2016 SC Awards
22
March 1, 2016 • San Francisco #scawards
Transcript of 2016 SC Awards
March 1, 2016 • San Francisco
#scawards
SC AWARDS 2016 1
2016 SC Awards U.S.
EDITORIALVP, EDITORIAL Illena Armstrong
ASSOCIATE EDITOR Teri Robinson
MANAGING EDITOR Greg Masters
ONLINE EDITOR Doug Olenick
SENIOR REPORTER Bradley Barth
SENIOR REPORTER Jeremy Seth Davis
CONTENT COORDINATOR Robert Abel
SC AWARDS 2016
EVENTS DIRECTOR Adele Durham
EVENTS MANAGER Maggie Keller
VIRTUAL EVENTS MANAGER Jourdan Davis
EVENTS COORDINATOR Anna Naumoski
DESIGN AND PRODUCTION
ART DIRECTOR Michael Strong
PRODUCTION MANAGER Brian Wask
MANAGEMENTCEO, HAYMARKET MEDIALee ManiscalcoCFO Donna SantarpiaCOO John Crewe
U.S. SALES
VP, SALES David Steifman (646) 638-6008
EAST COAST SALES DIRECTORMike Shemesh (646) 638-6016
WEST COAST SALES DIRECTORMatthew Allington (415) 346-6460 EVENT SALES DIRECTOR Mike Alessie (646) 638-6002 MARKETING DIRECTOR Karen Koza (646) 638-6169
ContentsJudges ................................................................................... 2-3Sponsors ................................................................................... 4Welcome from the co-chairman .............................................. 5
Trust AwardsBest Advanced Persistent Threat (APT) Protection ............... 5Best Behavior Analytics/Enterprise Threat Detection ........... 6Best Cloud Computing Security Solution ............................... 6Best Computer Forensic Solution ............................................ 7Best Data Leakage Prevention (DLP) Solution ....................... 7Best Database Security Solution ............................................. 8Best Email Security Solution .................................................... 8Best Fraud Prevention Solution................................................ 9Best Identity Management Solution ........................................ 9Best Managed Security Service ............................................. 10Best Mobile Security Solution ................................................ 10Best Multifactor Solution ......................................................... 11Best NAC Solution ................................................................... 11Best Risk/Policy Management Solution ................................ 12Best SIEM Solution ................................................................. 12Best UTM Security Solution ................................................... 13Best Vulnerability Management Solution .............................. 13Best Web Application Solution ................................................ 14
Excellence AwardsBest Customer Service ............................................................ 14Best Emerging Technology ..................................................... 15Best Enterprise Security Solution .......................................... 15Best Regulatory Compliance Solution ................................... 16Best Security Company .......................................................... 16Best SME Security Solution .................................................... 17Rookie Security Company of the Year..................................... 17
Professional AwardsBest Professional Certification Program ............................... 18Best IT-Security-related Training Program ............................ 18Best Security Team ................................................................. 19CSO of the Year ....................................................................... 19Editor’s Choice ........................................................................ 20
Keepers of the flameEvery one of us playing a role in the infor-mation security industry would probably agree that this space is on fire. And, most assuredly, it shows no signs of dimming.
In fact, as more and more technological advances are made, it’s likely to continue to burn bright. Yet, so too will cybercriminal activity thrive. There’s no light without dark.
And it’s because of how prosperous these criminals have become that there are many pundits who would say information security isn’t going to show any marked improvements this year. What’s more in line with today’s trends, say many experts, is that we’re woefully behind in creating strong security technologies. We’re still failing to embrace the concept of building security into our systems from the ground up. We’re continuing to face a lack of support or understanding for appropriate security budget from C-level execs – whose business operations are threatened daily.
It’s a dark vision in a hot marketplace. And while there is some truth to inroads made in security being too few this year and, maybe, not happening that much at all, we see a flipside in all the efforts undertaken and achievements being made by an army of skilled information security leaders like you.
Sure, information security has a long road ahead. It’s going to continue to be a bumpy trip, but along the way will be moments of blissful victory by people and organizations forging countless strategies and taking well-thought-out actions to reach them.
Those moments of triumph and the inventive, tireless profes-sionals and their organizations helping to realize them are the prime targets for tribute year after year through our SC Awards program. By acknowledging the efforts of IT security practi-tioners, as well as the rookie and long-standing product and service providers that support them, we strive to play our part in fighting back the sometimes wearisome and difficult happenings the industry faces and always will have to confront. In June, we’ll be doing more of the same at our SC Awards U.K. gala that pays homage to IT security leaders in Great Britain and Europe.
For some 20 years now, we’ve made this small contribution, and we think that this year’s SC Awards fete in San Francisco, along with our upcoming U.K. event, reveal to your col-leagues, bosses, everyday consumers and still others that IT security pros like you play vital roles in keeping virtually every internet-connected activity and business blazing bright. You’re the keepers of a fundamental flame central to today’s global economy. We salute you.
– Illena Armstrong, VP, editorial, SC Magazine
SC Awards 2016The Judges
CO-CHAIRIllena ArmstrongVP, editorial, SC Magazine
CO-CHAIRLarry Whiteside Jr. VP, office of the CISO, Optiv
Philip Agcaoili SVP/CISO, Elavon
Roota Almeidahead of information security, Delta Dental of NJ
Fernando Angellassociate CIO, Los Angeles County Chief Information Office
Scott AngeloCIO, K&L Gates
Becky Bacechief strategist, University of South Alabama; president/CEO, Infidel
Ron Baklarz CISO, Amtrak
Jennifer Bayukmanaging drector, enterprise risk management, Citi
Todd BellCISO/CIO, GlobalDataLock.com
Bruce Bonsallexecutive faculty, IANS; independent security consultant
Dennis BrixiusVP, risk management and CSO, McGraw Hill Financial
Jeffrey Brownhead of informa-tion security, risk & compliance, AIG
Miki CaleroCSO, state of Ohio
Chris CamachoSVP, Bank of America; CEO and co-founder, NinjaJobs
Jaime Chanaga president, The CSO Board
Yang Chen senior IT security specialist, Ryerson University
Michael Cole enterprise security architect, First Finan-cial Bank
Thomas Dunbarhead of information risk management, XL Catlin
Brandon Dunlapglobal CISO, Black & Veatch
Patricia EdforsVP, information secu-rity and compliance, Sirius XM Radio
Cris EwellCISO, Seattle Children’s
Michael Fabricoprincipal systems security specialist, NASDAQ
Pamela FuscoCISO, Apollo Group; founding partner, Gid Grid
Clifford Gronauerdirector, information technology services, MFA Incorporated
Zouhair GuelzimVP and CISO Americas, L’Oréal
John Hellicksonpresident/CISO, InfoSec Advisor
John Johnson global security architect for a Fortune 500 company
SC AWARDS 2016 2
SC Awards 2016The Judges
Richard MarshallCEO, X-SES Consultants
Pritesh Parekh VP & CSO, Zuora
Mitchell ParkerCISO, Temple Health
Daniel Pollydirector, enterprise information security, First Financial Bank
Jim ReavisCEO, Cloud Security Alliance; president, Reavis Consulting Group
Todd RedfootCISO, GoDaddy
Jamie Reessenior cybersecurity architect, electrical utility
Randolph Sanovic owner, RNS Consulting
Steve Santorellidirector of analysis and outreach and fellow, Team Cymru
Sandra V. Sargentsenior operations officer, World Bank
John ShafferCIO, Greenhill & Co
Daniel Srebnickowner, Technical Merits LLC
Richard StarnesCISO, Kentucky Health Cooperative
Dennis Thibodeauxtechnical instructor, New Horizons
Hilary M. Wandallassociate VP, compli-ance and chief privacy officer, Merck & Co.
Mark Weatherford SVP, vArmour
Dov Yoran senior director, security business group, Cisco Systems
Ricardo LafosseCISO, Cook County Government
Mark LearyVP and CISO, Xerox
Cedric Leighton chairman, Cedric Leighton Associates
Michael Maguiremanagement consul-tant, M. F. Maguire & Associates
Bob Maleyglobal inspections manager, PayPal
Jim MaloneyVP, information security, Vantiv
Randy MarchanyCISO, Virginia Tech
SC AWARDS 2016 3
SC AWARDS 2016 4
SC Awards 2016The Sponsors
SC Magazine thanks all sponsors for their generous support of the SC Awards 2016. Their involvement has made possible this event, which helps raise professional standards in the information security industry worldwide.
Barracuda barracuda.comBarracuda simplifies IT with cloud-enabled solutions that empower customers to protect their networks, applications, and data, regardless of where they reside.
