http://NitroSecurity.com/ NitroSecurity news and press releases. daily 2 http://www.nitrosecurity.com/information/news/pr/2009/20090630.psp 2009-06-30T09:00 Tue, 30 Jun 2009 22:37:08 +0100 home Content-aware Platform Extends Life of Legacy SIEM Investments by Significantly Boosting Speed and Event Collection Capabilities NitroSecurity, Inc., today unveiled the NitroView Enterprise Security Manager (ESM) X5, the market's first content-aware Security Information and Event Management (SIEM) platform with the ability to peer deep into application content and individual sessions for greatly enhanced network security forensics. Boasting a massive memory capacity of 512 Gigabytes of high-speed DRAM, the NitroView ESM X5 has broken the performance barrier that has commonly plagued legacy SIEM's by boosting speed and the ability to collect and report on security events by a factor of ten. "SIEM systems must evolve well beyond log management if they are to truly become a critical element of the enterprise security contingency plan," said Michael Leland, chief technology officer of NitroSecurity. "NitroView X5 gives security managers the unprecedented ability to examine their infrastructure in full granular detail, including application content and full session details. It's the difference between guessing that a security breach may have happened four hours ago and knowing exactly which workstation, employee, and method was implemented to illegally capture credit card information." NitroView ESM X5 builds on the company's flagship product NitroView ESM, a robust security platform widely recognized as the marketplace's highest performing SIEM with the ability to collect, correlate and report on security events from every device, application, and data source associated with an enterprise network in real-time - a requirement for enterprises looking for an immediate response capability. At the core of a ten-fold jump in performance is a dedicated memory bank of 512 Gigabytes of high-speed DRAM, which allows NitroView to scale even higher without losing performance. As a result, the X5 can support uncompressed collection rates of up to 100,000 events and flows per second, and over 40 million events per second using event aggregation technology. "When you're managing thousands of servers, you can't wait hours for the information you need to investigate a threat, because a threat can propagate quickly. If it's a virus, every second increases the scope and cost of disinfecting the network. If it's a breach of sensitive data, that data is going to move outside of your control very quickly. In any case, every second counts, and every second costs real dollars," stated Leland. "NitroView was already recognized as the highest-performance SIEM in the industry, but it's a not a question of being the fastest: it's a question of being fast enough to support content-aware correlation, especially in very large networks." NitroSecurity's quest for high-performance information management isn't new. The company's core technology represents over 20 years of research and development, with several patents around data collection, storage and analysis that have allowed NitroView to distinguish itself into a new class of security information management. This technology, called NitroEDB, is sufficient to improve data management performance well beyond the capabilities of the traditional SQL or flat-file database systems used by other SIEMs--and is already responsible for earning NitroSecurity the leading position in SIEM performance. http://www.nitrosecurity.com/information/news/pr/2009/20090617.psp 2009-06-21T09:00 Wed, 17 Jun 2009 22:37:08 +0100 home Content-aware Platform Extends Life of Legacy SIEM Investments by Significantly Boosting Speed and Event Collection Capabilities NitroSecurity, Inc., long-time innovators of information security technology, today announced full support of the Common Event Format (CEF) within the company's award-winning Security Information and Event Management (SIEM) platform, NitroView. The support of this emerging standard provides compatibly with event and log collectors from other compliant IT security companies, allowing businesses invested in legacy SIEM technology to easily add support for real-time monitoring and analytics offered by NitroSecurity. Through support of CEF, NitroView can now be used either as a standalone content-aware SIEM, or to supplement existing SIEM deployments, overcoming the scalability and performance concerns which have notoriously plagued these systems. Legacy SIEM users are running into several performance barriers: as networks grow, the amount of information that needs to be collected per second also grows, often to hundreds of thousands of events per second; at the same time, the growing size of a SIEM's data store causes incident response performance to slow, limiting the usefulness of the SIEM to log management and reporting functions. NitroView's high-performance architecture overcomes these obstacles, providing event collection rates of millions of events per second, while maintaining real-time operations for data investigations, analysis, and response. The support of CEF provides a common event format that now enables the deployment of NitroView in parallel to legacy SIEMs, in a manner that is non-disruptive to the incumbent systems. For companies looking for real-time analytics and content-aware SIEM, NitroView's support of CEF enables them to use their existing log and event collection facilities to feed information to NitroView's high-speed threat detection and incident response engine. For companies requiring higher event collection rates, NitroView Receivers can collect events at high rates, correlate and aggregate those events to manageable rates, and pass them on to the legacy system in the common event format. The flexibility of deployment and a starting price of just $29,995--a fraction of the cost of legacy SIEMs--make NitroView a logical choice for budget-conscious companies who are looking to extend their information security capabilities during a tough economy. "Many companies are heavily invested in SIEM, and to disrupt that investment can sometimes be counter-productive, especially in larger networks," said Ken Levine, chief executive officer of NitroSecurity. "However, the need for greater performance is critical, as the level and complexity of threats increases. While NitroView is typically purchased as a total replacement for legacy SIEM, customers now have the option of supplementing their existing investments rather than replacing them outright, using a system that provides the real-time, operational support they need to improve their information security efforts, with minimal cost and zero impact to existing operations." About NitroView Enterprise Security Manager (ESM) NitroView ESM is the first and only content-aware Security Information and Event Management platform. Using patented data storage and management technology, NitroView is able to collect and manage billions of events, logs, network activity flows, and even application content--while maintaining the real-time analytics that are required for rapid incident response. NitroView's unique capability to monitor and analyze application content along with typical security events and logs provides unparalleled visibility into data usage, provides unparalleled threat detection and fraud detection capabilities. NitroView is Common Criteria certified to EAL3, and is validated by the FIPS140-2 level 2, and is able to support FISMA rapid response requirements as well as DOD and NIST directives. NitroView ESM is available now, with complete solutions starting at $29,995 USD. About NitroSecurity NitroSecurity develops security information and compliance management solutions that protect business information and infrastructure. NitroSecurity solutions reduce business risk exposure and increase network and information availability by removing the scalability and performance limitations of security information management. Utilizing the industry's fastest analytical tools, NitroSecurity identifies correlates and remediates threats in minutes instead of hours, allowing organizations to quickly mitigate risks to the organization's information and infrastructure. NitroSecurity serves more than 500 enterprises across many vertical markets, including healthcare, education, financial services, government, retail, hospitality and managed services. For more information, please visit nitrosecurity.com. http://www.nitrosecurity.com/information/news/pr/2009/20090527.psp 2009-05-27T09:00 Wed, 27 May 2009 22:37:08 +0100 home NitroGuard IPS provides enterprises with intrusion prevention and network flow collection at active throughputs of up to five gigabits per second ... Portsmouth, NH - April 15, 2009 - NitroSecurity, Inc., a long-time innovator of intrusion prevention solutions, has introduced new core technology into its popular NitroGuard Intrusion Prevention Systems (IPS) for the protection of critical 10-Gigabit network links. Now NitroGuard IPS provides enterprises with the benefit of intrusion prevention and network flow collection at active throughputs of up to five Gigabits per second, while reducing the cost and limitations typically associated with hardware-based acceleration. As the number and variety of security attacks continue to multiply, including viruses, worms, spyware, Denial-of-Service (DoS) attacks and zero day threats, enterprises need a solid line of defense to detect, analyze and block attacks in real time. The new 10-Gigabit NitroGuard IPS 5000 operates at exceptional throughput speeds, with a high number of concurrent sessions, while at the same time analyzing security events, logs, network behavior and flow data for anomalies. Using the industry's fastest data management engine, NitroGuard is able to return queries and analytics in seconds, even on massive amounts of historical data and without affecting NitroGuard's ability to continue processing new events. "We're tying performance to the processor," said Salo Fajer, chief strategy officer of NitroSecurity. "As processors continue to improve exponentially year after year, we can expect the capability of our architecture and products to improve as well." In addition to acceleration of its intrusion detection engine, the NitroGuard architecture received full multi-thread support, and optimization of all levels of computing I/O, improving overall performance and scalability. "We're offering hardware-based performance, but in a flexible and highly scalable software-based system," said Fajer. In addition to its speed, NitroGuard IPS provides advanced threat detection techniques through its integration with NitroView ESM, the Company's security information and event management system. As a result, information security professionals can monitor and protect core network connections with NitroGuard's combination of IPS, firewall and network flow collection capabilities, achieving a true defense-in-depth security strategy and improving overarching security management operations. With this release, improvements in throughput will also be seen across all current-generation NitroGuard IPS appliances after a software upgrade. The NitroGuard 5000 offers either four 10-Gigabit interfaces, or 12 1-Gigabit interfaces. The NitroGuard 5000 was released earlier this year and is generally available at this time. About NitroSecurity NitroSecurity develops security information and compliance management solutions that protect business information and infrastructure. NitroSecurity solutions reduce business risk exposure and increase network and information availability by removing the scalability and performance limitations of security information management. Utilizing the industry's fastest analytical tools, NitroSecurity identifies correlates and remediates threats in minutes instead of hours, allowing organizations to quickly mitigate risks to the organization's information and infrastructure. NitroSecurity serves more than 500 enterprises across many vertical markets, including healthcare, education, financial services, government, retail, hospitality and managed services. For more information, please visit nitrosecurity.com. About NitroSecurity NitroSecurity develops security information and compliance management solutions that protect business information and infrastructure. NitroSecurity solutions reduce business risk exposure and increase network and information availability by removing the scalability and performance limitations of security information management. Utilizing the industry's fastest analytical tools, NitroSecurity identifies correlates and remediates threats in minutes instead of hours, allowing organizations to quickly mitigate risks to the organization's information and infrastructure. NitroSecurity serves more than 500 enterprises across many vertical markets, including healthcare, education, financial services, government, retail, hospitality and managed services. For more information, please visit www.nitrosecurity.com. http://www.nitrosecurity.com/information/news/pr/2009/20090415.psp 2009-04-15T09:00 Thu, 15 Apr 2009 22:37:08 +0100 home NitroView Now Available for Federal Organizations Requiring Validated Security Standards ... Portsmouth, NH - April 15, 2009 - NitroSecurity, Inc., the company responsible for the evolution of security information management into a real-time, operational system, announced today that its security information and event management (SIEM) product, NitroView, has earned FIPS 140-2, Level 2 validation, the first on the market. Now, federal organizations can leverage FIPS validated products throughout the network, ensuring advanced security requirements and best practices are enforced across the entire organization. Established by the National Institute of Standards and Technology (NIST), the Federal Information Processing Standards (FIPS) 140-2 standard ensures that security devices are capable of protecting sensitive information through both physical and digital safeguards. While many organizations are leveraging FIPS 140-2 validated point solutions for a variety of security functions, including firewalls, anti-virus, and intrusion detection/prevention (IDS/IPS), until now federal agencies were unable to implement validated modules for SIEM. As a result, security information collected from these approved devices entered existing SIEM solutions that did not meet federal standards, increasing the risk of security breaches and data loss. The SAIC Cryptographic and Security Testing (CSTL) Laboratory Director stresses the importance of FIPS 140-2 validation. The SAIC CSTL is accredited by the National Institute of Standards and Technology, National Voluntary Accreditation Program (NVLAP) to perform FIPS 140-2 testing. "Without this FIPS 140-2 validation, there is no unbiased third-party assurance that the product's cryptography mechanisms are sufficient to protect sensitive information," said Cynthia Reese the SAIC CSTL Laboratory Director. "We hope recent validation of the NitroSecurity product suite will start a trend and motivate other SIEM product developers to achieve FIPS 140-2 Security Level 2 that will ultimately benefit SIEM product customers and users." NitroView joins other NitroSecurity solutions on the NIST approved product list, including the recently FIPS 140-2 validated NitroGuard IPS, the most highly qualified intrusion prevention appliance available today, as well as the NitroView EMS and Receiver. NitroSecurity is also currently under contract with the SAIC Common Criteria Testing Laboratory to take NitroView to Common Criteria Evaluation Assurance Level 4+ certification (EAL4+, medium robustness). "The lack of a FIPS 140-2 validated SIEM solution was a significant gap in the NIST approved product list, leaving federal information systems without the true defense-in-depth strategy that is required with today's threats," said Ken Levine, chief executive officer, NitroSecurity. "NitroSecurity has worked hard to provide the market with the only FIPS validated SIEM product and the most highly validated IPS appliance, and we are confident that our federal customers will benefit from these options." NitroView is capable of analyzing, correlating and reporting on billions of security events, network flows and logs per minute. By using NitroView, organizations can mitigate risk to their information and infrastructure by responding to and eliminating security threats in minutes instead of the hours typically required with other SIEM technology. NitroSecurity will host a free webinar on May 6, 2009 at 2:00 pm ET, which will discuss the benefits and impact of implementing a FIPS 140-2 validated SIEM solution for advanced cryptography and security management. To register, please visit: https://nitrosecurityevents.webex.com/nitrosecurityevents. Stop