Security products on tap at CSI Conference

WASHINGTON, D.C. -- The Computer Security Institute conference that kicked off here Monday served as the launch site for a collection of new and upgraded products focusing on security issues that range from network management to anti-fraud services to securing devices on a network.

The conference, in its 32nd year, has drawn 3,000 attendees, according to show organizers. The agenda of keynote and panel discussions includes the evolving responsibilities of CISOs, the latest in security-related legislation and regulatory issues, how neuroscience will affect the future of computing, and even a keynote speech about Washington by New York Times columnist William Safire.

In the conference’s exhibition hall, vendors are demonstrating their latest security offerings, including:

Cloakware

Cloakware upgraded its Cloakware Server Password Manager (CSPM) software for application-to-application authentication. Instead of relying on IDs and passwords that are “hard coded” into applications requiring access to data stored on servers, CSPM allows corporate developers to embed routines into their applications that acquire credentials for access at runtime from a central credential store, says Robert Grapes, senior product manager with Cloakware. More and more, auditors are recommending companies move away from hard-coding passwords in order to stay in compliance with new regulations, Grapes says.

Version 2.0 features password synchronization that automatically changes application passwords on a regular basis - typically every 90 days, says Grapes - to enhance security. It also features new administrator controls and new features for managing the encryption/decryption keys that protect server credentials. The upgrade is priced at $1,000 per ID-and-password combination.

Cloakware also announced an appliance version of its software, called CSPM Express, designed for small and medium-sized businesses. Priced at $100,000, the appliance is designed for companies with 200 servers or less.

StillSecure

StillSecure updated its Safe Access network access software designed to ensure only compliant devices are allowed access to an enterprise’s network. Version 4.0, available now and priced at $50 per IP address, works with 802.1x’s hardware-level policy enforcement for quarantining devices deemed non-compliant, according to company officials. Non-compliant devices can be directed into one of a number of virtual LANs - including guest, departmental, or individual - depending on the device’s level of security, they say. Once quarantined, devices can be put through remediation automatically by leveraging Safe Access’ Enterprise Integration Framework that works with a number of patch managers, or device users can be directed to resources pertaining to self-remediation, they say.