Bedford, MA— RSA, The Security Division of EMC (NYSE: EMC) today announced that the RSA Archer Governance, Risk and Compliance platform ranked in the Leaders category in two simultaneous Forrester Research, Inc. Waves evaluating IT and eGRC platform vendors for Q4 2011. RSA Archer was the only GRC vendor to be named to both Forrester Waves and awarded the highest rankings for current offering, strategy and market presence in the IT GRC Wave, and the highest ranking for market presence in the eGRC Wave. Not only was the RSA Archer platform named a leader but it is also positioned as having the highest rating for market presence in both reports.

The Forrester Wave is designed to provide insight into a particular market or technology – to keep decision makers well-informed. For The Forrester Wave: IT Governance, Risk and Compliance Platforms, Q4 2011, December 1, 2011, Forrester evaluated leading risk and compliance software vendors across 59 criteria and found that the RSA Archer platform scored at the top of the evaluation for content management, risk and control management, and workflow management. Forrester noted in the report that “the strong technical capabilities of the RSA Archer platform and the company’s market success set it above the competition,” and the RSA Archer platform is “one of the best overall technical platforms we assessed in the IT GRC space. With the Archer platform now under the wings of the RSA brand, the larger set of development resources along with the extended sales and marketing force will enable RSA to remain a leader in the IT GRC market for the foreseeable future.”

Reflecting the still substantial gap that exists in most organizations between the IT and enterprise GRC functions, Forrester conducted and published a second evaluation, The Forrester Wave: Enterprise Governance, Risk and Compliance Platforms, Q4 2011, November 30, 2011. Again the RSA Archer platform emerged as a leader based on a strong vision and the ability to evolve quickly and address customers’ changing needs. “With solid technical functionality and a satisfied customer base, Archer made the leap into the Leaders category in this year’s evaluation. The company’s platform is highly configurable with an intuitive and easy-to-navigate interface, and its ability to facilitate customer-led development sets it apart from competitors,” the report noted.

“Many companies are looking for tools to manage inter-related risks across the business not only in IT but also finance, operations, and legal domains, said David Walter, Senior Director, GRC Strategy and Solutions at RSA. “Our continued investment and dedication to creating a best-of-breed GRC platform helped to solidify our position in the market. The RSA Archer eGRC platform automates the measurement and visualization of risks across the enterprise to enable an apples-to-apples prioritization and enable a more effective utilization of limited risk mitigation resources. Our strong ecosystem of partners and vast community of users, help us to keep innovating and answer the latest GRC challenges facing our customers.”

On Tuesday, January 24, 2012 at 2:00 PM EST, RSA will host a webinar to discuss the increased need for a converged GRC platform enabling holistic management of risk and compliance across the organization. Joining David Walter in the discussion will be guest Chris McClean, Forrester Senior Analyst and author of the GRC Waves, and a panel of Fortune 500 organizations.

About Armadillo
Armadillo is the UK’s leading security solutions integrator with an extensive portfolio of complementary products that make us unique in our ability to provide true end-to-end security solutions, customised to meet a client’s specific technology and budgetary requirements. Our approach to delivering client solutions has evolved over a number of years through a wealth of experience in architecting, delivering and maintaining solutions for large and small enterprises across all market sectors, featuring strongly in the financial services, online gaming, legal, public, retailing and Government sectors. For more information, visit Armadillo at www.armadillouk.com

About RSA
RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world’s leading organizations solve their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.
Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention, Continuous Network Monitoring, and Fraud Protection with industry leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit www.rsa.com

Additional News from RSA

The company also announced the availability of RSA NetWitness Spectrum, a state-of-the-art malware analytical workbench that revolutionizes the identification and analysis of zero-day malware. Conference delegates can see the new capabilities in booth #D1.

RSA is also offering software developers the capability to build in additional layers of security and access control into mobile applications for the leading mobile application platforms through the integration of RSA’s award-winning RSA SecurID and RSA Adaptive Authentication solutions. By extending strong and risk-based authentication controls to mobile, developers of mobile applications for business, banking and data access can help increase security and confidence in their mobile products.

SAN MATEO, CA–(Marketwire - Sep 19, 2011) - RedSeal Systems, Inc. today announced that online gaming giant Betfair has selected RedSeal’s proactive network security assessment solutions to further strengthen its defensive infrastructure and protect critical information systems.

RedSeal empowers enterprise organizations to analyze any possible path of access permitted or denied across their entire network to understand real-world points of IT risk before they can be compromised.