by the NitroSecurity booth, #745, at the RSA Conference this month to learn about the future of application protocol management, log management, database activity monitoring and SIEM integration. For more information and to receive a free pass to the show, visit nitrosecurity.com/specials/rsa2009. About NitroSecurity NitroSecurity develops security information and compliance management solutions that protect business information and infrastructure. NitroSecurity solutions reduce business risk exposure and increase network and information availability by removing the scalability and performance limitations of security information management. Utilizing the industry's fastest analytical tools, NitroSecurity identifies correlates and remediates threats in minutes instead of hours, allowing organizations to quickly mitigate risks to the organization's information and infrastructure. NitroSecurity serves more than 500 enterprises across many vertical markets, including healthcare, education, financial services, government, retail, hospitality and managed services. For more information, please visit www.nitrosecurity.com. http://www.nitrosecurity.com/information/news/pr/2009/20090401.psp 2009-04-01T09:00 Wed, 01 Apr 2009 22:37:08 +0100 home New detection signatures and techniques across the company's IPS, Log management, and SIEM products combine to detect, block, and isolate Conficker ... Portsmouth, NH - April 1, 2009 - NitroSecurity, Inc., the company responsible for the evolution of security information management into a real-time, operational system, released additional signatures and updates to bolster protection against the growing threat of the Conficker worm. NitroSecurity utilizes IPS blocking technology, windows registry and log monitoring, and SIEM correlation features all as one integrated solution to detect and block the Conficker worm. The worm has been unusually difficult to counter because of its combined use of advanced malware techniques. Since Conficker was first discovered, NitroSecurity has released over fifty signature and policy updates to address worm variations and obfuscations. NitroSecurity's approach provides tiered protection: first through a series of IPS signatures that can block new Conficker attacks; and then through a series of techniques to detect symptoms of a Conficker infection, including Windows registry changes, the shutdown of security services, and the creation of .dll files, all of which can be indicative of a Conficker infection. If a network is infected, NitroSecurity's Security Information and Event Management product, NitroView SIEM, combines Conficker-related actions from the IPS, information from relevant Windows logs, and system vulnerability information to easily manage the root cause, identify the vectors used to propagate the worm to other systems, and quickly identify any systems that are at risk. "Especially in large networks, a layered approach to security is the best defense against worms such as conficker, which go to lengths to cover their tracks," said Michael Leland, NitroSecurity's Chief Technology Officer. "Stopping the threat outside of your network is ideal, but if it does get in, a comprehensive approach including log analysis and SIEM capabilities will help spot the worm, track it, and remove it." The solution, which correlates security data from multiple systems to detect and block complex attacks, was first used by NitroSecurity to successfully block DNS exploits that were announced last year at DefCon. "When threats become this sophisticated, point-defenses aren't enough; everything has to work together," Leland added. The Conficker worm, which first surfaced in October 2008, targets Microsoft Windows operating systems. About NitroSecurity NitroSecurity develops security information and compliance management solutions that protect business information and infrastructure. NitroSecurity solutions reduce business risk exposure and increase network and information availability by removing the scalability and performance limitations of security information management. Utilizing the industry's fastest analytical tools, NitroSecurity identifies correlates and remediates threats in minutes instead of hours, allowing organizations to quickly mitigate risks to the organization's information and infrastructure. NitroSecurity serves more than 500 enterprises across many vertical markets, including healthcare, education, financial services, government, retail, hospitality and managed services. For more information, please visit www.nitrosecurity.com. http://www.scmagazineus.com/Desired-state-Retailers-get-compliant-with-PCI/article/129487/ 2009-03-26T09:00 Wed, 26 Mar 2009 22:37:08 +0100 industry http://www.nitrosecurity.com/images/sc_magazine.jpg Whether online or brick-and-mortar, retailers are challenged with securing the integrity of their payment systems to meet regulatory mandates, reports Greg Masters. . http://www.nitrosecurity.com/information/news/pr/2009/20090326.psp 2009-03-26T09:00 Thu, 26 Mar 2009 22:37:08 +0100 NitroGuard IPS Earns Level 2 certification; SIEM certification to follow ... Portsmouth, NH - March 26, 2009 - NitroSecurity, Inc., the company powering security information and compliance management with actionable data intelligence, announced today that its NitroGuard Intrusion Prevention System has earned FIPS 140-2, Level 2 certification. Now, federal information systems organizations can deploy NitroGuard IPS as a secure cryptographic module for detecting and blocking attacks as they occur, and providing data to higher-level security management systems for in-depth forensic analysis. The Federal Information Processing Standards (FIPS) 140-2 standard ensures that security devices are capable of protecting sensitive information through both physical and digital safeguards. This certification strengthens NitroGuard's existing Common Criteria Evaluation Assurance Level 3 certification (EAL 3), further substantiating the product's lead position in the IDS/IPS market, and making it the most highly certified IPS appliance available. As a result, NitroGuard can be deployed in a wider range of federal information system environments, under the information security laws established by the Federal Information Security Management Act (FISMA). NitroSecurity is also currently under contract to take both the NitroGuard and NitroView solutions to Common Criteria Evaluation Assurance Level 4+ certification (EAL4+, medium robustness), further demonstrating the company's commitment to answering the federal market's need for advanced security offerings. In addition, NitroSecurity plans to continue efforts to introduce even more security options onto the National Institute of Standards and Technology's (NIST) approved products list, through the certification of its security information and event management (SIEM) product, NitroView. NitroView has already completed testing and validation and is listed in finalization on the NIST web site. "There is a lot of confusion in the market today about which vendors have completed the validation process and are truly FIPS certified. As a result, federal agencies are left vulnerable to deploying security products that do not meet all the requirements," said Ken Levine, chief executive officer, NitroSecurity. "We've worked closely with NIST to prove our product meets every FIPS standard and we'll continue to do so as our product suite continues to grow and evolve. I am confident that our DoD customers, in particular, will be pleased that we have come through this process." NitroGuard IPS actively protects networks from an array of security attacks, including viruses, worms, spyware, Denial-of-Service (DoS) attacks and other forms of malware, by identifying and neutralizing threats in real-time. NitroGuard recently earned acclaim for successfully preventing DNS cache poisoning exploits using the "Kaminsky" DNS vulnerabilities, first detailed at BlackHat/DEFCON in August, 2008. Stop by the NitroSecurity booth 745, at the RSA Conference this April to learn about the future of application protocol management, log management, database activity monitoring and SIEM integration. For more information and to receive a free pass to the show, visit nitrosecurity.com/specials/rsa2009. About NitroSecurity NitroSecurity develops security information and compliance management solutions that protect business information and infrastructure. NitroSecurity solutions reduce business risk exposure and increase network and information availability by providing actionable data intelligence to monitor, protect and alert organizations about suspicious or harmful network activities from inside or outside the enterprise. Utilizing the industry's fastest analytical tools, NitroSecurity will identify, correlate and remediate threats in minutes instead of hours, allowing organizations to quickly mitigate risks to the organization's information and infrastructure. NitroSecurity serves more than 500 enterprises across many vertical markets, including healthcare, education, financial services, government, retail, hospitality and managed services. For more information, please visit www.nitrosecurity.com. http://www.eweek.com/c/a/Security/NitroSecurity-Acquisition-Marries-Application-Database-Monitoring-287437/ 2009-03-18T09:30 Wed, 18 Mar 2009 23:37:08 +0100 industry http://www.nitrosecurity.com/images/eweek-logo.gif "No other SIEM is collecting application information at this level, and correlating in real-time with flow data, database activity monitoring, events data and IPS data." http://www.masshightech.com/stories/2009/03/09/daily38-Nitrosecurity-nabs-UKs-Chronicle-Solutions.html 2009-03-12T09:00 Thu, 12 Mar 2009 22:37:08 +0100 industry http://nitrosecurity.com/images/masshitech.gif "NitroSecurity has historically focused on ensuring regulatory compliance of large, networked systems at government agencies, health-care facilities and large enterprises. The two recent acquisitions will allow the company to focus on more proactive security functions like threat detection and prevention." http://www.nitrosecurity.com/information/news/pr/2009/20090318.psp 2009-03-18T09:00 Wed, 18 Mar 2009 22:37:08 +0100 Company Provides Expertise, Integrated Data Security and SIEM to Maximize Cardholder Protection and Facilitate PCI-DSS Compliance Portsmouth, NH - March 18, 2009 - NitroSecurity, Inc., the company powering security information and compliance management with actionable data intelligence, today announced that it has acquired the assets of Chronicle Solutions. NitroSecurity will integrate Chronicle's application protocol monitoring (APM) technology with its award-winning security information event management (SIEM) and database activity monitoring (DAM) solution, NitroView ESM, to deliver customers more advanced threat and fraud detection capabilities. Application security has become much more important for customers in order to meet compliance requirements and enact early incident mitigation by tying actions back to individuals. However, many application logs don't inherently provide the depth or breadth of information to ensure real security in a timely manner. Application protocol monitoring changes this reactive method of investigation to a proactive detection technology, while at the same time providing a higher quality of auditable evidence for both compliance purposes and incident response. "Customers are already challenged in dealing with the volume of network security information flooding their systems and traditional application reporting has left them largely in the dark security-wise," said Mike Montecillo, security and risk management analyst, Enterprise Management Associates. "Combining layer 7 application security information with an investment in network and database monitoring, such as that from NitroSecurity, is a good strategy for companies who are looking for increased compliance and more rapid mitigation of the types of incidents that litter today's headlines." The integration of Chronicle's technology allows direct correlation and analysis of protocols and applications, and fully decodes layer 7 packet information, allowing NitroView ESM to now collect deeper information about application use for both greater detail in forensic investigations and more effective incident response. For example, by collecting layer 7 information on an email session or Internet browsing, NitroView now has visibility to address the information, attachments and content of the email. Correlating this type of detail against database activity and other events, it's now possible to fully investigate security incidents and mitigate additional issues while providing proactive alerts on items like specific application policy violations. "As showcased by the strong market reaction to our recent NitroView SIEM and DAM integration, customers are looking for unified security solutions that can streamline security monitoring and mitigation," said Ken Levine, chief executive officer, NitroSecurity. "Adding Chronicle's layer 7 capabilities to NitroView gives customers exactly what they need; increased visibility and actionable information at a speed and accuracy that advances active mitigation and answers complex compliance mandates." Stop by the NitroSecurity booth, #745, at the RSA Conference this April to learn more about the future of application protocol management, log management, database activity monitoring and SIEM integration. For more information and to receive a free pass to the show, visit nitrosecurity.com/specials/rsa2009. http://www.nitrosecurity.com/information/news/pr/2009/20090302.psp 2009-03-02T09:00 Mon, 02 Mar 2009 22:37:08 +0100 Company Provides Expertise, Integrated Data Security and SIEM to Maximize Cardholder Protection and Facilitate PCI-DSS Compliance NitroSecurity, Inc., a leading provider of network and information security solutions, announced today it has joined two important industry groups, the PCI Security Alliance and PCI Security Standards Council. The Company brings its expertise to all 12 requirements of the PCI Digital Security Standard (PCI-DSS) through the integration of tools for monitoring credit card data directly, and providing the analysis and reporting required to track all access to that data. This combination of Log Management, Database Monitoring, Intrusion Prevention, and SIEM into a single interface facilitates all aspects of compliance, from the detection of where sensitive data exists, to absolute visibility into who accesses that data. The PCI Security Alliance is a group of companies committed to providing products and services for industry members that must achieve compliance with stringent PCI standards. NitroSecurity, a platinum member, joins the group with the industry's first integrated DAM and SIEM solution, NitroView, used by those affected by PCI requirements to detect, track and respond to abnormal or malicious activity across the enterprise. In addition to providing its technology to the industry, NitroSecurity will offer security expertise through its membership of the PCI Security Standards Council. The organization was founded by American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa, Inc. to increase data security by educating the industry about PCI-DSS. As a participant, NitroSecurity will help shape the direction of future PCI standards and assist in increasing awareness of the compliance requirements and security best practices. "The PCI Security Alliance and the PCI Security Standards Council are two organizations vital to the health of the retail industry and the protection of customer data," said Ken Levine, chief executive officer, NitroSecurity. "We look forward to working with both groups to educate the market on how to use today's technology to achieve enhanced security and remain PCI compliant." The PCI-DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. Developed by founding payment brands of the PCI Security Standards Council, this comprehensive standard is intended to help organizations, including retailers, proactively protect customer account data. For example, retailers are leveraging integrated security solutions like NitroView to log all access to personal identification information, cardholder data and other protected assets by correlating network activity with logs, events, flows and user identity. As a result, organizations meet compliance standards and reduce the risk of data loss. NitroSecurity offers an on-demand webinar, which discusses how to use SIEM, Database Activity Monitoring (DAM), and Log Management to meet all 12 requirements of PCI-DSS. To listen, please visit: nitrosecurity.com/webcasts. Stop by the NitroSecurity booth, 745, at the RSA Conference this April to learn more about the future of Log Management, Database Activity Monitoring and SIEM integration. For more