Network Boxnetworkboxusa.comNetwork Box USA is a leading managed security services provider (MSSP) in the domestic market.
Digital Guardiandigitalguardian.comDigital Guardian is a next-generation data protection platform purpose built to stop data theft.
Easy Solutionseasysol.netEasy Solutions is a security provider focused on the comprehensive detection and prevention of electronic fraud across all devices, channels and clouds.
eSentireesentire.comeSentire deliverers an advanced service tailored to mid-sized enterprise that protects high-risk assets from advanced cyber threats, 24/7.
LogRhythm logrhythm.comLogRhythm, a leader in security intel-ligence and analytics, empowers organiza-tions to rapidly detect, respond to and neutralize damaging cyber threats.
Mix PRmixpublicrelations.comMIX PR is a technology-focused boutique agency that approaches each initiative with a fresh and creative plan of action.
MSLGROUPmslgroup.comMSLGROUP is a public relations network of companies with specialists in strategic communications and engagement.
Netwrixnetwrix.comNetwrix provides IT auditing software that delivers complete visibility into IT infrastructure changes and data access.
Onapsisonapsis.comOnapsis provides comprehensive solutions for securing business-critical applications.
SecureAuth secureauth.comSecureAuth is a leader in adaptive access control solutions, empowering organizations to determine identities with confidence.
SentinelOne sentinelone.comSentinelOne’s next-generation endpoint protection platform stops known and un-known threats using sophisticated machine learning and intelligent automation.
Splunksplunk.comSplunk produces software for searching, monitoring and analyzing machine-gener-ated Big Data via a web-style interface
Vormetricvormetric.comVormetric’s comprehensive high- performance data security platform helps companies protect data wherever it resides.
Netsurionnetsurion.comNetsurion provides remotely managed network and data security services for multi-location businesses.
SC AWARDS 2016 5
SC AWARDS 2016
Trust Award
WINNERFireEye for FireEye Threat Prevention Platform and Services
Advanced persistent threats (APTs) require a behavioral approach to detecting malware. Instead of trying to detect malware based on what it is (signature-based), behavioral malware detection relies on what the malware does. The FireEye platform is designed to stop advanced persistent threats. The FireEye Threat Prevention Platform and Dynamic Threat Intelligence (DTI) provides multi-faceted, coordinated defense capabili-ties to guard against zero-day attacks, unknown malware and APT attacks.
The core of the FireEye platform is the patented Multi-Vector Virtual Execution (MVX) engine, which provides dynamic, signature-less and virtualized analysis of today’s advanced cyber attacks. The FireEye DTI enables cyber-
security teams to identify, block, analyze and respond to advanced cyber attacks by giv-ing them the context required to identify threat actors and the indicators of compromise. With the combined technol-ogy of MVX and DTI, FireEye provides a comprehensive view of multivector attacks to boost threat protection against known and unknown attacks. FireEye is the only vendor to offer the breadth and depth of signature-less protection across the range of zero-day APT attacks and attack methods. The FireEye Multi-Vector Virtual Execution engine is the only technology that extends to multiple threat vectors to address web, email, mobile and content-based at-tacks. This enables FireEye to correlate across attack vectors (e.g., spearphising: targeted emails with embedded URLs and/or malicious documents).
In February, Gartner released a “Market Guide to Network Sandboxing,” and FireEye is portrayed as the market leader.
BEST ADVANCED PERSISTENT THREAT (APT) PROTECTION
Welcome from the co-chairman
In 2005, we saw threats continue
to grow at an unprecedented rate.
The adversaries we face are getting
smarter and more crafty and keep-
ing pace with them is more difficult
than ever. It is causing us to rethink
the way we do business and forcing
information security to be a board
level conversation.
This year, we saw major financial institutions lose millions of
records, high-level government organizations put the public at
risk due to the loss of private personal information, health care
entities have their data stolen putting lives at risk, and threats
to critical infrastructure grow at an alarming rate.
We watched the nation make cybersecurity a top national
initiative in an effort to stem the tide of intellectual property and
private information from being syphoned out of the country.
Cybersecurity is slowly grabbing headlines and forcing
organizations to discuss it at board meetings, integrate it into
an organizational strategy, and market it as a differentiator in
an organization’s business and the services they provide.
We also saw the release of new technologies and the creation
of new capabilities in the cybersecurity market. There is in-
novation that is changing the way we identify, protect, detect,
respond and recover from cyber attacks. Cybersecurity tech-
nology companies have had to become outside-the-box think-
ers. They have had to find innovative ways to use and integrate
capabilities into their products previously not seen in an effort
to get ahead of the ever-evolving threat landscape.
This year has forced the cybersecurity executive to be
more business minded than ever before and to integrate the
risk associated with cybersecurity into the overall lexicon of
business risk. These same executives have had to learn to be
agile in their decision making to fit the business, while also
understanding the technical implications that come from the
implementation of new technologies.
The SC Awards 2016 are here to celebrate the difference
makers, the innovators, and those who are leading change in
the field of cybersecurity through there individual and team
efforts. They represent the very best of of the best. I’m proud
to co-host the SC Awards 2016 and to help select and honor all
the incredibly innovative nominees and those who are putting
their best foot forward. Thank you all for your continued ef-
forts to make the technology, processes and people associated
with cybersecurity better everyday. All of your efforts are criti-
cal to the continued success of our field as we move forward.
Larry Whiteside
VP, executive advisory services, health care and
critical infrastructure, office of the CISO, Optiv
Finalists 2016• Check Point Software Technologies for SandBlast
• eSentire for Active Threat Protection
• FireEye for FireEye Threat Prevention Platform and Services
• Invincea for Invincea Advanced Endpoint Protection
• RSA, The Security Division of EMC for RSA Security Analytics
SC AWARDS 2016 6
Trust Award
Finalists 2016 • Gurucul for Gurucul GRA
• Masergy Communications for Unified Enterprise Security (UES)
• Rapid7 for UserInsight
• Splunk for Splunk UBA
• Vectra Networks for Vectra Automated Threat Management solution
WINNERGurucul
Overwhelmed with security data, analysts are experiencing data fatigue while significant data breaches continue in headlines. Using identity-cen-tric behavioral analytics and access intelligence, Gurucul Risk Analytics (GRA) detects insider threats, cyber fraud and external intruders, plus reduces the attack surface area for access, identities and entitlements.
On the second day of using GRA, a manufacturing firm detected two hijacked research accounts. For a financial firm, GRA reduced accounts and entitlements by 83 percent, reducing the surface area often targeted by phishing attacks. Gartner analysts note a 5-to-1 return on investment for UBA tools like GRA.
Gurucul pioneered ‘dynamic peer groups’ in GRA using behavioral algorithms. This improves clustering and out-
lier analysis for more accurate behavior patterns resulting in lower false positives (versus static peer groups). GRA also uniquely uses time-based norms within predictive algorithms to recognize newly accepted work-flows and operational changes to improve accuracy.
Gurucul combines identity access intelligence (IAI) with user behavior analytics (UBA) for additional account and entitlement analytics providing critical context to detect and deter insider threats, account compromise and cyber fraud that competitors miss. GRA uniquely monitors behaviors across users, accounts, applica-tions, access and devices both on-premise and in the cloud.
An industry-first, Gurucul’s self-audit capability empowers users to monitor their activity like credit card statements. Gurucul is the only UBA company partnered with CMU CERT for research on insider threats leveraging 10+ years of collected incident data.
BEST BEHAVIOR ANALYTICS/ENTERPRISE THREAT DETECTION
Trust Award
WINNERZscaler
Firewalls have tradition-ally been delivered as central-ized hardware appliances or software-based solutions. This approach to security made sense years ago, when 90 percent of employees were centrally located and most software applications ran in centralized corporate data centers. But today, users and applications are everywhere. Centralized, hardware-based security appliances no longer provide complete coverage for a distributed, internet, cloud and mobile-first world. On the other hand, Zscaler’s cloud-based next-generation firewall secures the distributed enterprise out-side of the corporate data center with ease – where it’s normally too expensive and cumbersome to manage traditional appliance-based next-generation firewalls. It enables protection for all employees, devices and internet-connected things – regardless of their location – while granting
organizations visibility, control and protection for their entire extended enterprise. Fire-walls have traditionally been delivered as appliance-based solutions, which are expensive and difficult to deploy and man-age. But in today’s cloud-centric world, hardware is no longer relevant. Security must move to the cloud.
