolio of online resources deliver breaking news, blogs, and proprietary research and analysis on IT trends, whitepaper library, and interactive tools, all in a 24/7 environment.
For more information, visit www.informationweek.com
PenTest Magazine is a monthly downloadable IT security mag, devoted to penetration testing. It features articles by penetration testing specialists and enthusiasts, experts in vulnerability assessment and management. We cover all aspects of pen testing, from theory to practice, from methodologies and standards to tools and real-life solutions. Each magazine features a cover focus, and articles from our regular contributors, covering IT security news and up-to-date topics for both beginners and professionals.
For more information, visit http://pentestmag.com/
Whether through our award-winning monthly print magazine, our comprehensive website or live events, such as our SC Awards program and SC Congress Canada, our readers gain all the relevant information they need to safeguard their businesses overall and meet specific IT security goals at the same time. www.scmagazineus.com