information and to receive a free pass to the show, visit nitrosecurity.com/specials/rsa2009. http://www.nitrosecurity.com/information/news/pr/2009/20090217.psp 2009-02-17T09:00 Tue, 17 Feb 2009 22:37:08 +0100 http://nitrosecurity.com/research/gartner-dam-2009 NitroView Database Monitor and SIEM Integration Answers Demand for Industry Transitioning Away from Stand-alone DAM Solutions NitroSecurity, Inc., a leading provider of network and information security solutions, was included in the recent Gartner Database Activity Monitoring (DAM) Market Overview. NitroSecurity is among the 10 DAM technology providers named in this overview of a market Gartner estimates "to be approximately $100 million, and demand remains steady." NitroSecurity is included in this overview based on its previously announced integration of database activity monitoring to its already successful NitroView SIEM technology, first announced in January 2009. In the overview Gartner notes that "enterprises are increasingly evaluating DAM technologies, in response to compliance and security management requirements," and "Gartner believes that, ultimately, it will be largely delivered within broader product offerings." NitroSecurity integrated its flagship SIEM technology (NitroView ESM) with its database activity monitoring product (NitroView DBM) in order to meet market demand for defense in-depth solutions. NitroView's integrated approach allows enterprises to achieve true enterprise-wide visibility by correlating database activity with logs, events, flows and user identity, even across pooled applications. As a result, enterprises can significantly reduce the risk of web application and network attacks to minimize data loss. In addition to reducing risk and cost, the level of detection, remediation and reporting in NitroView greatly facilitates compliance efforts by logging all access to personal identification information, cardholder data and other protected assets. Using NitroView, enterprises can feel confident that they are meeting PCI-DSS, HIPAA and other stringent compliance regulations as they improve their database security. "We believe our inclusion in Gartner's DAM market overview, especially when considering they highlight the growing trend of technology integration with existing solutions such as SIEM, is great validation of NitroSecurity's vision," said Ken Levine, chief executive officer, NitroSecurity. "An integrated solution is the best approach for our customer's combined compliance and security needs." NitroView DBM is currently available in agent and agentless (appliance) models. A NitroView DBM starter kit (one appliance, reporting and five database licenses) starts at $25,995. NitroView DBM host agents cost $695 and provide native auditing capabilities to supplement the network-based monitoring provided by NitroView DBM appliances. For more information on NitroSecurity's Database Activity Monitoring offerings, nitrosecurity.com/regulatory-compliance/database-monitoring/ To view the entire Gartner report, "Database Activity Monitoring Market Overview" by Jeffrey Wheatman and Mark Nicolett, published February 3, 2009, please visit: http://nitrosecurity.com/research/gartner-dam-2009 Stop by the NitroSecurity booth, #745, at the RSA Conference this April to learn more about the future of Log Management, Database Activity Monitoring and SIEM integration. For more information and to receive a free pass to the show, visit nitrosecurity.com/specials/rsa2009/. http://www.nitrosecurity.com/information/news/pr/2009/20090128.psp 2009-01-28T09:00 Wed, 28 Jan 2009 22:37:08 +0100 NitroSecurity, Inc., a leading provider of network and information security solutions, today announced that online retail services provider Novator Systems Ltd selected the integrated NitroView Database Monitor and NitroView Enterprise Security Manager solution to help meet PCI-DSS compliance requirements. Using NitroSecurity's integrated technology, Novator is now able to perform the industry's deepest level of database monitoring, auditing, and event analysis to protect sensitive data and manage risks. Novator's solutions and services have been the foundation of some of the world's most demanding e-commerce businesses since 1993 and in many respects, pioneered the hosted, On-Demand e-commerce model with their first client, FTD.com, nearly 15 years ago. Novator has five datacenters across the globe and over 70 database servers. The company needed to monitor, log and audit all access to their databases from applications and by authorized database users. In addition, Novator required a security solution that met stringent internal business requirements designed to protect end customer data. NitroSecurity's database monitoring and SIEM integration allows Novator to monitor database activity and alert on anomalies, log all access to business-critical information and correlate data for in-depth forensic analysis of all events in real time. By combining these capabilities, Novator can achieve true visibility into database activity and easily audit access by user or application in order to thwart hackers and meet compliance standards. "We required a deep level of monitoring, event detection and auditing that most standalone database monitoring and SIEM products could not provide," said Aaron Posner, Vice President of eRetail Services at Novator. "NitroSecurity's integrated products allow us to not only track activity but to analyze events so we can understand and audit our environments to properly mitigate risk." Novator joins the hundreds of other NitroSecurity customers that are benefiting from the Company's integrated, unified security solution. Backed by a high-speed information processing architecture capable of receiving and analyzing data at extremely high speeds, NitroView DBM and NitroView ESM provide enterprises with the ability to manage risks resulting from database vulnerabilities by providing monitoring, session logging, correlation, notification and real-time analysis in one solution. "Customers in compliance-heavy markets like retail require a security strategy that goes beyond simple database monitoring. To truly mitigate risk and meet compliance standards, enterprises need to capture events and analyze data in real-time in order to comprehensively log and audit user access," said Ken Levine, chief executive officer, NitroSecurity. "We're pleased that Novator understands the benefits of an integrated database monitoring and SIEM approach and are experiencing improved security and ROI similar to many NitroSecurity customers." NitroSecurity will host a free webinar on January 28, 2009 at 2:00pm ET, which will discuss how to use SIEM, Database Activity Monitoring (DAM), and Log Management to meet all 12 requirements of PCI-DSS. To register, please visit: http://nitrosecurity.com/webcasts/ http://news.cnet.com/8301-1009_3-10148229-83.html 2009-01-22T09:00 Thu, 22 Jan 2009 22:37:08 +0100 industry http://www.nitrosecurity.com/images/cnet.jpg "In today's dangerous security landscape, no data is considered "noise" anymore. Rather, security analysts now want access to terabytes of historical data for analysis. Furthermore, this underlying data has become more complex. Beyond just log files, security analytics now encompasses other data types like network flows, directories, physical access, and video surveillance." http://www.rsaconference.com/2009/US/Home.aspx 2009-04-20T09:00 Mon, 20 Apr 2009 22:37:08 +0100 event expired http://www.nitrosecurity.com/images/rsa_promo.jpg http://nitrosecurity.com/downloads/rsa_2009_pass.pdf Please visit us in booth 745 at the RSA Conference 2009, April 20-24, San Francisco, CA. While at the show, stop by and mention the code 'NitroPod' for a chance to win an iPod Nano. http://www.blackhat.com/html/bh-dc-09/bh-dc-09-main.html 2009-02-16T09:00 Mon, 16 Feb 2009 22:37:08 +0100 expired http://www.nitrosecurity.com/images/blackhat_promo.jpg BlackHat DC, Feb 16-19, Washington DC http://www.blackhat.com/ 2009-07-25T09:00 Sat, 25 Jul 2009 22:37:08 +0100 event http://www.nitrosecurity.com/images/blackhat_promo.jpg BlackHat USA, July 25-30, Las Vegas, NV. Stop by and see the "Ultimate SIEM Smackdown" -- ForeGround Security will demonstrate several exploits, and we'll demonstrate how to stop them. Watch this awesome contest of Hack-Fu and earn an invitation to an exclusive party at the Shadow Club. http://www.sans.org/sans2009/ 2009-03-01T09:00 Sun, 01 Mar 2009 22:37:08 +0100 expired http://www.nitrosecurity.com/images/sans_lv_promo.jpg SANS 2009, March 1-9, Orlando, FL http://www.sans.org/tysonscorner09/ 2009-04-14T09:00 Tue, 14 Apr 2009 22:37:08 +0100 event expired http://www.nitrosecurity.com/images/sans_lv_promo.jpg SANS, April 14-22, Tysons Corner, VA http://www.sans.org/securityeast09/ 2009-05-04T09:00 Mon, 4 May 2009 22:37:08 +0100 event expired http://www.nitrosecurity.com/images/sans_lv_promo.jpg SANS Security East, May 4-12, New Orleans http://www.sans.org/sansfire09/ 2009-06-13T09:00 Sat, 13 Jun 2009 22:37:08 +0100 event http://www.nitrosecurity.com/images/sans_lv_promo.jpg SANSFire 2009, June 13-22, Baltimore, MD. Stop by our booth and see a live demonstration of the world's first "content aware" SIEM, correlating logs and events to application content. http://www.eweek.com/c/a/Security/Vendors-Tie-Database-Activity-Monitoring-to-Security-Event-Management/ 2009-01-14T09:00 Wed, 14 Jan 2009 12:32:08 +0100 industry http://www.nitrosecurity.com/images/eweek-logo.gif "DAM is a natural fit for security information management as it moves its focus away from correlation and auditing and towards analysis and security" http://www.nitrosecurity.com/information/news/pr/2009/20090114.psp 2009-01-14T09:30 Wed, 14 Jan 2009 22:38:08 +0100 NitroSecurity, Inc., a leading provider of network and information security solutions, today announced that NitroView is now fully integrated to provide the industry's first database activity monitoring and security information management solution. Users can now reduce the cost and inefficiency of standalone products and improve their security protection and compliance by detecting, tracking and responding to abnormal or malicious activity across the entire enterprise. "Aberdeen's research shows that companies achieving Best-in-Class performance are moving to solutions designed to address their security, risk and compliance requirements while minimizing operational impact and reducing total cost," said Derek Brink, vice president and research fellow for IT Security, Aberdeen Group. "In the current economy, we see priorities shifting to reducing cost and reducing complexity, even while expanding security functionality. An integrated approach - such as NitroSecurity's integration of DAM and SIEM solutions - is well-aligned with these trends." NitroView's integrated approach allows enterprises to leverage the speed and depth of event analysis and correlation provided by its flagship SIEM technology (NitroView ESM) with its database activity monitoring product (NitroView DBM). By combining these capabilities, NitroView provides true enterprise-wide visibility by correlating database activity with logs, events, flows and user identity, even across pooled applications. As a result, enterprises can significantly reduce the risk of web application and network attacks to minimize data loss. In addition to reducing risk and cost, the level of detection, remediation and reporting in NitroView greatly facilitates compliance efforts by logging all access to personal identification information, cardholder data and other protected assets. Using NitroView, enterprises can feel confident that they are meeting PCI-DSS, HIPAA and other stringent compliance regulations as they improve their database security. "Many of our customers are looking to better secure their databases and database activity monitoring is attractive," said Mark Emerick, practice manager, Information Risk Management of Melillo Consulting, a 20-year-old technology solutions integrator with mid to large enterprise customers across multiple industries. "Yet they are reluctant to add another point product because of both financial and technical reasons. NitroSecurity integrating database monitoring seamlessly into their SIEM product provides customers optimal flexibility and cost efficiencies." "Increasingly, the market is demanding unified security solutions that bring together core security capabilities. For NitroSecurity, it was natural for us to combine our award-winning SIEM and database activity monitoring technologies into one solution," said Ken Levine, chief executive officer, NitroSecurity. "An integrated solution is the best approach for thwarting hackers and provides higher ROI for our customers." NitroView DBM is currently available in agent and agentless (appliance) models. A NitroView DBM starter kit (one appliance, reporting and five database licenses) starts at $25,995. NitroView DBM host agents cost $695 and provide native auditing capabilities to supplement the network-based monitoring provided by NitroView DBM appliances. To read more about Aberdeen's report on "Protecting the Database" please visit www.aberdeen.com/link/sponsor.asp?spid=30411466%26cid=5302 http://www.nitrosecurity.com/information/news/pr/2008/20081215.psp 2008-12-15T09:30 Mon, 15 Dec 2008 22:38:08 +0100 NitroSecurity, Inc., a leading provider of network and information security solutions, today announced that it has been named an "Industry Innovator" for Threat Analysis by SC Magazine. Described by the publication as having a "blazingly fast backend database," the NitroView ESM product line is the industry's fastest security information and event management (SIEM) solution available, combining speed with detailed event analysis so organizations can mitigate risk, respond to and eliminate threats in minutes instead of hours. The NitroView product line, including the recently available NitroView Enterprise Security Manager (ESM) 5000, uses a high-speed information processing architecture capable of receiving and analyzing data at extremely high speeds. Unlike other SIEM technology, NitroView goes beyond detecting and alerting on anomalies by performing in-depth forensic analysis in real time, necessary to prevent or reduce the exposure to threats, including loss of data, DoS and DNS attacks. Because of this capability, SC Magazine includes NitroSecurity as a second-year "Industry Innovator" in its December "Year in Review," where editors and reviewers test and recognize the year's leading IT products. In this year's issue, the publication highlights NitroSecurity's ability of taking SIEM technology to the next level with a solution that goes beyond industry standards of just collecting and analyzing data without dropping packets. Noted in the article is NitroView's leverage of NitroEDB, the industry's fastest database, for "analyzing threats at a level unique in the industry" in order to know vulnerabilities, calculate and manage risk in real-time. In addition to NitroSecurity's technological innovation, the article also cites the Company's close relationship to customers and its partner ecosystem as factors in its success. "We're honored to be recognized by such a highly-regarded, leading industry publication," said Ken Levine, chief executive officer, NitroSecurity. "It's rewarding to know that the editors at SC Magazine value the innovation behind NitroView and recognize the product line's ability to provide real-time capabilities other SIEM technologies can't offer. As the publication points out, NitroSecurity's technology innovators will always be researching and developing the next phase of our technology so we can better serve our customers, partners and the industry." To learn more about NitroSecurity's innovative technology, take a "test drive" or sign up for a live demonstration led by a NitroSecurity engineer. More information can be also found at www.nitrosecurity.com. The SC Magazine article can be viewed at: http://www.nitrosecurity.com/downloads/SC_Innovator_2008.pdf http://www.nitrosecurity.com/downloads/SC_Innovator_2008.pdf 2008-12-15T09:00 Mon, 15 Dec 2008 22:37:08 +0100 award http://www.nitrosecurity.com/images/SC-Innovator-08.gif http://www.nitrosecurity.com/information/news/pr/2008/20081118.psp 2008-11-18T09:00 Tue, 18 Nov 2008 22:37:08 +0100 NitroSecurity, Inc., a leading provider of network and information security solutions, today announced the availability of the "NitroView Enterprise Security Manager (ESM) 5000 family of SIEM products that are capable of analyzing, correlating and reporting on billions of security events, network flows and logs per minute. With NitroView ESM 5000 organizations can now mitigate risks to their information and infrastructure by responding to and eliminating security threats in minutes instead of the hours typically required with current SIEM