Zscaler is the only true integrated cloud security plat-form. It delivers carrier-grade internet security, advanced persistent threat (APT) protec-tion, data loss prevention, SSL decryption, traffic shaping, policy management and threat intelligence – all without the need for on-premise hardware, appliances or software.
Zscaler’s cloud-based Next Generation Firewall fills the security whitespace, allowing for better visibility, control and protection for the entire extended enterprise, with a to-tal cost of ownership up to 90 percent lower than hardware-based protections.
BEST CLOUD COMPUTING SECURITY SOLUTION
Finalists 2016• Dell for Dell Cloud Access Manager 8.1
• Illumio for Illumio Adaptive Security Platform
• Netskope for Netskope Active Platform
• Skyhigh Networks for Skyhigh Cloud Security manager
• Zscaler for Zscaler Next Generation Firewall
SC AWARDS 2016
SC AWARDS 2016 7
SC AWARDS 2016
Trust AwardTrust Award
WINNERGuidance Software
Guidance Software’s EnCase software solution is a powerful, judicially accepted, platform that provides the foundation for corporations, government agencies and law enforcement to conduct thorough and effective digital investigations of any kind, whether related to intel-lectual property theft, incident response, compliance auditing, or responding to e-discovery requests – all while maintain-ing the forensic integrity of the data. It includes the EnCase Enterprise software platform, which can support the EnCase Endpoint Security and EnCase eDiscovery applications. The product line also includes EnCase Forensic and EnCase Portable.
EnCase helps internal inves-tigators conduct more complete investigations than with competitive products thanks to integration with a cloud-based e-discovery review platform, as well as widely adopted security information and event
management (SIEM) tools for automated incident response.
The EnCase platform and ap-plications address the require-ments of an extremely broad range of users, including secu-rity specialists, investigators, computer incident-response teams and litigation specialists. It delivers everything needed to immediately and thoroughly search, collect, preserve and analyze data from servers, workstations, mobile devices and cloud-based data sources. With EnCase, users can be con-fident in their ability to com-plete a comprehensive analysis of whatever evidence they may encounter for virtually any busi-ness purpose. Moreover, users of the EnCase solution have the ability to customize how it works to more closely match their workflow, adding capa-bilities to the product to meet specific needs, an ability that no other solution in the market currently offers. For example, EnCase App Central offers over 126 EnScripts and apps that allow users to add functionality and increase productivity.
BEST COMPUTER FORENSIC SOLUTION
WINNERSecure Islands
Data-centric security ap-proaches hold great appeal but have been problematic to deploy and maintain. DLP in particular held promise, but in production revealed two major weaknesses. First, DLP solutions were not particularly adept at data clas-sification, resulting in too many false negatives/positives, which eroded trust in DLP technol-ogy. Second, too much data would fall through the cracks, causing damage that couldn’t be undone – further calling the value of DLP into ques-tion. Secure Islands’ solution, IQProtector. overcomes these challenges by delivering two key innovations. First, it classifies data on creation (on “save,” “send,” “upload/download,” etc.) at or close to the source. Second, it automatically embeds encryption and usage rights into sensitive data (based on organi-zational policy) that persist for the life of the data. These two innovations enable data-centric security to be deployed at scale,
without breaking the budget and/or network, and without interfering with existing IT or business processes.
DLP systems classify data, look for ways it can leave the network and then block those exit points; in essence, securing the data “container.” Secure Islands looks at the data itself – and embeds protection into it. Like DLP systems, Secure Islands automatically classifies data, but in real time, on cre-ation. Instead of restricting the movement of the data, it applies policy-based protection that persists for the life of the data. Competitors either focus on data-centric protection (encryp-tion, masking, tokenization, etc.) but provide no intelligence (i.e., usage rights or classification), or provide intelligence (i.e., classifi-cation, albeit highly manual and with limited set of file types), but no protection.
Secure Islands applies both intelligence and protection to any file format – and automates both processes, making them much more manageable, audit-able and scalable.
BEST DATA LEAKAGE PREVENTION (DLP) SOLUTION
Finalists 2016• AccessData for Forensic
Toolkit (FTK)
• Blue Coat Systems for Blue Coat Security Analytics Platform
• FireEye for Network Forensics Platform and Investigation Analysis Platform
• Guidance Software for EnCase
• LogRhythm for Network Monitor
Finalists 2016• AirWatch for AirWatch by VMware
Enterprise Mobility Management
• Clearswift for Adaptive Redaction
• Dell for Dell Data Protection | Encryption
• Digital Guardian for The Digital Guardian (DG) Data Protection Platform
• Secure Islands for IQProtector
Yuval Eldar, president, Secure Islands
2015 SC AWARDS EUROPE
SC AWARDS 2016 8
Trust Award
WINNERProtegrity
Organizations face an ex-traordinary challenge protect-ing sensitive data according to compliance mandates while also retaining accessibility and high performance. The Protegrity Database Protector is a com-prehensive security solution for most major databases, including Oracle, Teradata, DB2, SQL Server and more. It enables column/field level data encryp-tion, tokenization, or masking in databases, storage and backup systems. It also delivers high transparency to applications that use the protected database(s), requiring very few or no modifi-cations. It also employs strong, policy-based access and usage controls, along with monitoring and auditing tools.
Protegrity also provides database protectors with ad-ditional functionality to deliver protection on every node of a massively parallel processing (MPP) database cluster. This includes the ability to pull policy to the nodes (instead of pushing
from ESA), and collecting and aggregating a massive number of audit logs from every node. MPP databases supported include Teradata, Aster, Pivotal Green-plum Database, and more.
Protegrity provides patented Protegrity vaultless tokeniza-tion, masking, strong encryp-tion, data-type preserving encryption, and monitoring technologies to allow users to select a protection method that meets the particular needs of the sensitive data, database, and use case for maximum flex-ibility and transparency.
The tool takes full advantage of the processing power offered by the database server and keeps machine cycles to a minimum, thus optimizing performance.
Database Protector versions are available to protect data in databases and operating sys-tems. It is compatible with all leading standard Linux, UNIX or Windows environments, as well as IBM iSeries and zSeries environments. Co-engineered, optimized Database Protectors are also available for Teradata Database or Oracle Exadata.
BEST DATABASE SECURITY SOLUTIONTrust Award
WINNERProofpoint
Throughout 2015, high pro-file data breaches, commonly starting with a credential phishing email, have been in the headlines of newspapers and websites all over the planet. This level of awareness has driven demand for solu-tions that can not only block malware entering an orga-nization via email, but also accurately prevent credential phishing attacks as an initial incursion to a data breach.
Proofpoint Enterprise Protection solution integrates inbound email security with outbound filtering and en-cryption, secure file share and email continuity. Delivered as a cloud-based SaaS offering, dedicated/virtual appliance, software or hybrid, Proofpoint Enterprise Protection delivers consistent functionality and performance regardless of deployment choice. Proof-point now protects over half the Fortune 100, and has again been recognized in 2015 by
Gartner as a leader for secure email gateways, almost a de-cade leading the market.
Proofpoint Enterprise Pro-tection integrates seamlessly with Proofpoint Targeted Attack Protection to extend security capabilities to include advanced and highly targeted threats.
Granular classification of email into five separate email quarantines (spam, adult, bulk, phishing and suspect) enables end-users to manage their own messages without having access to quarantines that contain messages that could be dangerous (phishing, suspect, etc.).
Transparent encryption combined with DLP policy en-sures that all sensitive data is either encrypted or prevented from leaving the organization as defined by policy.
Data pushed via Secure Share is scanned by policy and encrypted during transmis-sion and at rest with specified expiration dates preventing data residing unmonitored in the cloud.
BEST EMAIL SECURITY SOLUTION
Finalists 2016• Cisco for Cisco’s Email Security Appliance (ESA)
• FireEye for FireEye EX series
• HP Data Security for HP SecureMail
• Proofpoint for Proofpoint Enterprise Protection Solution
• ForcePoint for ForcePoint TRITON AP-EMAIL
Finalists 2016• Netwrix for Netwrix Auditor
• PHEMI Systems for PHEMI Central Big Data Warehouse
• Protegrity for Protegrity Database Protector
• Trustwave for Trustwave DbProtect
• Vormetric for Vormetric Data Security Platform
SC AWARDS 2016
SC AWARDS 2016 9
SC AWARDS 2016
Trust Award Trust Award
Finalists 2016• CyberArk for CyberArk
Privileged Account Security Solution
• Dell for Dell One Identity Manager 7.0
• Identity Automation for RapidIdentity
• Identiv for Identiv Connected Physical Access Manager (ICPAM)
• Ping Identity for Identity Defined Security platform
WINNERPing Identity
Mobility is exploding. Work-ers expect to work anywhere, any time, from any device. Everyone who touches the en-terprise – employees, customers and partners – needs to access business critical apps in this borderless environment quickly, easily and securely.
