Security Ripcord

During my two interviews with Martin McKeay for PodTech he asked me if I had seen any new and interesting products. I did see a few products that I think fill “new product space.” What I mean by that is that they are taking a slightly different approach to solve current problems. These products may have been around for a while but this is the first that I have heard of them and the approaches they are taking.

The products I am thinking about are:

• DriveSentry – this product protects systems from malware infection by controlling where and when programs can write to the hard drive. To make the control of the program easier to understand they have taken a book from common host based firewalls. The thought is that users are familiar with using the “Allow and Remember” or “Deny and Remember” options. By keeping this type of interface for user interaction less training is required and the easier and quicker they can gain market share. This type of solution is an attempt to move users away from relying on signature based malware solutions which are taking increasingly more memory, hard drive space, and CPU cycles.
• FireEye – this product is a virtual representation of an organizations network. All network traffic is mimicked in this virtual environment to identify malicious traffic and determine how it is going to affect each system. When traffic with malicious intent is detected it is analyzed and the affects it has on each system is determined. Administrators are then notified of what they can expect. This product line is a little difficult to explain and understand but it is an interesting concept.
• Norman Sandbox Malware Analyzer Pro – this product will analyze malware for detailed information relating to what it does and the resources it tries to contact. Specific functions are determined through reverse engineering and debugging of the malware. By determining how a piece of malware acts can be very helpful in determining how to protect the rest of the environment from additional infection and discovering which files were modified and/or transferred.
• Kingston DataTraveler – this USB drive includes “256-bit AES hardware-based encryption” to protect stored data. Storage sizes start at 512MB and goes up to 4GB and soon 8GB. Kingston was handing samples of these devices out at the RSA conference but I have not plugged it in yet so I am not sure how it handles keys and passphrases.
• IronKey – this product is similar to the DataTraveler. The major difference between these two products are the services that IronKey provides to their customers. These extra services include online backup, password management software, and private surfing through their privately owned Tor entrance and exit nodes. Although this company was not passing out free drives at the conference they did sign people up for a free beta product that they would send in the mail. Any security professional can sign up for this service by navigating to their website.

I have to say that I have not really delved into any of these products. This information comes from speaking with the vendor representatives and the documentation they provided at the conference and online.

Go forth and do good things,
Cutaway

DriveSentry, IronKey, DataTraveler, RSA, FireEye, Kingston, Security Ripcord, Norman Sandbox Malware Analyzer

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported.

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.