Rather than addressing individual threats, aggregating log data or auditing the behavior of individual firewalls or routers, RedSeal models the interaction of all network defenses to provide detailed visibility into any gaps in security, empower continuous compliance with industry regulations and ensure protection of key business assets.

By providing management with the unique ability to identify exposure to real-world threats and create metrics to trend the efficacy of network security defenses over time, RedSeal allows organizations with complex infrastructure to understand and improve the effectiveness of their overall security strategy.

“The complexity and incessant change in today’s enterprise networks has made it impossible for people to manage security without the aid of automation,” said Dr. Mike Lloyd, Chief Technology Officer at RedSeal. “We’re very pleased to list Betfair as a customer, as they are a high-profile leader in their industry who recognized RedSeal as a solution that’s necessary to address today’s real-world security challenges.”

Facilitating Betfair’s adoption of RedSeal was UK security systems integration specialists Armadillo, which has established a long-standing reputation within the gaming industry, along with other key verticals including the government and financial services sectors.

“RedSeal represents a tremendous opportunity for enterprise organizations to adopt a powerful, innovative new methodology for visualizing network security to bolster compliance and improve protection of assets and information,” said Mark Newns, CEO of Armadillo. “We’re proud to have helped bring RedSeal into a respected organization such as Betfair and believe that there’s huge potential for this solution to advance network security and risk management across our entire customer base.”

For more information on RedSeal Systems solutions and professional services, please contact us at +44(0)208 6106090 or email info@armadillouk.com to arrange a demo

About RedSeal Systems, Inc.
RedSeal Systems develops proactive network security assessment software that enables organizations to visualize their security standing, maintain continuous compliance with regulations and better protect their critical assets. Unlike systems that detect attacks once they occur, RedSeal identifies holes in security infrastructure before they are discovered by hackers. RedSeal software analyzes and simplifies the complex interaction of firewalls and all other network security devices, delivering in-depth understanding of real-world exposure. For more information, visit RedSeal at www.redseal.net

About Armadillo
Armadillo is the UK’s leading security solutions integrator with an extensive portfolio of complementary products that make us unique in our ability to provide true end-to-end security solutions, customised to meet a client’s specific technology and budgetary requirements. Our approach to delivering client solutions has evolved over a number of years through a wealth of experience in architecting, delivering and maintaining solutions for large and small enterprises across all market sectors, featuring strongly in the financial services, online gaming, legal, public, retailing and Government sectors. For more information, visit Armadillo at www.armadillouk.com

About Betfair
Betfair is one of the world’s largest international online sports betting providers and pioneered the betting exchange in 2000. Driven by cutting-edge technology, Betfair enables customers to choose their own odds and bet against each other. The company now processes over five million transactions a day from its three million registered customers around the world. In addition to sports betting, Betfair offers a portfolio of innovative products including casino, exchange games and poker. Betfair has twice been named the UK’s ‘Company of the Year’ by the Confederation of British Industry and has won two prestigious Queen’s Awards for Enterprise, being recognised for Innovation in 2003 and most recently for International Trade in 2008. Betfair currently employs over 2,000 people worldwide. The company holds betting licences in Gibraltar, the US, Tasmania, Italy and Malta. For more information, visit Betfair at www.betfair.com

Topics being discussed by industry key speakers include:

Protecting Information is Key to Protecting Brands. ‘If it moves, encrypt it. Even if it doesn’t!’
Automation vs Complexity: Creating Tangible Network Security Metrics
The $20B IT Security Gap! How Every Organization is at Risk to the New Breed of Next Generation Threats
Carrying out a Level 1 PCI-DSS Merchant audit internally; getting the Bank and the Card Scheme on-board

This promises to be an informative and highly relevant event for all the gaming industry, so keep an eye on your inbox for your invitation over the coming days.

RSA, the Security Division of EMC, Revolutionizes Situational Awareness, Providing Real-Time Visibility into The Most Complex Cyber Threats
RSA NetWitness Panorama™ Module Unifies Pervasive Network Monitoring and Log Data to Deliver Complete View of Potential Threats.
RSA enVision® 4.1 SIEM Platform Improves Speed and Simplicity for Real-Time Queries and Reporting, Enabling Faster, More Granular Investigations of Events and Log Data.

RSA, The Security Division of EMC (NYSE:EMC), today announced a revolutionary approach to situational awareness for information security with the launch of RSA NetWitness Panorama™ technology and enhancements to its RSA enVision® Security Information and Event Management (SIEM) platform. These improvements are designed to provide customers with the ability to better identify and combat today’s advanced threats.