Ping Identity enables organizations to provide better security and seamless access to applications with continuous evaluation of authentication and authorization factors. Ping also provides solutions for a variety of use cases that apply to the workforce, consum-ers and enterprise partners throughout the supply chain, turning identity into the steel thread that powers access and security for the modern border-less enterprise.
Ping Identity secures more than 1.3B identities through multifactor and contextual authentication, single-sign on, federated identity administra-tion and access management.
Ping is the only IAM provider to solve identity challenges for enterprises in all stages of cloud adoption whether they’re 100 percent in the cloud or hybrid so they can keep legacy invest-ments while adopting new technologies.
As the enterprise becomes truly borderless due to mobility and the cloud, a new genera-tion of enterprise infrastructure is disrupting the old guard. Security solutions that focus on protecting singular elements of the modern enterprise – such as endpoints, cloud apps, networks or email – are not fully equipped to manage data created by the grow-ing array of devices, systems and workflows. Identity has emerged as the lynchpin that CIOs can incorporate into their security strategies to keep their corporate data safe by making it accessible to the right people at the right time. By focusing on authenticating user identity versus protecting the endpoint, enterprises can be more agile and provide secure access to anything, anywhere.
BEST IDENTITY MANAGEMENT SOLUTION
Finalists 2016• Easy Solutions for Total Fraud Protection
• Equifax for FraudIQ Manager
• RiskIQ for RiskIQ
• Sift Science for Sift Science Fraud Prevention
• Splunk for Splunk Enterprise
WINNERSplunk
As more business moves on-line, the patterns of fraud, theft and abuse are often found in an organization’s machine data or log files, just as the patterns of an advanced cybersecurity threat are often revealed in machine data. Authentication systems, firewalls, databases, billing systems and other sys-tems all generate machine data, which likely contain the subtle patterns of fraud when and where fraud exists.
Splunk, used by more than 10,000 global customers, is a Big Data platform that can index any type of machine or log data, without up-front normalization, and at massive scale. This data can then be searched, correlated, alerted and reported on in real-time for a wide range of anti-fraud use cases, including fraud investiga-tions, detection, prevention and reporting. Because Splunk is a highly flexible platform, anti-fraud teams can use it to quickly adapt to changing fraud
techniques and to address a wide range of team needs.
Splunk differs from tradi-tional anti-fraud tools in several ways:
Splunk can index any type of machine data or log files from any source and retain all the original data for searching and reporting. Splunk also lever-ages a flexible search language that enables a wide range of searches and visualizations, including the detection of outli-ers and anomalies that might be fraud.
Splunk uses a distributed architecture with a flat file data store and no central-ized database that could slow performance. It uses distrib-uted search technology for fast searching. It can index 100TB+ of data a day and return search results in seconds.
Splunk is a unified solution with a single platform, user interface and data store. The installation is fast and the user interface is intuitive. Thus, time to value is quick and minimal resources are needed to deploy and use Splunk.
BEST FRAUD PREVENTION SOLUTION
Andre Durand, CEO, Ping Identity
2015 SC AWARDS EUROPE
SC AWARDS 2016 10
Trust Award Trust Award
WINNERAirWatch by VMware Enter-prise Mobility Management
With the growing number of mobile devices used for work, accessing corporate resources on-the-go can in-troduce a significant threat to enterprise security. AirWatch by VMware Enterprise Mobil-ity Management enables busi-nesses to address challenges associated with mobility by providing a simplified, effi-cient way to view, manage and secure all enterprise devices. With AirWatch, organiza-tions can manage a diverse fleet of devices, regardless of platform, device type or ownership. AirWatch ensures mobility deployments are secure and corporate informa-tion is protected with end-to-end security for users, devices, applications, content, data, email, networks and more. AirWatch provides real-time device details and continu-ous compliance monitoring to ensure information is safe.
Administrators can access
device information – including feature restrictions, compli-ance status and encryption status – within a centralized, web-based console. Organiza-tions can also enable advanced encryption on all major de-vices and platforms, as well as deploy containerized solutions for content, applications and email. AirWatch stands out from its competition because it has the broadest and most flexible mobile ecosystem of any solution on the market.
With a fully integrated enterprise mobility manage-ment (EMM) suite – including MAM, MDM and MCM – Air-Watch offers the most robust feature set to its customers. Cross-platform support is provided for all major mobile and laptop platforms.
AirWatch is designed to integrate with existing corporate infrastructure to streamline the deployment and management of devices. AirWatch solutions have been fully developed internally without relying on third-party products.
BEST MOBILE SECURITY SOLUTION
Finalists 2016• Alert Logic for Alert Logic Cloud
Defender
• Digital Guardian for The Digital Guardian Managed Security Program
• Netsurion for Netsurion remotely-managed network and data security services
• Radware for Attack Mitigation Service
• Radware for Hybrid Cloud WAF Service
WINNERRadware
Organizations are challenged by an evolving threat landscape resulting in reduced revenues, higher expenses and damaged reputations. As cyberattacks reach a tipping point in terms of quantity, length, complexity and targets, even organizations with by-the-book security pro-grams can be caught offguard. Today’s standard defense tech-nologies are often provided in point solutions. These systems are almost never integrated and require dedicated resources consisting of IT managers and security experts to maintain and synchronize.
Radware’s hybrid Attack Mitigation Service combines the requisite technologies for making your business resilient to cyberattacks with on-prem-ise systems and the ability to scale on-demand with a cloud-based scrubbing center. It is a hybrid attack mitigation service that integrates on-premise detection and mitigation with cloud-based volumetric attack
scrubbing. Customers receive always-on DDoS protection with attack mitigation service.
DefensePro, Radware’s on-premise defense component, ensures that the datacenter is constantly protected by provid-ing accurate real-time detection and mitigation of multi-vector DDoS attacks, which is not possible using only a cloud-based DDoS solution. In cases of volumetric attacks, it is not possible to use a cloud-based DDoS solution. Attack Mitiga-tion Service enables a smooth transition between mitigation options and assures immediate protection with no disruption gaps and without the addition of the scrubbing center latency.
According to Radware’s Emergency Response Team (ERT), it is only in 15 percent of attacks that the pipe is at risk of being saturated. These hybrid protection capabili-ties ensure that traffic is not diverted unless it is abso-lutely necessary. As a result, the organization is always fully pro-tected and time to mitigation is measured in seconds.
BEST MANAGED SECURITY SERVICE
Finalists 2016• AirWatch for AirWatch by VMware Enterprise Mobility Management
• INSIDE Secure for Matrix SSE
• Proofpoint for Proofpoint Targeted Attacked Protection (TAP) Mobile Defense
• Skycure for Skycure Mobile Threat Defense
• Wandera for Secure Mobile Gateway
Attack Mitigation ServiceFully Managed Hybrid (Premise & Cloud) Cyber-Attack Mitigation Solution - Whitepaper
SHARE THIS WHITEPAPER
SC AWARDS 2016
SC AWARDS 2016 11
SC AWARDS 2016
Trust Award Trust Award
WINNERCisco
Employees today demand access to work resources from more devices and through more non-enterprise networks than ever before. As the network expands, the complexity of marshaling resources, managing disparate security solutions and controlling risk grows as well. The potential impact of failing to identify and remediate secu-rity threats grows exponentially. Cisco ISE gets ahead of secure access violations and breaches with superior visibility and dy-namic controls – visibility into the users and devices accessing your network and the control to help ensure that only the right people from the right de-vices get the right access to the enterprise services they need.
The market-leading security policy management platform, Cisco ISE unifies and automates access control to proactively enforce role-based access to en-terprise networks and resources, regardless of how a user chooses to connect – by wired or wire-
less networks or VPN. ISE is the market-leading security policy management platform that uni-fies and automates secure access control for role-based access. Only ISE uses separate security policies from individual network components for central manage-ment for streamlined segmenta-tion manageability and access control.
ISE delivers superior user and device visibility to enable simplified enterprise mobility, sharing vital contextual data with integrated ecosystem part-ner solutions using Cisco Plat-form Exchange Grid technol-ogy to accelerate identification, mitigation and remediation of threats. ISE provides accurate identification of every user and device; easy device on-boarding and provisioning; centralized, context-aware policy manage-ment; and deeper contextual data about connected users and devices to rapidly identify, mitigate and remediate threats. Superior device profiling and a device profile feed service help to reduce the number of unknown endpoints.