technology. The SIEM products currently on the market are mostly capable of detecting and alerting on a particular incident. However, they do not have the high-speed processing capability to perform the in-depth forensic analysis necessary to prevent or reduce the exposure to looming threats including loss of data, DoS and DNS attacks. Supported by the patented NitroEDB relational data management engine, NitroView ESM 5000 is capable of meeting, and in most cases exceeding, this response time. "As business needs evolve, so do SIEM capabilities, which is important if vendors wish to remain cutting-edge," said Jon Oltsik, senior analyst, Enterprise Security Group. "One of the biggest things we have noticed is that there is a direct correlation between the amount of data available to a SIEM and the value it provides to an organization that has implemented it as part of their overall security structure.The NitroView ESM 5000 SIEM is able to deliver an "Order of Magnitude" increase in event, log and flow processing capability, including the ability to: - Analyze and correlate months or years worth of network event, log and flow data in minutes - down to the preserved packet level. - Process a sustained input of four million events/flows/logs per second while simultaneously analyzing, correlating and reporting on 100 million record queries per second (six billion per minute). NitroView ESM 5000 is currently available in four models with pricing starting at $39,995. Pricing is based on models that have input and correlation rates ranging from two million events per second (eps); 25 million record queries per second to four million eps; 100 million record queries per second. To register for a live demonstration of the NitroView ESM 5000 led by an engineer or to test drive this industry leading SIEM product please visit the NitroSecurity website. For more information, you can also download NitroSecurity's whitepaper titled "Fundamental Requirements of SIEM." http://www.nitrosecurity.com/information/news/pr/2008/20081014.psp 2008-10-14T09:00 Tue, 14 Oct 2008 22:37:08 +0100 NitroSecurity, Inc., a leading provider of network and information security solutions, today announced that for the first time it will receive advanced information from Microsoft about their monthly security bulletins to anticipate emerging threats and provide mutual customers with more timely protections. As part of the Microsoft Active Protections Program (MAPP), NitroSecurity will have early access to vulnerability information aiding in the protection of Microsoft customers and the development of protection from common and more complex security issues. With this opportunity, NitroSecurity can deliver protection features to customers more efficiently and effectively. "With millions of people using Microsoft products everyday, the ability to provide timely defense from vulnerabilities is a necessity," said Ken Levine, chief executive officer, NitroSecurity. "MAPP enables NitroSecurity and Microsoft to reduce risk and increase protection for our customers." By receiving vulnerability information earlier, security providers such as NitroSecurity can provide customers with potential security protection features, such as third-party intrusion detection systems or intrusion prevention systems. "Our partners share our passion for industry collaboration to protect a world full of Internet users," said Mark Miller, director of Microsoft's Trustworthy Computing product management. "No one company can accomplish this by itself. That is why we are partnering with NitroSecurity to advance and For more information on MAPP, please visit www.microsoft.com/security/msrc/mapp/overview.mspx http://www.darkreading.com/document.asp?doc_id=164677%3FWT.svl=wire_9 2008-09-26T09:00 Fri, 26 Sep 2008 22:32:08 +0100 industry http://www.nitrosecurity.com/images/dark_reading.gif Dark Reading reports on NitroSecurity's recently announced DNS solution. http://www.nitrosecurity.com/information/news/pr/2008/20080923.psp 2008-09-23T09:00 Tue, 23 Sep 2008 22:37:08 +0100 NitroSecurity, Inc., a leading provider of network and information security solutions, today announced that it has developed a unique IPS solution that virtually eliminates the threat of DNS Cache Poisoning. Through research with the Rochester Institute of Technology (RIT), NitroSecurity demonstrated that its IPS, combined with the DNS server patch, provides protection against the exploit that is nearly 100 percent effective. The DNS exploit presents a challenge in regard to protection. Simply blocking the vulnerability via a standard IPS detection signature would prevent access to the DNS altogether. Therefore, it is crucial to have a broad solution that not only blocks the exploit, but does not compromise the functionality of the DNS. Working with RIT, NitroSecurity has validated a solution to actively detect and block the DNS exploit while still allowing the DNS to function properly. Recently, the DNS exploit gained widespread industry attention when Dan Kaminsky presented on the topic at this year's Black Hat Conference in Las Vegas. If successfully executed, the exploit represents a massive security threat. Although a patch has been released, DNS servers can still be easily compromised over a short period of time. NitroSecurity's research with leading experts puts the risk at 10 percent within a week's time and 37 percent within a month. For those organizations that are unable to apply a DNS patch, the research also validates that utilizing the upgraded NitroSecurity IPS solution without the DNS server patch provides similar protection to using the patch alone. "In our rigorous testing, we found that the solution to the DNS problem is to provide secondary measures, in addition to the current patch, to reduce the chances of exploitation," said Bill Stackpole, assistant professor, Rochester Institute of Technology. "In the specified test environment a successful DNS attack without the NitroSecurity IPS in place took approximately four minutes to exploit. With the IPS in place the attack continued for more than 24 hours without a successful exploit." "The recent attention the DNS vulnerability has garnered is highly important since companies need to know it's out there and how they can protect against it. IPS solutions are widely deployed throughout the industry to combat many vulnerabilities," said Michael Leland, chief technology officer, NitroSecurity. "However, the DNS exploit requires more than just a signature-based IPS solution. Nitro's IPS is capable of rate/threshold-based signatures, blacklisting and stateful firewall functions - all components that, when used in conjunction, can dramatically improve the protection for DNS servers." The NitroSecurity IPS solution is currently available. A firmware upgrade is available for existing customers. For more information please contact NitroSecurity at (800) 795-4771 or visit nitrosecurity.com. NitroSecurity will be hosting a webinar to provide further details on the DNS exploit and available solutions on September 25, 2008 from 1 - 2 PM EDT. Click here to register. To download NitroSecurity's Whitepaper on the DNS exploit and available solutions go to nitrosecurity.com/media/whitepapers. You can also view CTO Michael Leland's recent DNS blog posting on the SIEMBlog at SIEMBlog.com http://eastbay.bizjournals.com/eastbay/othercities/philadelphia/stories/2008/09/15/smallb1.html?b=1221451200%5e1697273%26brthrs=1 2008-09-16T09:00 Tue, 16 Sep 2008 22:37:08 +0100 industry http://www.nitrosecurity.com/images/eastbaybusiness.gif This is a success story: A small-time entrepreneur who made good on a vision of rapid growth and a lucrative exit. The firm grossed $3.6 million last year, but even more important, bigger fish NitroSecurity bought RippleTech this summer ... http://www.daly.com/Events/MD_Blast.htm 2008-10-16T09:00 Fri, 16 Oct 2008 22:37:08 +0100 expired http://www.nitrosecurity.com/images/partner-logo-daly.gif NitroSecurity will be at the Fall Daly Show, at the BWI Airport Marriott, 1743 West Nursery Road, Baltimore, MD 21240, on Thursday October 16, 2008. http://www.daly.com/Events/VA_Blast_Two.htm 2008-09-12T09:00 Fri, 12 Sep 2008 22:37:08 +0100 expired http://www.nitrosecurity.com/images/partner-logo-daly.gif NitroSecurity will be at the Fall Daly Show, at the Crowne Plaza Richmond, 555 East Canal Street, Richmond, VA 23219, on Friday Sep 12, 2008. http://www.nitrosecurity.com/information/news/pr/2008/20080820.psp 2008-08-20T09:00 Wed, 20 Aug 2008 22:37:08 +0100 award NitroSecurity, Inc., a provider of high performance, unified information security solutions, today announced that it has been selected as one of the Inc. 5,000 fastest-growing companies in America. The official ranking of the Inc. 5,000 list will be made available today as well by Inc.com. A ceremony distinguishing all honorees will be held during the 27th Annual Inc. 500/5,000 Conference and Awards Ceremony, September 18-20, 2008 in Washington, D.C. "We are very pleased to receive such an honor from a publication like Inc.," said Ken Levine, CEO NitroSecurity. "We have grown our business more than 200 percent over the last year, which speaks to the innovative IT security products we deliver to a rapidly growing market. As enterprise security needs evolve, so does our business, and we look forward to continued success in the industry." NitroSecurity's list of accomplishments has grown enormously this year with the awarding of a $3 million contract by the U.S. Army NETCOM, launch of the NitroConnect Global Channel Partner Program and expansion of the NitroView ESM line, with the new "All-in-One" product delivering cost-effective Security Information Management. Most recently, the Company announced a $10 million round of funding and the acquisition of RippleTech, adding database monitoring and log management to the network security product suite. To qualify for the award, companies must be U.S.-based, privately held and independent, having been founded and generating revenue by 2003. Companies are ranked according to percentages of revenue growth from 2003 through 2006. http://www.nitrosecurity.com/information/news/pr/2008/20080813.psp 2008-08-13T09:00 Wed, 13 Aug 2008 22:37:08 +0100 NitroSecurity, Inc., a provider of high performance, unified information security solutions, today announced that it has secured $10 million in financing. The round was led by NewSpring Capital of Radnor, Penn. and Short Hills, NJ through NewSpring Ventures, its dedicated growth and expansion stage venture fund. The round included strong support from NitroSecurity's previous investors, First Analysis and Brookline Venture Partners. NitroSecurity will use the new monies to fund market expansion through sales, marketing and channel growth, as well as new product development. The growing landscape of security threats that pose risk to the enterprise are forcing companies to make smarter decisions regarding the solutions they implement. NitroSecurity offers a suite of unified information security solutions that supplants the need for disparate products and services from multiple vendors. The Company's award- winning product portfolio includes integrated solutions for Security Information and Event Management (SIEM), Log Management, Network Behavior and Anomaly Detection (NBAD), Database Activity Monitoring and Network Intrusion Prevention and Detection. "There is a big theme of unification that has been picking up steam in the security industry as companies are looking for ways to secure their networks with less equipment," said Glenn Rieger, general partner of NewSpring and member of NitroSecurity's board of directors. "NitroSecurity has had tremendous success addressing this theme and in generating momentum in the market. Strong partnerships, key strategic acquisitions, a growing roster of global customers and increased adoption in a variety of verticals such as higher education and the government sector, prove that the Company is poised for continued success." "This round of funding will allow us to continue to innovate our suite of IT security solutions to include next-generation SIEM functions like predictive event correlation and deeper event-to-flow forensics," said Ken Levine, chief executive officer, NitroSecurity. "In addition to further product development, we will also be expanding our global channel program to extend our reach into the mid-market." http://www.darkreading.com/document.asp?doc_id=158995%3FWT.svl=wire_1 2008-07-16T09:00 Wed, 16 Jul 2008 22:32:08 +0100 industry http://www.nitrosecurity.com/images/dark_reading.gif Dark Reading reports on RippleTech acquisition. http://www.unionleader.com/article.aspx?headline=Portsmouth%20firm%20growing%20at%20390%25%20a%20year%26articleId=6fb12f06-3f1f-4496-9832-d9b8c8f79178 2008-08-21T09:00 Tue, 21 Aug 2008 22:37:08 +0100 industry http://www.nitrosecurity.com/images/union_leader.gif NH Union Leader reports on NitroSecurity's rapid growth, momentum. http://www.masshightech.com/stories/2008/07/14/daily16-NitroSecurity-buys-info-security-company-RippleTech.html 2008-07-15T09:00 Tue, 15 Jul 2008 22:37:08 +0100 industry http://www.nitrosecurity.com/images/masshitech.gif Mass High Tech reports on RippleTech acquisition. http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1321492,00.html 2008-07-16T09:00 Wed, 16 Jul 2008 22:37:08 +0100 industry http://www.nitrosecurity.com/images/search_security.jpg Search Security on NitroSecurity's recent acquisition of RippleTech, and the impact of DAM, SIEM, and log management integration. http://www.nitrosecurity.com/information/news/pr/2008/20080715.psp 2008-07-15T09:00 Tue, 15 Jul 2008 22:37:08 +0100 http://www.nitrosecurity.com/images/ripple_nitro_pr.jpg Portsmouth NH, July 15 2008 - NitroSecurity, Inc., a provider of high performance, unified information security solutions, today announced that it has acquired RippleTech. The combination of NitroSecurity's award winning Security Information and Event Management (SIEM) and Intrusion Prevention System (IPS) solutions with RippleTech's Database Activity Monitoring and Log Management solutions, allows companies to better protect their critical data and infrastructure with one integrated solution. The addition of RippleTech's products allow NitroSecurity to deliver the industry's highest performance, fully integrated, SIEM and log management solution. Utilizing the company's patented NitroEDB data management technology enables support for large volume storage and analysis regarding logs and events. Additionally, integrating Database Activity Monitoring (DAM) to the collaborative product line provides enterprises with the functionality to mitigate risks resulting from database vulnerabilities and also addresses the dynamic compliance regulations businesses of all sizes are charged with meeting, such as PCI, SOX, GBLA and HIPAA. "The combination of SIEM and log management capabilities is an industry-changing offering that we are going to start to see more often," said Mike Montecillo, analyst, EMA. "The marriage of the technologies creates a better way for the enterprise to safeguard itself from threats that could compromise the network. In the security industry, we see the consolidation of products and solutions all the time. This is just another example of how the market is changing to provide end-users with better and smarter choices for their IT needs." "The acquisition of RippleTech allows us to answer a huge market need for an integrated, unified security solution from edge to core," said Ken Levine, chief executive officer, NitroSecurity. "NitroSecurity's product suite integrated with RippleTech's log management and database activity monitoring solutions, takes network visibility and protection to an entirely new level. The ability to provide deep network visibility and simultaneously monitor database activity, and meet compliance requirements, is a notable stride in the industry." With the onslaught of data breaches affecting the enterprise, there is an imminent and growing market demand for comprehensive network security and database monitoring solutions. According to a November 2007 Gartner, Inc. report titled DAM Technology Provides Monitoring and Analytics With Less Overhead, by Marc Nicolett and Jeffrey Wheatman, "Monitoring and analysis of critical data access is becoming a compliance standard of due care, and this capability is also required to detect databreaches in the event of a successful targeted attack." NitroGuard Database Monitor (formerly RippleTech Informant) is a database activity monitoring solution that provides comprehensive security for data-centric applications vulnerable to insider theft and application-layer attacks like SQL injection. NitroView LogCaster (formerly RippleTech LogCaster) is a fully-developed log management solution with universal collection capabilities that uniquely utilizes agent, agentless and network-based collection capabilities to deliver a more scalable log management platform. All RippleTech's employees have joined the NitroSecurity team and the combined product suite will be sold and supported by the joint sales and technical force. Both RippleTech products will be fully integrated into the NitroGuard and NitroView product families over the next 3-6 months. In addition to direct sales, all products will be offered through NitroSecurity's global channel. NitroSecurity will hold a webinar on Wednesday July 30 from 2:00 p.m. - 3:00 p.m. ET, to discuss the benefits of Unified Information Security with SIEM, DAM and Log Management. Please visit https://www1.gotomeeting.com/register/725420787 to register. 