http://www.burtongroup.com/Research/DocumentList.aspx?cid=6 SRMS will empower you to build, deploy, and manage a security infrastructure that meets your organization's risk management requirements. SRMS will provide practical strategies for tying security management to your organization's governance structure and incorporating appropriate levels of risk assessment into business decision-making processes. en-us © 2008 Burton Group. All rights reserved http://www.burtongroup.com/Client/Research/Document.aspx?cid=1037 http://www.burtongroup.com/Client/Research/Document.aspx?cid=1037 With integrated anti-virus, anti-spyware, system firewall, and management capabilities, Trend Micro offers a strong endpoint anti-malware protection suite. In this Product Profile document, Principal Analyst Dan Blum evaluates Trend Micro’s OfficeScan. Product Profile Mon, 30 Jun 2008 01:00:00 GMT http://www.burtongroup.com/Client/Research/Document.aspx?cid=260 http://www.burtongroup.com/Client/Research/Document.aspx?cid=260 The e-mail industry has failed to converge on a universal standard for message encryption and signing. Instead, vendors have implemented a wide range of secure e-mail approaches. Some rely primarily on public key infrastructure (PKI) technologies and secret or symmetric key management. In this report, Analyst Randall Gamby assesses secure e-mail technology and market trends as well as standards such as Secure/Multipurpose Internet Mail Extensions (S/MIME), Secure Sockets Layer (SSL), Open Pretty Good Privacy (OpenPGP), identity-based encryption (IBE), and secret or symmetric key management. Report Fri, 13 Jun 2008 01:00:00 GMT http://www.burtongroup.com/Client/Research/Document.aspx?cid=1132 http://www.burtongroup.com/Client/Research/Document.aspx?cid=1132 Symantec’s Control Compliance Suite (CCS) includes significant capabilities to assess the security status of operating systems and some network devices. Internal workflow for policy, exception, and entitlement management is a highlight of the product but there are weaknesses in remediation. Symantec plans to integrate CCS with Altiris to extend the product’s remediation capabilities beginning in late 2008. In this Product Profile document, Service Director Eric Maiwald examines the features, shortcomings, and future of the Symantec CCS. Product Profile Wed, 04 Jun 2008 01:00:00 GMT http://www.burtongroup.com/Client/Research/Document.aspx?cid=1410 http://www.burtongroup.com/Client/Research/Document.aspx?cid=1410 The e-mail industry has yet to converge on a universal framework needed for securely sending e-mails. Instead, vendors' products hamper interoperability by offering too many choices. In this TeleBriefing, Analyst Randall Gamby assesses secure e-mail technologies, deployment options, vendor capabilities and market trends. TeleBriefing Tue, 27 May 2008 14:00:00 GMT http://www.burtongroup.com/Client/Research/Document.aspx?cid=1063 http://www.burtongroup.com/Client/Research/Document.aspx?cid=1063 F-Secure provides anti-malware offerings to consumers, businesses, and service providers with a variety of detection options. In this Product Profile document, Research Director Dan Blum describes and evaluates F-Secure’s products. Product Profile Wed, 14 May 2008 01:00:00 GMT http://www.burtongroup.com/Client/Research/Document.aspx?cid=793 http://www.burtongroup.com/Client/Research/Document.aspx?cid=793 Network intrusion detection and response systems (NIDRSs) are improving in their ability to correctly identify security events. The automated response (or prevention) capabilities of these systems are becoming more popular, but only when an organization is highly confident about the accuracy of the alerts. This report examines the detection and response capabilities of NIDRS products and the ways the products can be used as components of an organization’s security architecture. Report Thu, 08 May 2008 01:00:00 GMT http://www.burtongroup.com/Client/Research/Document.aspx?cid=1033 http://www.burtongroup.com/Client/Research/Document.aspx?cid=1033 Symantec Endpoint Protection (SEP) 11.0, released September 2007, mitigates many types of malware (including rootkits) through a single agent/single console package. The product has many strengths, but it has problems with cross-platform support and migration as well as a few missing pieces of anti-malware functionality. However, with its integrated endpoint protection and improved management capabilities, SEP should be on the shortlist to consider for enterprise anti-malware needs. Product Profile Thu, 24 Apr 2008 01:00:00 GMT http://www.burtongroup.com/Client/Research/Document.aspx?cid=751 http://www.burtongroup.com/Client/Research/Document.aspx?cid=751 Mature products in a mature market, enterprise firewalls nevertheless continue to evolve, adding nuanced features and competing for more responsibility for networking and deep-content inspection. Sometimes firewalls morph into unified threat management (UTM) solutions when they add application-layer functionality. In any case, firewalls remain a critical component of an organization’s perimeter (and other demarcation point) security. This report provides pertinent information for selecting firewalls that complement the security and network architecture of an organization. Report Thu, 17 Apr 2008 01:00:00 GMT http://www.burtongroup.com/Client/Research/Document.aspx?cid=1384 http://www.burtongroup.com/Client/Research/Document.aspx?cid=1384 Do you know where your data's been? Or more importantly, where it's going? Data Leakage Prevention (DLP) solutions have become popular in recent times to protect against leaks of personally identifiable information (PII), intellectual property, and other sensitive content. But DLP can be tricky when legitimate usage is not well understood. This session will identify the issues and strategies for deploying DLP solutions in an enterprise environment and make recommendations for success. TeleBriefing Tue, 15 Apr 2008 14:00:00 GMT http://www.burtongroup.com/Client/Research/Document.aspx?cid=1372 http://www.burtongroup.com/Client/Research/Document.aspx?cid=1372 In its annual overview of trends, the entire Security and Risk Management Strategies team weighs in on the critical protection issues facing organizations in 2008, by reviewing key concerns from last year and illuminating new challenges and opportunities. These include security metrics; response to outsourcing and software as a service; network and data security tradeoffs; governance, risk management, and compliance; and many others. The takeaways include significant Security and Risk Management Strategies research plans for the year. Overview Thu, 10 Apr 2008 01:00:00 GMT