Finalists 2016• Cisco for Cisco’s Identity Services Engine (ISE)
• Cryptzone for AppGate
• ForeScout Technologies for ForeScout CounterACT
• Pulse Secure for Pulse Policy Secure
• Trustwave for Trustwave Network Access Control
BEST NAC SOLUTION
Finalists 2016• MicroStrategy Usher for Usher Mobile Identity Platform
• Nok Nok Labs for Nok Nok Labs S3 Suite
• RSA, The Security Division of EMC, for RSA SecurID
• SecureAuth for SecureAuth IdP
• Yubico for YubiKey NEO
WINNERRSA, The Security Division of EMC
In the data security industry today, the market needs are constantly evolving in response to the changes in technol-ogy and also to the IT threat landscape. With the increas-ing number of data breaches, expanding threat surfaces, an increasing number of devices (Internet of Things) and users that are accessing data, it is a crucial time for organizations to ensure they are properly protecting users – beginning with identity and access man-agement.
The RSA SecurID solu-tion protects user identities, devices and applications by using a unique symmetric key combined with a proven algorithm to generate one-time passwords that change every 60 seconds. RSA SecurID supports traditional use cases – such as securing VPN access and network operating systems – and also extends to BYOD, cloud and mobile security use
cases that are increasing in popularity within the enter-prise.
RSA SecurID offers a wide range of authenticator options, including hardware tokens (key fob and card style), soft-ware tokens with QR provi-sioning capability to support leading mobile platforms (iOS, Android, Windows Phone, BlackBerry, etc.), on-demand (SMS), and risk-based (deter-mined by user behavior).
RSA SecurID doesn’t limit a customer to a particular type of authentication method. RSA offers 400-plus fully supported technology integra-tions with a wide range of applications. The technology integrations are jointly tested by both organizations and are documented to ensure a posi-tive customer experience and rapid deployment.
RSA tokens are tested to withstand extreme tempera-tures, altitudes, humidity lev-els, etc. RSA authenticators le-verage the AES-128 algorithm and are time synchronous – closing after 60 seconds.
BEST MULTIFACTOR SOLUTION
2015 SC AWARDS EUROPE
SC AWARDS 2016 12
Trust Award Trust Award
Finalists 2016• AlienVault for AlienVault Unified Security Management (USM) platform
• Hewlett-Packard for HP ArcSight ESM (Enterprise Security Manager)
• LogRhythm for Security Intelligence Platform
• NTT Com Security US for Advanced Security Operations Center (ASOC)
• Splunk for Splunk Enterprise Security 4.0
WINNERSplunk
Splunk is a next-generation security intelligence platform used by thousands of security customers for a range of needs, including log management, continuous monitoring, incident investigation and response, secu-rity and compliance reporting, fraud detection and real-time correlation and detection of both known and unknown threats. Splunk can index any type of machine or log data without up-front normalization, at massive scale, so all data can be quickly indexed, searched, correlated, analyzed, enriched, alerted, triaged, reported and tracked for security use cases. The Splunk Enterprise Security facilitates SIEM use cases by providing prepackaged dash-boards and reports, real-time alerts, incident classification and workflow, risk scoring, analytics and correlation searches, STIX/TAXII and OpenIOC integra-tions, app content sharing and a threat intelligence framework. It also offers out-of-the-box sup-
port for common security data sources, including network secu-rity, endpoint solutions, malware and payload analysis, network and wire data, and identity and asset management systems.
Splunk differs from tradition-al SIEMS. Splunk is software-only and installs on commodity hardware, making it easier to install, upgrade and show value. Business advantages include compliance with governance mandates and quick detection of advanced threats and mali-cious user activity using threat intelligence. Other advantages include lowering costs of breach response with fast investiga-tion, conviction and cleanup of threats and malware infestation.
Splunk rapidly identifies threats and alerts in real time, enabling the security team to contain and remove threats before they spread. Customers gain fast time-to-value because Splunk is a software-only, intuitive-to-use solution, and Splunk Enterprise Security contains pre-built functionality. Users can receive value from Splunk within just hours.
BEST SIEM SOLUTION
Finalists 2016• Bay Dynamics for Risk
Fabric
• SolarWinds for SolarWinds Network Configuration Manager
• TraceSecurity for TraceCSO
• Trustwave for Trustwave TrustKeeper Compliance Manager
• Venafi for Trust Protection Platform
WINNERSolarWinds
Managing, monitoring and auditing configuration policies on network devices are the top three reasons why IT pros select and use SolarWinds Net-work Configuration Manager. SolarWinds NCM enforces en-terprise configuration policies for network devices including firewalls, routers and switches across heterogeneous networks in the following ways:
The product includes out-of-the box compliance reporting for DSS-PCI, HIPAA, NIST-FISMA, SOX and best practices for Cisco and Juniper devices. In addition, customers can also create their own compliance assessment reports.
It uses standardized change templates and change control workflows to ensure configura-tion changes are reviewed, ap-proved and uniformly applied. Further, it actively monitors de-vice configurations in real-time for any changes and either auto-matically remediate changes or issue alerts. Too, it protects
baseline device configurations using automatic backup and restore capabilities.
SolarWinds NCM offers the following unique capabilities: A cross-platform solution for managing configuration chang-es and compliance reporting for routers, switches, firewalls and wireless controllers from a number of vendors; an afford-able licensing, maintenance and an easy-to-use design. Prospects can download, install and be using the product in about 60 minutes.
The tool is a part of the SolarWinds IT management suite and fully integrates with other IT management tools, including SolarWinds Network Performance Monitor (NPM), SolarWinds Server and Application Monitor (SAM), SolarWinds Network Traffic Analyzer (NTA), SolarWinds Log and Event Monitor (LEM) and more. This suite offers a unified view of the network and a common framework for proactively identifying and resolving network and systems problems.
BEST RISK/POLICY MANAGEMENT SOLUTION
SC AWARDS 2016
SC AWARDS 2016 13
SC AWARDS 2016
Trust Award Trust Award
Finalists 2016• BeyondTrust for Retina CS Enterprise Vulnerability Management
• Core Security for Core Insight
• NopSec for Unified VRM
• Rapid7 for Nexpose
• Tenable Network Security for Nessus Cloud
WINNERCore Security
Vulnerability scanners often produce reports the size of phone books, so, overwhelmed by an enormous number of sup-posedly “high priority” threats, security teams don’t know where to focus remediation efforts. Insight solves that problem by eliminating vulnerability data overload. It consolidates vulnerabilities from across the network, eliminates false positives and prioritizes the rest based on the threat each poses to critical business assets. This list gives teams a clear plan of action that maximizes the efficiency of efforts, ensuring the most critical vulnerabilities are identified and addressed immediately, while time isn’t wasted on those that don’t pose a true threat.
Insight leverages attack path technology, determining the most likely attack paths of an adver-sary and prioritizing an organiza-tion’s most critical vulnerabilities accordingly. Users also have the ability to validate vulnerabilities using Core Impact Pro, the most
advanced penetration testing software on the market.
SC Magazine’s 2015 review of Core Insight found that: “Its standout features – annual pen-tests, suggested attack paths analysis of pivots, as well as putting pivots in the tested computers themselves – really separates Insight from other products in this category.”
Insight puts vulnerability data into business context. Every organization is differ-ent – prioritizing vulnerabilities based on the threat they pose to an organization’s critical business assets is essential to ensuring that remediation efforts protect the business. Through its automated testing features and its ability to reduce the scope of vulnerabilities by 90-plus percent, Core Insight creates opportunities for headcount reallocation. In cases where a team of five security experts was once necessary to handle patching, Core Insight can make it possible for one individual to handle this task, and the rest can be moved to other projects.
BEST VULNERABILITY MANAGEMENT SOLUTION
Finalists 2016• Barracuda for Barracuda NextGen Firewall
• EdgeWave for EPIC Next Generation Firewall
• Network Box USA for Network Box USA UTM Security Solution
• RedShift Networks for UCTM Appliances
• Sophos for Sophos SG Series UTM
WINNERSophos
Sophos SG Series UTM provides a one-box approach to network, web, email, wireless, web server and endpoint protec-tion, allowing customers to con-solidate multiple solutions into a single security gateway. Backed by the intelligence provided by Sophos’ global network of labs, plus numerous other threat data sources, Sophos SG Series UTM offers advanced security features, which are easy to setup and use. Using a single management console, custom-ers can select which security features they want to activate and add further ones at any time. As a fully-featured web security gateway, email gateway, network firewall and wireless management console, Sophos SG Series UTM has enabled our diverse customer base to reduce the number of solutions they need to manage whilst providing enhanced features, such as Ad-vanced Persistent Threat Protec-tion, which even the smallest company can easily deploy.