2006-06-3T09:00 Mon, 06 Jun 2006 22:37:08 +0100 award http://www.nitrosecurity.com/images/infosec_hot_company.gif http://www.nitrosecurity.com/media/casestudies/ESET_case_study_20080715.pdf 2008-07-15T09:00 Tue, 15 Jul 2008 22:37:08 +0100 casestudy http://www.nitrosecurity.com/images/eset.gif " ... NitroView provides one stop shopping. There's no need to go through ten consoles to perform daily operations, moving from server management to network management to security event management." http://www.niap-ccevs.org/cc%2Dscheme/st/?vid=10132 2007-08-5T09:00 Mon, 05 Aug 2007 22:37:08 +0100 award http://www.nitrosecurity.com/images/accolade_cc.gif NitroSecurity products earn Common Criterial certification. EAL3 certification validates solution http://www.gcn.com/print/26_20/44829-1.html 2007-08-3T09:00 Mon, 03 Aug 2007 22:37:08 +0100 award http://www.nitrosecurity.com/images/gcn_magazine.jpg NitroView ESM named Master of the Guards 2007-09-1T09:00 Mon, 01 Sep 2007 22:37:08 +0100 award http://www.nitrosecurity.com/images/infosec_finalist_logo_80x126.gif NitroView ESM selected as a finalist in SIEM by InfoSecurity readers. http://www.nitrosecurity.com/downloads/sc_nitroguard_review.pdf 2007-08-1T09:00 Mon, 01 Aug 2007 22:37:08 +0100 award http://www.nitrosecurity.com/images/sc_recommended_promo.jpg "...no [weaknesses] that we could find... a solid product with good integration into other NitroView products ...extensive analysis capability not normally found in an IPS" http://www.nitrosecurity.com/downloads/NitroView_First_Look.pdf 2007-02-1T09:00 Mon, 01 Feb 2007 22:37:08 +0100 award http://www.nitrosecurity.com/images/sc_lab_promo.jpg "...True network threat analysis goes beyond SIEM ...forget simple SIM/SEM products or traditional log correlators. NitroView blows them all away in three areas: comprehensive log management, response speed and analysis depth." http://www.nitrosecurity.com/downloads/perimeter_defense_innovator_IPS.pdf 2007-12-1T09:00 Mon, 01 Dec 2007 22:37:08 +0100 award http://www.nitrosecurity.com/images/sc_innovator_promo.jpg "... the IPS, ESM and the receiver all are evolving into a system that, because of its high performance pedigree, could do things no other system could." http://www.campustechnology.com/articles/60297_4/ 2008-04-1T09:00 Tue, 01 Apr 2008 22:37:08 +0100 industry http://www.nitrosecurity.com/images/campus_technology.jpg Joseph Clark, senior network engineer at the College of Charleston, discusses the difficulties in securing a campus network. http://www.channelinsider.com/c/a/News/NitroSecurity-Launches-Global-Partner-Program/ 2008-03-18T09:00 Tue, 18 Mar 2008 22:37:08 +0100 industry http://www.nitrosecurity.com/images/eweek_channel.jpg Channel Insider on NitroSecurity's new NitroConnect partner program. http://www.thetechherald.com/article.php/200819/890?page=1 2008-05-5T09:00 Mon, 05 May 2008 22:37:08 +0100 industry http://www.nitrosecurity.com/images/techherald.jpg A multi-vendor response to IBM's "7 dirty secrets" presentation at Interop. http://www.processor.com/editorial/article.asp?article=articles%2Fp3027%2F11p27%2F11p27%2Easp%26guid=7201F9ECA88C4CCDBBE427861BEDA81B%26searchtype=%26WordList=%26bJumpTo=True 2008-07-4T09:00 Fri, 04 Jul 2008 22:37:08 +0100 industry http://www.nitrosecurity.com/images/processor_mag.jpg Processor Magazine interviews NitroSecurity CTO Michael Leland about the technology behind real-time security information management http://www.washingtontechnology.com/online/1_1/31963-1.html 2007-12-12T09:00 Wed, 12 Dec 2007 22:37:08 +0100 industry http://www.nitrosecurity.com/images/washingtontech.jpg Washington Technology on NitroSecurity's award of a $3M army contract. http://www.networkworld.com/news/2007/062607-nitrosecurity-appliance.html 2007-06-26T09:00 Tue, 26 Jun 2007 22:37:08 +0100 industry http://www.nitrosecurity.com/images/network_world_logo.gif Network World on NitroView Enterprise Security Manager v7.2. http://scmagazine.com/us/news/article/656502/it-security-education-schools-around-country-find-right-technology-protect-networks 2007-05-9T09:00 Wed, 09 May 2007 22:37:08 +0100 industry http://www.nitrosecurity.com/images/sc_magazine.jpg IT security and education: Schools around the country find the right technology to protect networks. http://www.insurancetech.com/story/?articleID=196603996 2007-06-7T09:00 Wed, 07 Jun 2007 22:37:08 +0100 industry http://www.nitrosecurity.com/images/insurance_tech_logo.gif Irish insurer QUINN-direct brought its network into compliance with NitroSecurity's NitroGuard intrusion prevention system. https://www.blackhat.com/html/bh-usa-08/bh-us-08-main.html 2008-08-2T09:00 Sun, 02 Aug 2008 22:37:08 +0100 expired http://www.nitrosecurity.com/images/blackhat_promo.jpg NitroSecurity will be exhibiting at the Black Hat USA 2008 event in Las Vegas, Aug. 2 through 7 http://www.sans.org/sansfire08/ 2008-07-23T09:00 Wed, 23 Jul 2008 22:37:08 +0100 expired http://www.nitrosecurity.com/images/sans_promo.jpg NitroSecurity will be at SANSFire in Washington DC from July 23 through July 25. Visit us in Booth #303-305 and test your skills: find an incident, and earn a chance to win $300 in free gas. http://www.sans.org/info/30118/3c3aaa2d313cba8138183e0d1513d139 2008-09-28T09:00 Sun, 28 Sep 2008 22:37:08 +0100 expired http://www.nitrosecurity.com/images/sans_lv_promo.jpg Visit us at Sans Network Security 2008 in Las Vegas on September 28 through October 6 http://www.rsaconference.com/ 2009-04-20T09:00 Mon, 20 Apr 2009 22:37:08 +0100 expired http://www.nitrosecurity.com/images/rsa_promo.jpg Visit us at RSA Conference in San Francisco from April 20 through 24 http://www.nitrosecurity.com/information/news/pr/2008/20080318.psp 2008-03-18T09:00 Tue, 18 Mar 2008 22:37:08 +0100 http://www.nitrosecurity.com/images/nitroconnect_logo_177x50.jpg Portsmouth NH, March 18 2008 - NitroSecurity Inc., a provider of high performance, unified information security solutions, today launched its Global Channel Partner Program, NitroConnect. The program provides security centric resellers with training, tools and highly differentiated solutions to increase the value, and return, of their product and service offerings. NitroSecurity's integrated security solutions enables businesses of all sizes to lower their cost and increase the performance of IT security deployments and operations. The NitroConnect Partner Program allows resellers to pass these benefits on to customers through NitroSecurity's award winning products: NitroView Enterprise Security Manager (A Unified Security Management (USM) appliance that combines Log Management, Network Analysis, and Security Information and Event Management (SIEM) into a single solution) and NitroGuard Intrusion Prevention System. NitroConnect partners can differentiate themselves by delivering a fully unified security solution at a lower cost, thereby increasing their profit margins. Partners can join NitroConnect at three different levels: 1. Authorized Resellers: ability to offer pre/post sales and technical support 2. Solution Partners: ability to offer pre/post sales, technical support and professional services, including, install, training and consulting 3. Premier Solution Partners: ability to offer all capabilities of Solution Partners, plus capacity to handle high-volume sales. Many top tier companies are already part of NitroConnect, including ProActive Networks and Security, which offers a diverse mix of products and services to address various network security needs; and Telonic, a leading System Integrator in Germany. "NitroSecurity's channel partner program is not only comprehensive, but it also takes into account the true value added from the reseller/integrator," said David Sinnott, president, ProActive Networks and Security. "We had one telco customer that replaced Cisco MARS with NitroView, and was so impressed with the system's capability, pricing and accelerated delivery schedule that they immediately placed an order for additional NitroGuard IPS devices to enhance visibility into their internal networks." "NitroSecurity is an excellent complement to our range of security and measurement products," said Andreas Schlechter, managing director, Telonic. "With Nitro's suite of products, we can more effectively meet the requirements and demands of customers to collect, correlate and manage logs, events and alarms in real time." NitroConnect offers extensive training and tools to get partners up to speed and certified on the NitroSecurity suite of products. Full support from pre-sales assistance to professional services is available, and partners can utilize NitroConnect PartnerWeb for easy access to product, marketing, and operational resources. Partners also have the opportunity to participate in joint seminars and webinars to further increase visibility in the industry. Other program benefits include deal registration, market development funds, and assigned partner sales and technical managers for Premier Solution Partners. "Effective partner strategies are a crucial component for any technology company," said Ken Levine, chief executive officer, NitroSecurity. "NitroSecurity's product family helps partner companies diversify their offerings and meet the network security requirements today's enterprise demands. We already have a healthy roster of channel partners participating in NitroConnect and look forward to growing those numbers and forging additional mutually beneficial relationships with security-focused companies." NitroSecurity is currently seeking companies that are knowledgeable and experienced in the IT security market and can operate independently to join NitroConnect. Today, NitroConnect extends throughout the United States, Canada, Mexico and Europe, with plans to expand into Asia-Pac later this year. For more information on joining NitroConnect please go to http://nitrosecurity.com/partners/program/ or contact NitroSecurity at (603) 766-8160. http://www.nitrosecurity.com/information/news/pr/2008/20080228.psp 2008-02-28T09:00 Thu, 28 Feb 2008 22:37:08 +0100 http://www.nitrosecurity.com/images/telonic_logo_217x44.jpg Cologne February 28, 2008 - Telonic GmbH has announced today that they have reached a general agreement with NitroSecurity, Inc. of Portsmouth, New Hampshire, U.S.A. to market the NitroView Enterprise Security Manager and NitroGuard Intrusion Prevention System family of products throughout Germany. NitroSecurity develops high performance network security solutions which deliver the industry's first Unified Security Management (USM) platform. NitroView and NitroGuard solutions integrate log management, intrusion prevention, network behavior, anomaly detection and security information and event management into a seamless solution with industry leading performance and scalability. "We are very excited to be working with Telonic," said Ken Levine, chief executive officer of NitroSecurity. "Germany is a key market for NitroSecurity and we look forward to working closely with Telonic's management, sales and engineering team to ensure a successful, and long lasting, entry into the German IT infrastructure market." "NitroSecurity rounds off our product range of monitoring solutions ideally." supplemented Andreas Schlechter, managing director of Telonic. "The new requirements of customers to collect, correlate and to represent all logs, events and alarms in real time can be perfectly complied using NitroSecurity." http://www.nitrosecurity.com/information/news/pr/2008/20080213.psp 2008-02-13T09:00 Tue, 13 Feb 2008 22:37:08 +0100http://www.nitrosecurity.com/images/nitroview_logo_177x20.jpg Portsmouth, NH -- January 09, 2008 -- NitroSecurity, Inc., a provider of high performance, unified information security solutions, today announced the availability of a new All-in-One model in the NitroView Enterprise Security Manager (ESM) family. The new product provides Unified Security Management (USM) by incorporating the functionalities of Security Information and Event Management (SIEM), Log Management and Network Behavior and Anomaly Detection (NBAD) into a single, 5,000 event per second, 1U appliance. While all products in the NitroView ESM family deliver Unified Security Management, this newest addition allows businesses to purchase a single appliance, with no requirement for additional hardware or software probes or agents to provide data collection and normalization. With this new addition to the NitroView suite of products, NitroSecurity delivers holistic security management that enable businesses of all sizes to lower their cost of acquisition, deployment and operation. "As the security industry continues to evolve, we are seeing a great deal of convergence around features and capabilities," Eric Ogren, president of The Ogren Group. "IT organizations are looking to streamline processes by converging security functions with operations management. The ability to process extreme amounts of data in real-time, such as with security event management and network flow data, and the operational insight gained by deep packet inspection, enables IT to simplify delivery of a secure business infrastructure." In conjunction with the availability of the new All-in-One NitroView ESM, NitroSecurity is releasing a new version of software for all products in the NitroView ESM family that introduces more network and security functionality into its Unified Security Management offering, including: - Identity Correlation: user identity is acquired from WMI logs, Radius and , in the future, from Active Directory, and used with event and flow correlation to identify who is responsible for or affected by particular security or network events - Expanded Compliance Reporting: more than 80 additional pre-formatted compliance reports for PCI, SOX, GBLA, FISMA, HIPAA and many others. - Network and Event Analysis Topology (NEAT): at-a-glance topology viewing of overall network security health, showing event and flow information per device with visual indication for anomalous conditions. NitroSecurity is able to deliver this multifunctional solution using its patented technology - NitroEDB, a real-time relational data management engine. All NitroView ESM products utilize NitroEDB to combine the capabilities of a SIM, SEM, NBAD and Log Management into a single solution. "When purchasing security management solutions, many businesses today are forced to choose between critical security functions because they do not have the budget to support the full suite of security solutions they require," said Ken Levine, chief executive officer, NitroSecurity. "We are pleased to offer an answer to this problem with NitroSecurity's new NitroView ESM single-box appliance, Now, businesses of all sizes can save thousands of dollars and still obtain comprehensive network protection." Pricing and Availability The All-in-One model of NitroView ESM is currently available for $39,995 USD. For additional information including a Flash demonstration or to register for an individual Webinar of its next generation of network and security information management capabilities, please visit the NitroSecurity website at www.nitrosecurity.com http://www.nitrosecurity.com/information/news/pr/2008/20080109.psp 2008-01-09T09:00 Wed, 09 Jan 2008 22:37:08 +0100 http://www.nitrosecurity.com/images/innovator_promo.jpg Portsmouth, NH -- January 09, 2008 -- NitroSecurity, Inc. (nitrosecurity.com), a provider of solutions for the information security monitoring, analysis and protection of computer networks, today revealed that it has been named an "Industry Innovator" by SC Magazine. December was the unveiling of SC Magazine's "Year in Review", where editors and reviewers alike scour the IT industry to declare the year's leading products. As an "Industry Innovator", NitroSecurity goes above and beyond user needs with its Intrusion Prevention System (IPS) and Enterprise Security Manager (ESM) solutions. Highlighted in the article is NitroSecurity IPS' ability to process data at a fast enough rate to completely characterize events without dropping packets. In addition, reviewers gave a nod to Nitro's future vision -- scalability to larger enterprises, more