TruSecure, a managed security services company, has announced an enterprise security management application called Risk Commander.
The announcement is part of a larger programme by TruSecure to repackage its network security and application vulnerability expertise in the form of software, said TruSecure chief executive officer John Becker.
Risk Commander is a risk management tool that pulls together and analyses data from other security products such as network scanning applications, firewalls and network management products. This saves network administrators from having to work with dozens of separate security products and lets them spot relationships between disconnected security events on their network.
The product is built on a rules engine and back-end database purchased from Cogentric, a startup company TruSecure acquired in July. TruSecure has added application security intelligence and analytic capabilities derived from its ICSA Labs division, which performs application vulnerability testing.
Risk Commander can read security data output by third-party security and network management products in XML format, enabling it to provide a comprehensive picture of an organisation's network security infrastructure.
Corporate executives get a security management "dashboard" of tools, such as a policy compliance feature which analyses security data against established security policies or regulatory requirements.
A vulnerability analysis and reconciliation feature analyses vulnerabilities in the context of a company's business operations, enabling managers to prioritise patching and other remediation.
Risk Commander also has trend analysis features that help executives grasp their company's exposure to risk and progress toward improving security.
Executives access the features through a split user interface which provides different "snapshots" of a company's security posture, said Bob Flinton, director of product marketing at TruSecure.
The enterprise software application is the first member of a product family that TruSecure calls "TruSolutions", and marks an almost year-long effort to build up TruSecure's software development business, Becker said.
TruSecure is targeting Fortune 50 and Fortune 100 companies in heavily regulated industries such as healthcare and financial services, as potential customers for its new products.
The company is hoping its in-house security and vulnerability analysis talent and its background as an enterprise-focused security services company will distinguish it from more companies with more established products such as Symantec and Network Associates, which also offer security management products.
Risk Commander will be available in November with prices starting at $150,000 for an enterprise licence.
Paul Roberts writes for IDG News Service