There is a clear difference in the level of built-in functionality provided with unique features no other vendor offers: Dual anti-virus: Option to scan with both Sophos and Avira engines, unlike competitors where only one engine is available; Mobile access control: Links the UTM directly to Sophos Mobile Control ensuring only trusted mobile devices can access net-work resources; Web applica-tion firewall: With integrated two-factor authentication, mak-ing it a perfect replacement for Microsoft TMG; Free central management: Manages multiple UTMs in a distributed environ-ment, other vendors charge for this functionality; Complete email protection: Anti-spam, anti-virus, data leak prevention and built-in email encryption; Over 1,000 built-in reports: Other vendors require separate reporting appliances.
Unlike other UTMs, every model size provides the same features, and the UTM can be deployed as hardware, soft-ware, virtual, or in the cloud without forfeiting functionality.
BEST UTM SECURITY SOLUTION
2015 SC AWARDS EUROPE
SC AWARDS 2016 14
Trust Award Excellence Award
Finalists 2016• Barracuda
• Biscom
• CipherCloud
• Protegrity
• Rapid7
WINNERBarracuda
Barracuda offers multiple hard copy and online tools to make setup and installation quick and easy for our custom-ers. This includes quick-start guides and installation manuals, as well as more detailed admin-istration guides. This docu-mentation outlines step-by-step processes to get up and running quickly and efficiently, as well as tips and best practices to make the company’s products manuals and/or any supple-mental documentation needed for customers to implement and manage the product/service successfully.
Barracuda provides documentation that is easy to understand and is effective. In fact, SC Magazine conducted a review of Barracuda Spam Firewall 400 in September 2014 and cited, “The appliance we tested came out of the box with a quick-start sheet. We had the unit up in minutes. One has built-in online help with a decent search function. The
web-based user interface was intuitive. We were able to do everything we needed without the documentation.”
Barracuda strives to provide fanatical and awesome cus-tomer service with live people always on the receiving end to help trouble shoot – there are no phone trees and no auto-mated service. Barracuda offers 24/7 phone-based technical support as part of the purchase price. Customers also can pur-chase additional options as part of an annual subscription start-ing at just under $2,000. Ad-ditional tiers include enhanced and premium. With enhanced assistance, customers calling in are placed at the front of the queue. At the premium level, Barracuda will actively monitor the system and alert customers if something goes wrong.
Barracuda prides itself on a 99 percent customer renewal rate, which is driven by its ex-ceptional service. It maintains a feedback loop using in-person seminars, user groups, cus-tomer feedback forums, and customer surveys.
BEST CUSTOMER SERVICE
WINNERF5 Networks
BIG-IP Application Security Manager (ASM) is the most agile, scalable web application firewall available, securing web applications in traditional and cloud environments as an appliance, SW or F5 Silverline WAF managed service. ASM addresses emerging threats at the application level. It detects and mitigates applica-tion attacks, including DDoS, brute force, XSS and more. It delivers comprehensive protection from web security threats, including SQL injec-tion attacks, JSON payload vulnerabilities, web scrap-ing, and more. BIG-IP ASM secures data center and cloud applications against OWASP top 10 threats and zero-days at-tacks and also stops automated attacks with proactive defenses that identifies threats on first attempt. With leading Layer 7 DDoS defenses, proactive bot defense and granular attack vis-ibility, ASM identifies sophis-ticated cyberthreats and stops
attacks before reaching servers. Organizations move applica-tion workloads to clouds where ASM virtual solution and F5 Silverline WAF managed service running ASM enables complete app protections with Hybrid WAF.
ASM offers unparalleled protection against automated attacks with proactive bot de-fense distinguishing non-human traffic before it reaches servers and commences attack. Its pro-active defense combined with reactive automated attack de-fenses provides comprehensive protection against unauthorized bot traffic including brute force and web scraping. ASM leads in DAST integration, automati-cally notifying DAST services when app changes occur, and providing more automated vul-nerability patches than any ven-dor. ASM enables protection that most out-of-band solutions cannot. The tool accurately profiles devices, defends against headless bots that execute JS, protects against CSRF, identi-fies files containing viruses, and mitigates Layer 7 DoS.
BEST WEB APPLICATION SOLUTION
Finalists 2016• Alert Logic for Alert Logic Web Security Manager
• Barracuda for Barracuda Web Application Firewall
• F5 Networks for F5 BIG-IP Application Security Manager (ASM) and F5 Silverline Web Application Firewall (WAF) service
• iboss Cybersecurity for iboss Secure Web Gateway
• Palo Alto Networks for PA-7080
SC AWARDS 2016
SC AWARDS 2016 15
SC AWARDS 2016
Excellence Award Excellence Award
Finalists 2016• Cisco for Cisco’s AMP Threat Grid
• Cyphort for Cyphort Advanced Threat Defense Platform 3.3
• Digital Shadows for Digital Shadows SearchLight
• Palo Alto Networks for Palo Alto Networks Next-Generation Security Platform
• Skyhigh Networks for Skyhigh Cloud Security Manager
WINNERCyphort
Since exiting the stealth mode in February 2014, Cyphort has seen tremendous quarter over quarter growth, beating expectations each quarter. Since February 2014 the company has grown 300 percent in size, and has won awards and accolades from publications including SC Magazine’s Rookie Security Company of the year 2015.
The company is committed to providing customers with an excellent experience and ensur-ing their long-term success. Its dedicated support team boasts impressive security and networking expertise, gained through hands-on interaction with large-scale security opera-tions in diverse environments.
Cyphort is constantly researching current threats and monitoring how they are evolv-ing so that they can provide the most comprehensive protection available. The roadmap entails broadening the ability to detect threats from external sources,
to include internal sources and provide a combined threat detection platform that encom-passes multiple components within a single pain of glass. Additional development is un-derway to optimize flexibility of deployments, allowing custom-ers to use not only virtualized compute environments, but cloud environments, ensuring scalability is available without the need to provision on-prem-ise hardware for customers that are embracing the elasticity capabilities of cloud providers.
Cyphort differentiates itself in various ways providing the best possible security solu-tion, giving customers overall advantages in leveraging the investment they have already made in their existing security infrastructure (firewalls, web proxies, IPS/IDS etc). By integrating both internet-threat defense with lateral spread detection, ease of deployment and threat prioritization, cus-tomers receive the highest level of protection and return on investment while maximizing traditional security investments.
BEST ENTERPRISE SECURITY SOLUTION
Finalists 2016• Bay Dynamic for Risk Fabric
• CipherCloud for CipherCloud Platform
• SentinelOne for SentinelOne Endpoint Protection Platform
• Soltra for Soltra Edge
• Twistlock for Container Security
WINNERSentinelOne
SentinelOne Endpoint Protection Platform (EPP) enables enterprises for the first time to deploy next-generation endpoint security and replace anti-virus while ensuring that industry and government regulatory requirements are met. SentinelOne EPP is the only next-generation platform to be certified by AV-TEST to meet regulatory requirements for anti-virus protection.
Unlike signature-based se-curity techniques and sandbox technologies that emulate endpoint devices, SentinelOne dynamically tracks each newly-created process on a machine through its lifecycle to prevent malware from evading detection. This breakthrough defends against zero-day malware, advanced exploits, and government-grade malware that uses polymorphic evasion techniques which can bypass traditional security methods. SentinelOne EPP integrates prevention, detection, mitiga-
tion, remediation and forensics for desktops, laptops, tablets, smartphones, VDI, physical and virtual servers, embedded systems like PoS, and critical infrastructure like SCADA.
Advanced malware can evade signature-based solutions and detect the presence of emulation-based sandbox tech-nologies. Current approaches to endpoint security leave orga-nizations exposed. SentinelOne is the only next-generation endpoint security solution that is certified to replace anti-virus, while also detecting advanced malware, including zero-day variants. SentinelOne proved this in a recent SC Magazine product test where the banking trojan Zbot was altered, render-ing it undetectable to other solutions; SentinelOne not only caught it, but then protected all devices against this new strain, providing autoimmune protec-tion against zero-day threats. Further, SentinelOne’s dynamic exploit protection detects and prevents application and memorybased exploits without relying on static measures.