resiliency, increased analysis capability, and further reduction of false positives, all in very large networks. "We are honored to receive such praise from SC Magazine, a highly respected industry publication," said Ken Levine, chief executive officer, NitroSecurity. "NitroSecurity is excited that its efforts to further develop and create the best solutions for network security are being recognized by such an esteemed reference. We will continue to provide organizations with advanced security solutions that protect networks from an increasing number of threats and attacks." http://www.nitrosecurity.com/information/news/pr/2007/20071211.psp 2007-12-11T09:00 Tue, 11 Dec 2007 22:37:08 +0100 http://www.nitrosecurity.com/images/netcom_promo.jpg Portsmouth, NH -- December 11, 2007 -- NitroSecurity, Inc. (nitrosecurity.com), a provider of hardware and software products for the information security monitoring, analysis and protection of computer networks, today announced that the NETCOM (Network Enterprise Technology Command/9th Signal Command) division of the United States Army signed a contract totaling $3,068,305 for NitroGuard IPS and NitroView ESM to help guard its network. The NitroSecurity solutions were selected as part of the effort to defend the Army's LandWarNet enterprise across the full spectrum of network-centric operations. NETCOM evaluated multiple IPS solutions that all underwent a rigorous test and evaluation process, and selected NitroGuard IPS and NitroView ESM based on performance, scalability and ability to meet the defined testing and acceptance criteria. NitroSecurity solutions possess all of the mandatory requirements set forth by NETCOM, including Internet Protocol Version 6 (IPv6) capability, superior technical and maintenance support, and in-depth training on the system. Additionally, NitroSecurity meets NETCOM's requirement for certification and accreditation. The Company recently achieved security certifications to Common Criteria Evaluation Assurance Level 3 certification (EAL 3) under the National Information Assurance Partnership (NIAP) for NitroGuard IPS as well as NitroView Enterprise Security Manager (ESM). NitroGuard IPS actively protects networks from an array of security attacks, including viruses, worms, spyware, Denial-of-Service (DoS) attacks and other forms of malware, by identifying and neutralizing threats in real-time. NitroView ESM's forensic security event monitoring, network behavior and anomaly analysis, and reporting capabilities works in conjunction with NitroGuard IPS to enable NETCOM to take a proactive stance in securing its network perimeter. "We worked extremely hard to meet the requirements necessary to reach Common Criteria Certification for our family of products in order to effectively service the government sector," said Ken Levine, chief executive officer, NitroSecurity. "NETCOM has a meticulous evaluation process when considering new vendors and we are proud to have succeeded in meeting their demands. We commend the measures NETCOM is taking to protect its network and look forward to a long relationship." http://www.nitrosecurity.com/information/news/pr/2007/20071009.psp 2007-10-09T09:00 Tue, 09 Oct 2007 22:37:08 +0100 Portsmouth, NH -- October 9, 2007 -- NitroSecurity today announced that SC Magazine's Frank Washkuch will moderate a webcast with its CTO Michael Leland and Forrester Research analyst Paul Stamp about expanding visibility in the IT infrastructure. During the webcast, attendees will learn how to: Increase infrastructure visibility while maintaining high levels of security; Apply new security solutions other than simple Security Information and Event Management (SIEM); Cope with increasing compliance requirements by means of key methodology and tools; and Deploy a Unified Security Management (USM) solution http://www.nitrosecurity.com/information/news/pr/2007/20070814.psp 2007-08-14T09:00 Tue, 14 Aug 2007 22:37:08 +0100 Portsmouth, NH -- August 14, 2007 -- NitroSecurity, Inc., a provider of hardware and software products for the security monitoring, analysis and protection of computer networks, announced today that, on August 10, 2007, it filed a registration statement with the U.S. Securities and Exchange Commission relating to the proposed initial public offering of units, each consisting of one share of its common stock and one redeemable warrant to purchase one share of its common stock. NitroSecurity intends to use the net proceeds from the offering for the expansion of its sales and marketing activities, research and technology development, the repayment of debt and other general corporate purposes. All shares in the offering will be sold by NitroSecurity. Upon effectiveness of the registration statement, the units are expected to trade on the NASDAQ Capital Market under the symbol NITRU. The common stock and the warrants included in the units will begin trading separately on the NASDAQ Capital Market on the 30th calendar day following the date of the prospectus included in the registration statement, or the first trading day thereafter if the 30th calendar day is a weekend or holiday, under the symbols NITR and NITRW, respectively. Once separate trading in the common stock and warrants begins, trading in the units will cease and the units will be de-listed. A registration statement relating to these securities has been filed with the Securities and Exchange Commission but has not yet become effective. These securities may not be sold, nor may offers to buy be accepted, prior to the time the registration statement becomes effective. This press release shall not constitute an offer to sell or a solicitation of an offer to buy, nor shall there be any sale of these securities in any state or jurisdiction in which such an offer, solicitation or sale would be unlawful prior to registration or qualification under the securities laws of any such state or jurisdiction. Paulson Investment Company, Inc. will act as the managing underwriter of the offering. A preliminary prospectus for the offering may be obtained, when available, from Paulson Investment Company, Inc., 810 S.W. Naito Parkway, Suite 200, Portland, Oregon 97204 (telephone number: 503-243-6035). NitroSecurity and the NitroSecurity logo are trademarks of NitroSecurity, Inc. in the United States and other countries. http://www.nitrosecurity.com/information/news/pr/2007/20070710.psp 2007-07-10T23:50 Tue, 10 Jul 2007 22:37:08 +0100 NitroSecurity, Inc., a provider of high-performance network security monitoring, analysis and protection solutions, today announced that two of its products, NitroView Enterprise Security Manager (ESM) and NitroGuard Intrusion Prevention System (IPS), have received security certifications to Common Criteria Evaluation Assurance Level 3 certification (EAL 3) under the National Information Assurance Partnership (NIAP). Common Criteria Certification has become increasingly important for reviewing various security products currently on the market. The evaluation is internationally recognized as a means to ensure a reliable and independent assessment of a technology product's security capabilities, and offers a level of confidence for security-conscious consumers. In some cases, it is a requirement for making security purchases, especially within the government sector. Common Criteria accreditation confirms that NitroView ESM and NitroGuard IPS adhere to required standards for federal government security products. Specifically, that the products' capabilities, development environment, documentation and product testing mechanisms meet or exceed the assurance levels defined by the international standards. "Completing Common Criteria testing is a very important corporate milestone," says Ken Levine, CEO, NitroSecurity. "We are committed to providing our customers with superior security solutions that have undergone rigorous independent evaluation. As NitroSecurity continues to expand its footprint within the government market, this evaluation is increasingly important to demonstrate the quality of our products." NitroView ESM provides security and network managers with Dynamic Security IntelligenceTM -the real-time correlation, analysis and reporting of the dynamic relationships between network flow, security event and log data through a fully interactive graphical interface. NitroGuard IPS is an intrusion prevention appliance that actively detects, analyzes and protects the network from an array of security attacks, including viruses, worms, spyware, Denial-of-Service (DoS) attacks and other forms of malware, as well as unknown or zero-day attacks. http://www.nitrosecurity.com/information/news/pr/2007/20070626.psp 2007-06-26T23:50 Tue, 26 Jun 2007 22:37:08 +0100 Portsmouth, NH -- June 26, 2007 -- NitroSecurity, Inc., a provider of high-performance network security monitoring, analysis and protection solutions, today announced a new release of its flagship product, NitroView Enterprise Security Manager (ESM) that delivers Dynamic Security Intelligence (DSI) -- the real-time correlation, analysis and visualization of the dynamic relationships between network flow, security event and log data through a fully interactive graphical interface. Increased regulatory compliance requirements, the rise in network attacks and the potential loss of customer and business sensitive data are the driving factors requiring enterprises to collect, store, process, analyze and report on ever-increasing volumes of information generated by the many network and security devices deployed throughout their infrastructure. Until now, the primary way to address these issues was to install multiple systems for enterprise security management, which often resulted in costly, ineffective and inefficient enterprise security management. NitroView ESM solves this difficult challenge of collecting, analyzing and reporting on vast amounts of network and security data and enables DSI using a powerful new development in its underlying relational data management technology. Utilizing an advanced method of data indexing to accelerate event and flow processing allows NitroView ESM to integrate Network Behavior and Anomaly Detection (NBAD), Security Event Management (SEM) and Log Management functionality in a single cost effective, appliance-based solution that provides situational and historical context to network and security data. "SIM tools let security teams get an enterprise view," wrote Paul Stamp, principal analyst, Forrester Research, in "The Forrester Wave Report, Enterprise Security Information Management, Q4 2006," December 2006. "Security people thrive on information. But more complex security infrastructure means that security teams have reams of data to plow through to get to the nuggets of information that they need, whether that be information to identify a threat, investigate an incident, respond to an audit request, or to just demonstrate to management that they're doing a good job." New enhancements to this release of NitroView ESM include, additional data feeds from third parties, such as IDS, IPS, firewall, router and host devices. Also included is a new host log management capability for Windows Management Instrumentation (WMI), expanding the breadth of the data that is integrated, correlated and managed. NitroView ESM also features a new asset classification and severity reporting function that identifies events that are more relevant to business and security operations. "Organizations today are struggling to keep pace with the massive amount of data that is generated by network and security devices. Managing this information usually requires several solutions, making it a very costly and complex undertaking," said Ken Levine, Chief Executive Officer, NitroSecurity. "This release of NitroView ESM with Dynamic Security Intelligence simplifies that endeavor by providing a single, scalable solution that correlates and presents visually, real-time flow and event data with months of log data." The latest release of NitroView ESM is currently available. For additional information including a Flash demonstration or to register for an individual Webinar of its next generation of network and security information management capabilities, please visit the NitroSecurity website at www.nitrosecurity.com. http://www.nitrosecurity.com/information/news/pr/2007/20070515.psp 2007-05-15T23:50 Tue, 15 May 2007 22:37:08 +0100 Portsmouth, NH -- May 15, 2007 -- NitroSecurity Inc., a provider of high-performance network security monitoring, analysis and protection solutions, today announced that the College of Charleston is currently utilizing NitroSecurity's NitroGuard Intrusion Prevention System (IPS) and NitroView Enterprise Security Manager (ESM) solutions to secure its campus network. The College of Charleston cited effectiveness, speed and the reporting capability of the solutions as definitive reasons why NitroSecurity stood out from the competition. "When we saw NitroGuard IPS and NitroView ESM in action, we were blown away by the real-time inspection and querying engine, as well as the speed and reporting capabilities that NitroSecurity provides." The College implemented NitroGuard IPS to detect, analyze, and protect its network from an array of security attacks, and NitroView ESM to provide security event and log management capabilities, including detailed reporting and analysis of and correlation between network anomalies, network flows, and security events. Initially, the College of Charleston was solely interested in the NitroGuard IPS offering; however, upon seeing the outstanding performance and scalability capabilities of NitroView ESM's real-time inspection and querying engine, the College deployed both security measures to protect its network from potential threats. Upon installation of the NitroView ESM and NitroGuard IPS appliances, the institution experienced immediate results and witnessed a dramatic improvement in the overall posture of its network security. The solutions provide for real-time and forensic security event monitoring, network behavior analysis, and integrated intrusion detection and prevention that enable the College to take a proactive stance in securing its network perimeter. "The protection of personal data is of utmost importance today, especially in higher education with most college networks housing personal student and faculty information," said Joseph Clark, Senior Network Engineer, College of Charleston. "With so many users logging on to the network from computer labs, classrooms, faculty offices and dorm rooms, the potential for attacks increases. When we saw NitroGuard IPS and NitroView ESM in action, we were blown away by the real-time inspection and querying engine, as well as the speed and reporting capabilities that NitroSecurity provides. Immediately the solutions allowed us increased visibility into the operation and security of the network, and offered us more protection overall." NitroView ESM delivers real-time analysis, correlation and reporting for both streaming live and forensic network + security data for 3 critical functions of SIEM market: Log Management, Security Event Management and Network Behavior Analysis. NitroGuard IPS, a high-performance network intrusion detection and prevention appliance, is fully integrated with NitroView ESM to deliver a powerful and cost-effective combination of intrusion detection/prevention as well as network flow detection and analysis, which increases overall system performance while reducing network latency and overall acquisition and deployment costs. http://www.nitrosecurity.com/information/news/pr/2007/20070423.psp 2007-04-23T23:50 Mon, 23 Apr 2007 22:37:08 +0100 Portsmouth, NH -- April 23, 2007 -- NitroSecurity, Inc., a provider of high-performance network security monitoring, analysis and protection solutions, today announced that it has entered into four new partnerships in the government sector. The company has increased its focus on government channels with the recent availability of NitroView Enterprise Security Manager - a network and security information management appliance that delivers IT managers critical network and security information in real-time. Information technology solutions providers, Namtek Corporation, Dynanet Corporation, and GTSI, as well as consulting partner Deep Water Point have joined NitroSecurity's government channel program to promote NitroSecurity's integrated NitroView and NitroGuard network and security solutions within the government market. NitroSecurity's latest addition to its product suite, NitroView Enterprise Security Manager (ESM) is a Network + Security Information Management solution that integrates network flow data with security event data within the same high-performance database engine. This appliance enables enterprises to combine the needs of real-time security event management with forensic log analysis into one scalable solution. Furthermore, it supports organizations as they strive to maintain compliance with government mandates, such as FISMA and DCID 6 3, which require companies to store as much as five years of data on their systems. "Today, companies are tasked with meeting a number of compliance regulations," said John Cummings, Vice President of Federal Sales, NitroSecurity. "Our comprehensive security solutions are able to meet companies' security needs, while providing the data storage requirements necessary to meet government regulations. Our products are able to correlate and aggregate massive volumes of data and provide security analysts and network managers with a real-time view of the network." NitroSecurity's latest partnerships include: Deep Water Point, a consulting company composed of retired high-ranking federal officials and former senior IT industry executives. The Company specializes in business development, strategic planning, and new business ventures predominantly within the government sector. "One of the most impressive features of NitroSecurity's product, NitroView is its ability to provide a real-time graphic display of issues that may be affecting the network, or security events that could have a negative impact on the infrastructure," said John Przysucha, Principal, Deep Water Point. "The industry we serve is extremely competitive, so it is important that we promote products that stand out among the rest. NitroSecurity's products are innovative and provide its customers with one of the best technologies available in security today." GTSI, a technology integrator dedicated to providing information security solutions and services to federal, state and local governments in the public sector. GTSI designs, deploys and supports proven products and technologies from industry innovators, leading to affordable, scalable and highly reliable solutions that can be deployed across every size organization. "As a leading technology integrator to the government, we keep an eye on emerging technologies and thought leaders in the security domain," said David Peirce, Security and Information Assurance Director, GTSI. "We work with a wide range of technology vendors and partners on a daily basis, which positions us with an advantageous view of the market. We hear from our customers first hand, what is working, what is not and what are the critical requirements we need to address. We've partnered with NitroSecurity because of the major value its solution offers and our customers' demand." Dynanet Corporation provides Federal, State and commercial clients with IT solutions and services. Its senior management team has extensive experience in the application of technology. This diverse expertise enables them to meet the varying needs of government customers and create best-of-breed solutions tailored to each client's requirements and resources. "We partnered with NitroSecurity because its solutions offer a robust technology we can use to expand capabilities with our current government clients," said Bill Gillan Chief Financial Officer, Dynanet Corporation. "We are working in an environment where security is of utmost importance. We need to have complete confidence in the technology we are recommending and installing throughout the agencies we serve. NitroSecurity provides an increased level of security within the network infrastructure right out of the box, and it complements any network firewall or system already in place." Namtek Corporation, an information technology solutions provider, is focused on partnering with technology manufacturers to provide best-of breed technology solutions meeting the federal government's requirements. "The functionality and scalability of NitroSecurity's products are truly impressive," said Keith Turgeon, President, Namtek. "Because NitroSecurity offers true security management capabilities, such as the ability to prioritize the most critical threats facing a network, IT managers and analysts are able to focus on the most pressing security issues. We are so confident in NitroSecurity's solutions that we are planning to introduce its offerings to the information assurance community." http://www.nitrosecurity.com/information/news/pr/2007/20070129.psp 2007-01-29T23:50 Mon, 29 Jan 2007 22:37:08 +0100 Portsmouth, NH -- January 29, 2007 -- NitroSecurity, a leading provider of high-performance network security monitoring, analysis and protection solutions, today announced the general availability of its next generation NitroView Enterprise Security Manager (ESM) with Integrated Network and Security (INS) architecture - based on the Company's patented NitroEDB relational database technology. The Company will be giving live demonstrations of NitroView ESM's 100x performance advantage at the upcoming RSA Conference in San Francisco (booth 451), February 5th-9th. NitroView ESM is an appliance-based solution offering centralized network and security information management capable of true relational "deep packet" aggregation and correlation of millions of network flows and security events in real-time. This enables enterprises, for the first time, to combine the needs of real-time security event management with forensic log analysis into one ultra high-performance, massively scalable solution at a cost point below that of individual stand alone solutions. The latest version of NitroView ESM collects logs, events and flow information from a wide variety of network and security solutions, including: NetFlow, sFlow, firewalls and IDS/IPSs, allowing enterprises to easily integrate NitroView ESM into an existing security infrastructure. Exponential market growth further validates the need for a high speed and patented database delivering both real-time and forensic visibility into network and security posture. According to Forrester Research Analyst Natalie Lambert in her December 2006 report, The State of Security in SMB's and Enterprises, "Of the five technologies Forrester asked about, NAC and SIM were the most widely deployed technologies by enterprises. 59 percent of enterprises plan on investing in Security Information Management by mid-2007 alone." The first release of NitroView ESM in June 2006 accepted event and flow information from NitroSecurity IPSs and has led to a company sales increase of 300 percent throughout the year. Further contributing to the Company's momentum, recent customer and channel partner wins include: The U.S. Army's 101st Airborne Division, QUINN-direct Insurance, Department of Justice, Department of Energy, Talisman and the Company's reseller and system integrator, Khipu Networks. "NitroView ESM is a high-performance alternative to the deployment of complex and costly enterprise security information management solutions," said Andrew Brimson, Director Khipu Networks Limited. "The ultra-high performance Integrated Network and Security Architecture of NitroView is a real differentiator that provides our customers with an in-depth network security view of their infrastructure and systems - at a considerable lower cost of ownership." "NitroView ESM addresses the needs of mid- and large-size enterprises by providing an integrated, high performance, and more scalable network and security management solution than any other on the market," said Ken Levine, Chief Executive Officer of NitroSecurity. "With NitroView ESM, enterprises that have been unable to justify comprehensive security information management solutions due to cost and complexity can now benefit from this single-point solution." NitroView ESM is currently available. For additional information about NitroView ESM, including a Flash demonstration or to register for an individual webinar of its next generation of security information management capabilities please visit the NitroSecurity website at www.nitrosecurity.com. http://www.nitrosecurity.com/information/news/pr/2006/20061114.psp 2006-11-14T23:50 Tue, 14 Nov 2006 22:37:08 +0100 nitroedb Portsmouth, NH -- November 14, 2006 -- MySQL AB, developer of the world's most popular open source database, and NitroSecurity, a provider of high performance and scalable enterprise security solutions, today announced they have signed a strategic agreement to jointly develop and market a database engine for MySQL based on NitroSecurity's NitroEDB extreme performance relational database technology. NitroSecurity originally developed its database technology to address the growing demand for real-time analysis within the network security event management market. Utilizing unique indexing techniques, data management methods and query processing algorithms, the technology enables "multiple order of magnitude" increases in relational data management and query performance with multi-billion record volumes - running on commodity hardware. The technology is currently deployed in NitroView Enterprise Security Manager, the industry's highest performance network security monitoring and analysis solution. "NitroSecurity's proven experience delivering their database technology to the IT security market gives us a premier new database engine partner with unique capabilities," said Marten Mickos, CEO of MySQL AB. "Together, we look forward to extending MySQL's enterprise reach by delivering a new high-performance database solution that can handle very large amounts of data." MySQL AB is the developer of the MySQL database server, one of the most popular and fastest-growing products of its kind. Forrester Research recently estimated the overall enterprise database market to be greater than $10 billion annually. In April, the company launched its MySQL Certified Storage Engine Program - a way for third-party ISVs and open source community developers to produce high-quality database engines for the millions of MySQL database users worldwide. More information on the program is available at http://solutions.mysql.com/engines.html. "A perfect data storm is brewing formed by the tidal wave of data generated by today's applications combined with the demand for real-time analysis and reporting of information derived from this data," says Ken Levine, CEO of NitroSecurity. "The integration of NitroSecurity's high performance storage engine with MySQL's industry leading database server will enable end-users to address this phenomenon without a linear increase in hardware investment." Under the terms of the agreement, MySQL will integrate NitroSecurity's NitroEDB database storage engine with MySQL's database server. The resulting solution will be compatible with applications utilizing MySQL's current release of its database server and will be marketed by both companies. About MySQL MySQL AB develops and supports a family of high-performance, affordable database products. The company's flagship offering is 'MySQL Enterprise', a comprehensive set of production-tested software, proactive monitoring tools, and premium support services. MySQL is the world's most popular open source database software, with over 10 million active installations. Many of the world's largest and fastest-growing organizations use MySQL to save time and money powering their high-volume Web sites, business-critical systems and packaged software -- including industry leaders such as Yahoo!, Alcatel, The Associated Press, Suzuki and NASA. With headquarters in the United States and Sweden -- and operations around the world -- MySQL AB supports both open source values and corporate customers' needs in a profitable, sustainable business. For more information about MySQL, please visit www.mysql.com http://www.nitrosecurity.com/information/news/pr/2006/20060918.psp 2006-09-18T23:50 Mon, 18 Sep 2006 22:37:08 +0100 Portsmouth, NH --September 18, 2006 -- NitroSecurity, a provider of high performance and scalable enterprise security solutions, today announced that Berry College in Georgia and the Eunice campus of Louisiana State University (LSU), are currently utilizing NitroView Enterprise Security Manager (ESM) and NitroGuard IPS solutions to shield their campus networks from attacks which could put their infrastructures at risk. Both colleges, faced with the unique dynamic of having thousands of students sharing a common infrastructure, cited effectiveness, speed and technical support as clear reasons why NitroSecurity stood out against the competition. Upon installation of the NitroView and NitroGuard appliances, both institutions experienced immediate results and witnessed a dramatic improvement in the overall performance of their networks, increased bandwidth and fewer threats hitting the infrastructure. The protection of personal information is paramount to the higher education market with most college networks housing sensitive research and personal student and faculty information. With thousands of users logging on to the network from computer labs, classrooms, faculty offices and dorm rooms, the potential for threats and attacks that could plague these systems increases. Berry College and LSU at Eunice were relying on tools such as firewalls, spyware and spam filters to block potentially harmful traffic from entering the system. The IT departments at both institutions realized the need for a more robust tool that could provide deeper visibility and more protection overall, which led to the search for an advanced security solution. William Souder, Director of Network Operations and Information Security Officer, Berry College, was searching for a solution that could capture more of the attacks that typically would not be caught by a firewall, and to control applications and/or traffic that could potentially expose the college legally. His main goal in implementing the NitroView ESM and NitroGuard IPS was to protect the students and faculty/staff from each other and to protect the entire network from potential outbreaks. Souder cited robust functionality, scalability, speed and technical support as the main drivers in selecting NitroSecurity as a vendor. After the first two hours of Berry's NitroSecurity implementation, more than three million sessions/attacks were caught by the IPS, at which point the administration realized that file-sharing among students was causing decreased network bandwidth and exposing the infrastructure. "Last year during our registration process alone we had between 10 and 20 virus outbreaks," said Souder. "This year, as a result of our NitroSecurity implementation, we have not had a single one and we virtually eliminated illegal file-sharing." Fred Fruge from the IT Group at LSU's Eunice campus faced a similar situation. He was looking for a solution that was proactive rather than reactive. Fruge finds that this product allows the IT group to concentrate more resources on delivering services rather than defending the infrastructure. Aside from the speed and ease-of-use, NitroSecurity's flexibility distinguished it from the competition. "Nitro allows you to create your own rules and tailor the appliances to your network needs," said Fruge. "This type of flexibility was a huge selling point and immediately moved Nitro to the top of my list." NitroGuard IPS and NitroView ESM actively protects the networks at Berry College and LSU at Eunice by collecting, correlating and analyzing data in real-time. NitroSecurity solutions allow the schools to effectively block harmful traffic and provide the extra layer of protection necessary to shield personal and important data. The forensic security event monitoring, network behavior and anomaly analysis, and reporting capabilities of NitroSecurity solutions enable the schools to take a proactive stance in securing their network perimeters. "We realize the amount of critical and sensitive information and traffic that resides on the networks of higher education institutions, and that it is at risk of threats from multiple sources," said Ken Levine, Chief Executive Officer, NitroSecurity. "We are proud that Berry College and LSU at Eunice selected our products to protect their networks, and are satisfied with the results." http://www.nitrosecurity.com/information/news/pr/2006/20060731.psp 2006-07-31T23:50 Tue, 31 Jul 2007 22:37:08 +0100 Portsmouth, NH -- July 31, 2006 -- NitroSecurity, a provider of high performance and scalable enterprise security solutions, today announced that QUINN-direct, the only wholly Irish-owned insurance company, is currently leveraging its NitroView Enterprise Security Manager (ESM) and its NitroGuard IPS solutions to effectively protect the company's network from threats and attacks which could compromise the integrity of its infrastructure. Since the implementation of NitroSecurity's solutions, QUINN-direct is experiencing recognizable improvements in its overall security infrastructure, and a notable decrease in undesirable traffic before it has a chance to affect the network. In addition, QUINN-direct has significantly decreased the