BEST EMERGING TECHNOLOGY
2015 SC AWARDS EUROPE
SC AWARDS 2016 16
Excellence Award Excellence Award
Finalists 2016• Cisco
• CrowdStrike
• FireEye
• Palo Alto Networks
• Zscaler
WINNERCisco
Cisco enjoys a leader-ship position in terms of the strength of its customer base. According to IDC, Cisco is the overall security appliance market leader with 17.6 percent share in vendor revenue. Cisco’s focus on threat-centric security has delivered strong, continued growth. Growing at 8.8 percent year over year, Cisco gained 0.2 share points year over year and 1.0 point compared to the previous quarter. More broadly, more than 87 percent of Fortune 500 companies and over 100,000 companies worldwide are Cisco customers. Cisco is a market leader in software as a service (SaaS), collaboration, unified workspace, security, video, telepresence and more. Cisco delivers the industry’s most comprehensive portfolio of solutions and services for advanced threat protection.
Cisco’s threat-centric ap-proach reduces complexity, provides visibility and control
and advanced threat protection across the attack continuum – before, during, and after an attack. Cisco is the only security company to offer lead-ing security products for each phase of the attack continuum. Many of Cisco’s security prod-ucts are individual leaders in their respective categories a
For 30 years, Cisco has been focused on helping to change the way the world works, lives, plays and learns. The company solves customers’ most impor-tant business challenges by delivering intelligent networks and technology architectures built on integrated prod-ucts, services, and software platforms. Cisco demonstrates its commitment to providing threat-centric security through continued, significant invest-ment in the development and advancement of its secu-rity products, solutions, and services. Cisco has invested billions in security. In the past two years, Cisco has closed the acquisitions of Sourcefire, ThreatGRID, Neohapsis and OpenDNS.
BEST SECURITY COMPANY
Finalists 2016• Agiliance for RiskVision 7.5
• Netwrix for Netwrix Auditor
• RSA, The Security Division of EMC for RSA Archer GRC
• Tenable Network Security for SecurityCenter
• Trustwave for Trustwave TrustKeeper
BEST REGULATORY COMPLIANCE SOLUTION
WINNERRSA, The Security Division of EMC
RSA is one of the largest GRC vendors in the market today and RSA Archer has a customer base of more than 1,300 customers. RSA has extensive visibility into the current challenges facing our customers. The company partners with customers to bring relevant, integrated solutions to the market based on frontline experience and best practices. Through working groups, an Ex-ecutive Forum and a Customer Advisory Council, along with an extensive online community, RSA has engaged customers to help shape the GRC industry for the last decade. The RSA Archer Community has accumulated more than 13,000 members across 43 countries, represented by more than 30 industries. The Community offers more than 9,000 pieces of GRC content for its members. RSA Customer Support consists of 160 staff members across four support centers in the U.S., U.K., India and Australia, and provides sup-
port 24/7/365. Approximately 25 support professionals are dedicated to RSA Archer.
The RSA Archer GRC Platform is included in the base price when a customer purchas-es any of these modules, which are available on a perpetual or subscription basis. Addition-ally, standard and extended support is available. Major and minor platform releases, as well as the modules, are included within the support agreement. And additional services such as educational training and profes-sional services are available as needed. In addition, the RSA Archer GRC Platform follows a formal release process to ad-dress bug fixes.
RSA views GRC as a ve-hicle for an organization to be confident in managing risk to explore new business opportu-nities. This message resonates with the varied buyer personas as all risk and compliance func-tions are being driven toward more business-centric efforts with an emphasis on building confidence in the organization’s ability to manage risk.
SC AWARDS 2016
SC AWARDS 2016 17
SC AWARDS 2016
Excellence Award
WINNERCybereason
Cybereason has a strong customer base, with production deployments in all key verticals – defense, retail, pharma, finance, etc. Growth YoY is about 400 percent. About 40 percent of its customers are Fortune 500 companies, and average deal size is $150,000.
The company’s pproach to Endpoint Detection and Response (EDR) has received tremendous validation. In 2015 it was named “Best Emerging Technology” by SC Magazine UK, shortlisted as one of the 10 Most Innovative Companies at RSAC 2015, named one of the “10 Coolest Security Startups of 2015” and an “Emerging Vendor” by CRN; and is one of “12 Hot Security Startups You Need to Know” by Network World. In 2014, Gartner named the company a Cool Vendor.
Accolades aside, its strength stems from the fact that it builds products for the people using them. Security teams are way overburdened and understaffed,
and new team members may be smart but are not yet experts. Cybereason products provide smaller security teams with the ability to proactively hunt for at-tacks at the level of a Lockheed Martin, because it provides the visibility, computational power, context and agility required to execute quickly and accurately. All its support options – email, phone, chat and (when needed) in person, are free. Support calls are not so much about having trouble using the product as much as how to leverage the data to suit needs (i.e., remedia-tion strategies), validating zero days, or helping to analyze data found in Cybereason – not how to use the platform. Finally, its strategic go-to-market partners not only help the company sell, they are intimately familiar with the solution, and use that knowl-edge to support their customers’ use of Cybereason.
Cybereason employs an industry leading R&D team composed of experts in data analytics, frontend and backend developers, user experience and security researchers.
Excellence Award
ROOKIE SECURITY COMPANY OF THE YEAR
WINNERBarracuda
Barracuda NextGen Fire-walls are already deployed at over 30,000 sustomers protect-ing and connecting more than 100,000 customer locations across the world. Every year more than 5,000 new next-gen firewalls are deployed with more than 20 percent growth in the Americas. Barracuda strives to provide fanatical and awesome customer service with live people always on the receiving end to help trouble shoot – there are no phone trees or automated service. Barracuda offers 24/7 phone-based technical support as part of the purchase price. Customers can purchase ad-ditional options as part of an annual subscription starting at just under $2,000. Additional tiers include enhanced and premium. With enhanced Barracuda support, custom-ers calling in are placed at the front of the queue. At the pre-mium level, Barracuda actively monitors the system and alerts
the customer if something goes wrong. All customers also can access a large support area via the website that includes a knowledge base, user forum, product documentation and other helpful resources.
With all-inclusive pricing, organizations can plan their budgets with confidence that there will be no hidden or sur-prise costs down the line. With Barracuda NextGen Control Center, the company offers one of the most advanced central management solutions available on the market today designed to easily manage thousands of remote locations including configuration and lifecycle management. Barra-cuda Energize Updates as well as virus signature pattern and IPS pattern updates are sent out hourly, or more frequently if needed, to ensure customers always have the latest and most comprehensive protection.
Barracuda NextGen Fire-walls receive at least quar-terly minor updates providing improvements for usability and stability.
BEST SME SECURITY SOLUTION
Finalists 2016• Barracuda for Barracuda NextGen Firewall
• Network Box USA for Network Box USA SME Security Solution
• Netwrix for Netwrix Auditor
• TraceSecurity for TraceCSO
• Untangle for NG Firewall
Finalists 2016• Cybereason
• HackerOne
• Onapsis
• ProtectWise
Lior Div, CEO
& co-founder,
Cybereason
2015 SC AWARDS EUROPE
SC AWARDS 2016 18
Finalists 2016• Cybrary
• Global Learning Systems
• PhishMe
• Security Mentor
• Wombat Security Technologies
WINNERPhishMe
Phishing attacks are com-monly used by cybercriminals to gain access into corporate networks. In fact, 91 percent of cyber attacks start with spear phishing. Typical attack scenarios include threat actors sending fraudulent emails via mass deployments or aimed at specific targets through social engineering. These emails appear to be from legiti-mate sources such as banks, educational strengthen the knowledge of the IT security professional and/or corporate end-user institutions, payment providers and internal employ-ees. They often contain URL links and malicious attach-ments, disguised as innocent files that when opened can in-stall malware that infects entire systems. AV and email security technologies are no longer sufficient for defense, educa-tion and training is becoming a critical component since the threat actors are targeting humans, not systems.
The PhishMe Simulator solution has provided anti-phishing training to more than nine million employees in more than 500 enterprises which resulted in end-users and security professionals working together to reduce phishing attack susceptibility.
PhishMe provides the only enterprise-focused training of its kind, delivering end-users and security professionals in many of the largest multi-national corporations in the world with training that mea-surably changes user behavior and reduces susceptibility. Us-ers become an active detection layer identifying email-based threats that are evading exist-ing security controls. Using PhishMe are 35 of the Fortune 100 and seven of the top 10 U.S. banks.
PhishMe pioneered anti-phishing training based on the idea that simulating a real-life phishing attack was the only way to actually set about mitigating the threat of these attacks, and building resilience in an organization’s workforce.
Professional Award
BEST IT SECURITY-RELATED TRAINING PROGRAM
Finalists 2016• International Association
of Privacy Professionals for Certified Information Privacy Professional
• ISACA for CISA
• ISACA for CISM
• ISACA for CSXP
• (ISC)² for Certified Infor-mation Systems Security Professional (CISSP)
WINNERISACA
A global nonprofit associa-tion of 140,000 professionals in 180 countries, ISACA provides leadingedge cybersecurity guidance and research that is shared globally with members and nonmembers through conferences (in-person and virtual), webinars, a bimonthly journal, training courses, social media groups, blogs and research publications. Additionally, ISACA offers a chapter network of more than 200 chapters worldwide, offer-ing IT security professionals local training, professional net-working, certification review courses, and opportunities for the exchange of ideas and information. Members are also provided opportunities to take on leadership roles, participate in the development of research publications, and speak at conferences. ISACA created Cybersecurity Nexus (CSX) to help address the global need for skilled cybersecurity professionals. CSX provides
cybersecurity guidance, career development, education, research, credentials and train-ing for professionals at every stage of their careers.
Launched this year, CSXP is the first-ever vendor-neutral, performance-based cybersecu-rity certification. CSXP can-didates must demonstrate the ability to be a first responder to cyber incidents. The CSXP exam is conducted in a live virtual lab environment and indicates firewall, patching and anti-virus experience, as well as the ability to implement common security controls and perform vulnerability scans and analysis. To meet continu-ing professional education requirements, CSXPs must demonstrate skills in a lab or other skills-based environment on an annual basis and retest every three years at the highest level of CSX certification they have achieved. CSXP was de-veloped by a working group of cybersecurity experts and went through a rigorous review by more than 100 experts from around the world.
Professional Award
BEST PROFESSIONAL CERTIFICATION PROGRAM
SC AWARDS 2016
SC AWARDS 2016 19
SC AWARDS 2016
Professional Award Professional Award
SC AWARDS 2016
Finalists 2016• Bruce Wignall, CISO, TelePerformance
• Michael Echols, CISO, Maricopa County
• Michael Roling, CISO, state of Missouri, Office of Administration
• Pritesh Parekh, VP, CSO, Zuora
WINNERBruce Wignall, CISO, TelePerformance
Bruce Wignall became the first CISO of Teleperformance in 2005. The goal as defined by the then CEO and chairman was to become the industry preferred secure partner offer-ing security at least if not more secure than that of its clients.
This was a challenging task when one considers the IT security industry presents a unique set of challenges, in par-ticular ensuring the security of hundreds of mostly Fortune 500 clients from across a wide range of industries, including but not limited to, finance, health care, retail, telecommunications and IT. To complicate the challenge, the primary risk is internal, including 175,000 employees with access to highly confiden-tial data and access capabilities within the company’s customer base systems. Bruce built a team of more than 100 security pro-fessionals today in 62 countries. The security team includes many roles enabling multiple
professional security career opportunities from junior to specialized skilled set roles.
Bruce uses multiple com-munication channels to improve the security culture. Examples include an entire section on the company intranet dedicated to the Global Essential Secu-rity Policies, a new eLearning Security Awareness course and quiz, collateral materi-als, security awareness video that plays non stop on TVs throughout facilities worldwide, regular announcements from the CISO via email, a channel for Q&A and multi-casts to share instructions throughout the global organization. And, Bruce made a five-minute video of the company’s COO sharing the importance of security at Teleperformance.
By creating the Teleperfor-mance Global Security Coun-cil with members of the board and other top executives Bruce has raised awareness and forced actions and decisions at this executive level. Security topics are discussed for two hours every two weeks.
CSO OF THE YEAR
Finalists 2016• Goodwill
• Voya Financial
• Zuora
WINNERZuora
Zuora stores millions of card-holder and PII information and process millions of payment transactions. Zuora Security Office is responsible for all aspects of security, compliance, privacy and risk management. Its security team partners with entire organization to execute on its strategy. It has five func-tional areas/teams: Infrastruc-ture Security – Responsible for security, integrity and confiden-tiality of customer information; Product Security – Responsible for security of the product/services. Also responsible to integrate security as part of SDLC process; Compliance, Privacy and Risk Management – Responsible for all regulatory and industry requirements like PCI, SOC1/2, HIPAA, ISO 27001, and other certification/attestations; Corp/Internal IT – Responsible for security of endpoints, physical security, corporate systems and applica-tion. It offers security aware-ness for the entire organization;
Field Security – To work with prospects, customers, sales and legal team as part of sales cycle to close security issues for enterprise customer deals.
All functions (engineering, technical operations, sales, legal, product, finance, HR and others) integrate with security as part of their routine process, and provide a clear vision, mis-sion and strategy to the entire broader organization. The CEO and the executive team are part of the Security Oversight Committee to manage and ad-dress top risks to Zuora and to understand its business impact.
The company built an in-novative technology solution to solve security problems. Its security team rolled out a three-factor authentication project for accessing Zuora systems and services maintaining security and usability. It gained buy-in and adoption across the organization. Security team has made Security Awareness Program as one of the top priorities for the company.
For employee and partners, security awareness is a continu-ous education process at Zuora.
BEST SECURITY TEAM
SC AWARDS 2016 20
Professional Award
WINNERlnternet Security Alliance
We’re delighted to honor the multi-sector trade association Internet Security Alliance (ISA) as our selection for this year’s Editor’s Choice Award.
The ISA was established in 2000 and has since attracted big-name members – such as Verizon, Lockheed Martin and Northrup Grumman, as well as other public companies operating in aviation, defense, education, financial services, health care and manufacturing.
The Virginia-based think tank advises White House and Congress officials on cyberse-curity – including the U.S. Cy-ber Security Framework – and does this via an assortment of face-to-face meetings, thought leadership white papers and public policy.
Larry Clinton, the ISA’s president and CEO, has published widely on a number of cybersecurity topics and testifies regularly before Con-gress and other government agencies.
For example, in January, expert witnesses from the se-curity industry gathered before a joint hearing held by two subcommittees of the House Science, Space and Technology Committee to discuss ways in which the federal govern-ment – in the wake of several devastating data breaches, particularly that of the Office of Personnel Management – could learn about cybersecurity from the private sector. Clinton advocated for more investment in cybersecurity and urged the administration to step up its actions regarding the nation’s IT security.
“We believe that the government needs to follow the private sector’s lead,” Clinton said. “They need to become more educat-ed, more sophisticated and more innovative, and act with greater urgency and commitment with respect to cybersecurity.”
Further, just earlier this month, when President Obama an-nounced the creation of a federal CISO post and issued proposals to strengthen the nation’s IT security while increasing govern-ment spending on cybersecurity in the next fiscal year by 35 per-
cent to $19 billion, Clinton was there to offer a nuanced response that praised the moves as steps in the right direction, but urged accountability in the manner in which the government invests money.
“There needs to be better management of the money we are investing in cybersecurity,” Clinton said. “Programs ought to be
subjected to systematic cost-benefit analysis so that we can document where they are, and are not, succeeding.”
For the Winter 2015 edi-tion of the Journal of Strategic Security, Clinton penned an extensive article, “Best Prac-tices for Operating Govern-ment-Industry Partnerships in Cyber Security,” in which he chastises what he consid-ers the federal government’s “dysfunctional” initiatives to secure national systems to further industry-government partnerships. Surveying and assessing past processes, he offered solutions to strengthen “ambiguous strategy” and generated a consensus list of best practices for successfully operating such partnership programs in cybersecurity.
But, in a world more inter-connected than ever before, advocacy on this level is not just an American concern. “The Internet Security Al-liance is just one example
of industry coming together to influence policy on issues of cross-industry importance such as taxes and regulation,” Richard Knowlton, former Vodafone group corporate security direc-tor, said when discussions were underway in 2014 to establish a spinoff of the ISA in Europe, the Internet Security Alliance for Europe (ISAFE).
Knowlton, now chief executive of ISAFE, told SC at the time that he was instantly in favor of the idea and added that the group’s great differentiator is the lack of industry bias. “My first thought was ‘this is brilliant, there is nothing like it in Europe,” he told SC. “Lots of [public body] organizations are more or less good, but most are not cross-sector or multinational.”
EDITOR’S CHOICE
Larry Clinton, president and CEO, Internet Security Alliance (ISA)
SC AWARDS 2016
Haymarket Media 114 West 26th Street, 4th Floor
New York, N.Y. 10001Email: [email protected]
Telephone: 646-638-6008Fax: 646-638-6150
Web: www.scmagazine.com
#scawards