workload of its IT department in regard to responding to security events, allowing it to focus on other network related tasks. Safeguarding sensitive information is paramount to any company involved in the financial services market. Personal information available on a company's network needs to be sufficient enough to allow customers to access their accounts in a timely and accurate manner, and at the same time remain minimalistic enough in nature to retain some anonymity and prevent being compromised. The industry challenge is maintaining that balance between security and business processes. With more than 250,000 individual policyholders logging onto its network and providing and accessing sensitive information, data integrity is a key priority for QUINN-direct. Previously, QUINN-direct relied solely on standard firewall control and file routing, with all network security measures based on IP addresses and ports. Extensive research by QUINN in the intrusion prevention and security event management space began with the evaluation of more than 25 vendors. After rigorous testing - with all of the appliances seeing the same traffic and a full rule set in effect - NitroSecurity was the only vendor whose solutions did not drop a single packet, which resulted in QUINN-direct selecting the Company's solutions without hesitation The high-speed security event aggregation and correlation capabilities of NitroView ESM served as the final deciding factor. "When I joined QUINN-direct, my first priority was to secure the perimeter and ensure that QUINN had deeper protection across its infrastructure," said Paul Randle, CISSP, Networks Security Analyst, for QUINN-direct. "All of the appliances underwent the same testing regimen, including exposure to 54 million events over 10 days, during which we took system snapshots to evaluate how each device was performing," said Randle. "Not only was Nitro the only vendor whose solutions did not drop a single packet, but the sheer speed at which its solutions operated was as close to real-time as possible. We knew our choice was clear, and recent results prove we made the right choice in selecting Nitro." With the NitroGuard IPS in place, QUINN-direct has noticed a tremendous load taken off the firewalls and routers, enabling them to work more effectively. The change in the networking gear is allowing for higher performance of its main functions since the firewalls and routers are dealing with a reduced load percentage, which translates into better network performance. NitroGuard IPS and NitroView ESM actively detects, analyzes and shields QUINN-direct's network against potential threats. NitroSecurity solutions enable the Company to remain proactive with real-time and forensic security event monitoring, network behavior and anomaly analysis and reporting capabilities. The solutions also satisfy both security and regulatory compliance requirements set forth for small, medium or large enterprises. QUINN-direct's NitroView ESM and NitroGuard IPS were delivered through NitroSecurity's exclusive value added partner, Khipu Networks. The Hampshire-based company is an advanced systems integrator, focusing on designing, supplying and supporting innovative secure compliant infrastructure solutions across the public and private sector. "We understand the importance of QUINN-direct being able to protect the highly confidential and sensitive information of its policyholders housed on its network," said Frank Hayes, Vice President of Marketing, NitroSecurity. "We are thrilled that our NitroGuard IPS meets the high standards at which the Company operates and proud that they have chosen our solution to shield their network." http://www.nitrosecurity.com/information/news/pr/2006/20060710.psp 2006-07-10T23:50 Tue, 10 Jul 2007 22:37:08 +0100 Portsmouth, N.H.-- July 10, 2006 -- NitroSecurity, a leading provider of highly scalable enterprise security solutions, today announced that Nova Southeastern University (NSU), the largest independent, not-for-profit institution of higher education in the southeastern United States, has selected NitroSecurity's NitroView enterprise security manager and NitroGuard intrusion prevention systems (IPS) to help protect its academic network. NSU has long maintained a goal of providing the most open and secure academic network possible to foster a continuous and collaborative exchange of ideas and information throughout its campuses and student education centers. Today's increasing security and bandwidth risks, such as the Blaster and Sasser viruses, along with peer-to-peer networking and other malicious activities, can have crippling effects on a network and core systems for institutions like NSU. "NSU is taking the step of deploying next-generation intrusion prevention and behavior analysis systems to ensure a high level of network availability is maintained for students, faculty and guests who rely on our infrastructure," said Jimmy Norton, manager of network operations at NSU. "We chose NitroSecurity's NitroView and NitroGuard IPS because of the powerful flow monitoring and connection tracking features - which other solutions do not offer - that allow us to proactively track flow activity down to the user IP address." NitroSecurity provides the industry's most robust and scalable enterprise security solutions that provide intrusion prevention, network flow and anomaly analysis and security event management that proactively and rapidly aggregate, correlate, and automatically respond to threats in real-time for cost-effective, 360 degree protection - from the network perimeter to the individual desktop LAN connection. NitroSecurity's enterprise-class security solutions meet both the security and regulatory compliance requirements of small, medium and large enterprise customers. "We are extremely pleased to be working with an academic leader like NSU," said Frank Hayes, vice president of marketing for NitroSecurity. "The university is truly at the forefront of utilizing technology to protect its network against internal and external attacks, ensure the availability, confidentiality, and integrity of information - and in doing so, enhance the academic environment for its users." About NSU Nova Southeastern University, with its main campus in Fort Lauderdale-Davie, Florida, and student educational centers in Tampa, Orlando, Miami, West Palm Beach, and Jacksonville, Florida, and Las Vegas, Nevada, is the largest independent, not-for-profit institution of higher education in the Southeast, and the 7th largest nationally. It awards bachelor's, master's, educational specialist, doctoral, and first-professional degrees in a wide range of fields, including business, psychology, counseling, computer and information sciences, education, medicine, dentistry, pharmacy, optometry, nursing, law, marine sciences, and other social sciences. For more information: www.nova.edu http://www.nitrosecurity.com/information/news/pr/2006/20060619.psp 2006-06-19T23:50 Mon, 19 Jun 2006 22:37:08 +0100 Portsmouth, N.H. -- June 19, 2006 -- NitroSecurity, a provider of high performance and scalable enterprise security solutions, today announced that Casey's General Stores, Inc. (Nasdaq: CASY) is currently leveraging its NitroGuard IPS and NitroView Enterprise Security Manager (ESM) solutions to successfully secure its infrastructure and safeguard its business from the increasing threat of network security attacks. With NitroSecurity, the company is also satisfying several of the mandates required for the Payment Card Industry (PCI) Data Security Standard - the card industry's single approach to safeguarding sensitive data for all major credit card brands. As a result, Casey's is able to maintain operations with consistent application performance and availability, and reduce the expense of time and resources spent on network downtime as a result of security breaches - while addressing several of the dozen PCI compliance mandates. Securing the infrastructure has become a more critical part of any networked system, as billions of dollars in damages to organizations occur annually through security breaches on networks already protected by firewalls, anti-virus systems, and intrusion detection services. These breaches are perpetrated by sophisticated cyber-criminals to whom conventional network security devices present no effective protection, with crimes ranging from simple user abuse and harassment to the destruction of a corporation's business data, intellectual property, and brand identity. In 2006, several incidents of identity fraud and loss of sensitive customer data have taken place at major retailers, highlighting the continued growth of security attacks - and at the same time - the obligation of each corporation to protect consumer information. Headquartered in Ankeny, Iowa, Casey's (#696 on the Fortune 1000), which owns and operates nearly 1,400 convenience stores in nine Midwestern states, sought a solution to enhance its existing security infrastructure and provide instantaneous response to protect critical on-line assets from both external and internal cyber exploits. After careful evaluation of several leading products - including those available from Cisco and McAfee - Casey's chose NitroSecurity solutions. "NitroSecurity's packet analysis, monitoring and reporting is hands-down the best in the industry," said Dan Greenley, Information Systems, Casey's General Stores, Inc. "NitroView and NitroGuard have enabled us to account for every packet entering our internal network from an untrusted network - a must for today's networks." Utilizing a sophisticated, high-performance aggregation and correlation engine, NitroGuard IPS and NitroView ESM actively detects, analyzes and protects Casey's infrastructure against the threat of network security attacks. Combined, NitroGuard and NitroView use a blend of signature, advanced anomaly detection and high performance security event management and reporting to identify security threats from viruses, worms, Denial-of-Service (DoS) attacks, spyware, and other forms of malware within the network, as well as isolate anomalous network activity before problems can occur. As a merchant that processes more than six million Visa transactions per year, Casey's is also charged with meeting the Level 1 security standard of PCI compliance. The program is required of all merchants and service providers that store, process, or transmit Visa, Mastercard, AMEX and Discover cardholder data - and applies to all payment channels including retail (brick-and-mortar), mail/telephone order, and e-commerce. To maintain compliance, Casey's must ensure that its data is secure, reported on in great detail, and meet more stringent 'real-time' requirements. "NitroSecurity solutions have proven to be invaluable for satisfying several of the Payment Card Industry (PCI) Data Security Standards. Its unbelievably fast query of massive amounts of data greatly simplifies the packet analysis process and easily generates user-friendly reports for management review," added Greenley. "It is extremely encouraging that Casey's General Stores is experiencing tremendous success with NitroSecurity solutions, especially considering today's dual-challenges of sophisticated network attacks and the stringent mandate of PCI compliance," said Frank Hayes, Vice President of Marketing, NitroSecurity. "With the most effective and affordable network intrusion prevention and enterprise security management solutions available today, NitroSecurity has shown again that it is ideally suited for protecting environments which require real-time data security and fast reaction to the multitude of threats facing today's corporate networks." http://www.nitrosecurity.com/information/news/pr/2006/20060605.psp 2006-06-05T23:50 Mon, 05 Jun 2006 22:37:08 +0100 Portmouth, N.H. -- June 5, 2006 -- NitroSecurity, a provider of high performance and scalable enterprise security solutions, today announced availability of NitroView Enterprise Security Manager (ESM). NitroView ESM meets the demands of enterprise and federal customers by providing real-time and forensic flow monitoring capabilities along with deep security event and network anomaly analysis and reporting capabilities to deliver the industry's most in-depth network security protection. With wide availability of NitroView ESM, customers can now take advantage of a cost effective, completely integrated security solution that fills a major visibility void that exists between intrusion preventions systems, network behavior analysis solutions and security event managers. As securing the infrastructure becomes a more critical part of any networked system, gaining greater visibility into network usage and applications is an operational imperative. However, with the onslaught of additional layers of protection and ongoing development of multiple security networks solutions, there becomes an overburden of informational logs that can leave even the most experienced IT and network managers lost. According to Forrester Research Senior Analyst Paul Stamp in his November 2005 report, "Securing The Network From The Inside Out, "As any security pro will tell you, the network perimeter is getting harder and harder to define, let alone defend. Moreover, those who have authorized access to internal resources are often far more dangerous than those who need to breach a perimeter firewall to get inside the network." As such, establishing the source of attacks is as important as thwarting the attack itself. NitroSecurity addresses this fundamental issue of obtaining a coalesced view of network security and flows. NitroView ESM provides a way for administrators to cut through the clutter of data inherent in today's multi-layered network architecture and identify events within the flow before they become true threats. NitroView Enterprise Security Manager provides deep visibility into network security and operation by accepting security events and network flow information from NitroSecurity's NitroGuard IPS as well as NetFlow, SFlow, third party IDS/IPS, firewalls, syslogs, routers and switches, and provides for the analysis of and correlation between network anomalies, network flows and security events. Acting as a centralized security management system by gathering all flow and connection information, NitroView ESM delivers detailed analytic and forensic analysis to IT and network managers. Customers Meet Compliance Mandates with Deep Visibility "NitroSecurity's packet analysis, monitoring and reporting is hands-down the best in the industry," said Dan Greenley, Information Systems, of Casey's General Stores, Inc. (#696 on the Fortune 1000), which operates more than 1,350 convenience stores throughout the Midwest. "NitroView's unbelievably fast query of massive amounts of data greatly simplifies the packet analysis process and easily generates user-friendly reports for management review. NitroSecurity solutions have proven to be invaluable for satisfying several of the Payment Card Industry (PCI) Data Security Standards." NitroView ESM is highly effective as a deep protection tool because it is supported by several features including flow monitoring, which provides administrators a better understanding of anomalous network events by monitoring inbound and outbound communications between devices. Additionally, NitroView ESM provides administrators advanced IPS policy management features including hierarchical policy and inheritance, the ability to undo policy changes, capability for quick restoration of prior rule sets to the IPS device, multi-user access to policies, import and export of policies, and scheduled policy deployment. NitroView ESM's strength as a deep analysis tool is further bolstered with an advanced reporting feature set including the ability to export reports in multiple formats, including PDF, HTML, and text, and the powerful ability to correlate security alerts against flow data. "Until recently, it has been a costly and complex proposition for organizations of all sizes to aggregate and correlate network flow and security event data - foremost of which include database complexity, performance and associated costs," said Frank Hayes, VP of Marketing, NitroSecurity. "This complexity has created a disparate blend of products to integrate, requiring extra personnel, and in many cases, third party database clusters and database licensing expenditures. Now, at a fraction of the cost of other options, NitroView ESM can address many of the security event management, anomaly detection, flow analysis and reporting needs of organizations while providing a comprehensive intrusion prevention solution." Availability: - NitroView Enterprise Security Manager (ESM) is generally available today with flow, event and anomaly correlation inputs from NitroGuard IPS. - Third-party correlation inputs will be available in Q4 2006