RSA NetWitness Panorama, a new module in the RSA NetWitness family, delivers innovation in security analytics through the fusion of hundreds of log data sources with external threat intelligence. Combined with RSA NetWitness, enterprises can now have extraordinarily broad and robust high-speed visibility into the critical information needed to help detect today’s targeted, dynamic and stealthy attack techniques. RSA NetWitness Panorama may be deployed in three ways: as an extension to RSA NetWitness installations to combine the diverse information contained in log files with the deep content of full traffic capture, alongside RSA enVision for fast security analytics across the volumes of log data collected by RSA enVision, or as a standalone log analytics module with or without other 3rd party SIEM tools.

“Customers are wrestling with the need to use a variety of data sources both to demonstrate compliance and to combat advanced threats”

said Amit Yoran, Senior Vice President and General Manager, Security Management and Compliance Business, RSA, The Security Division of EMC.

“Log management and SIEM technologies are important elements of incident and threat management processes, but have been constrained by a lack of a common lexicon, scalability, and the agility to adapt to the ever-changing threat landscape. Our enhancements to RSA enVision make it a more powerful tool for compliance reporting and also for analysis of log data as part of the security process. And, by providing native, cross-environment visibility and threat-informed analytics across log data and full packet capture, RSA NetWitness Panorama technology offers security teams an unprecedented view of organizational activity across even more of their IT infrastructure.”

RSA NetWitness Panorama Module Delivers Situational Awareness
RSA NetWitness Panorama technology is designed to apply a host of NetWitness innovations to make log data an active part of security operations. Those innovations are engineered to include:

RSA enVision Enhancements Improve Speed of Investigations.
Enhancements to the RSA enVision SIEM platform are designed to increase the speed and simplicity of ad-hoc queries against log data, while improving report management capabilities. Customers can now execute queries for investigation and incident response across large volumes of log data with up to 10X improvements in response time over the previous version. RSA enVision 4.1platform is also engineered to enable RSA enVision ES centralized deployments to be run as a fully virtual machine and offers virtual collectors for RSA enVision LS distributed deployments, making it simpler for customers to implement consistent security and compliance across physical and virtual infrastructures. The performance improvements of ad-hoc queries in the RSA enVision 4.1 platform help deliver the speed and flexibility critical for log-specific investigations and forensics.

Please click here download the solution brief PDF for more information

RSA, the Security Division of EMC, urges critical actions for SecurID installations

Following on from RSA’s recent announcement today that they have experienced a security breach please see below for recommended actions by RSA, links to the RSA open letter to all their clients and RSA’s SCOL advisory on general security best practices and product best practices.

Overall Recommendations:
RSA strongly urges customers to follow both these overall recommendations and the recommendations available in the best practices guides linked to this note.

• We recommend customers increase their focus on security for social media applications and the use of those applications and websites by anyone with access to their critical networks.
• We recommend customers enforce strong password and pin policies.
• We recommend customers follow the rule of least privilege when assigning roles and responsibilities to security administrators.
• We recommend customers re-educate employees on the importance of avoiding suspicious emails, and remind them not to provide user names or other credentials to anyone without verifying that person’s identity and authority. Employees should not comply with email or phone-based requests for credentials and should report any such attempts.
• We recommend customers pay special attention to security around their active directories, making full use of their SIEM products and also implementing two-factor authentication to control access to active directories.
• We recommend customers watch closely for changes in user privilege levels and access rights using security monitoring technologies such as SIEM, and consider adding more levels of manual approval for those changes.
• We recommend customers harden, closely monitor, and limit remote and physical access to infrastructure that is hosting critical security software.
• We recommend customers examine their help desk practices for information leakage that could help an attacker perform a social engineering attack.
• We recommend customers update their security products and the operating systems hosting them with the latest patches.

For RSA product-specific recommendations, please follow the links below to the Security Best Practices Guides for each product. If you are unable to access the files via RSA SecurCare http://knowledge.rsa.com/ please contact support at:

U.S.: 1-800-782-4362, Option #5 for RSA, Option #1 for SecurCare note
Canada: 1-800-543-4782, Option #5 for RSA, Option #1 for SecurCare note
International: +1-508-497-7901, Option #5 for RSA, Option #1 for SecurCare note

SecurCare Online Advisory Direct Link https://knowledge.rsasecurity.com/scolcms/set.aspx?id=8884

RSA open Letter to Customers http://www.rsa.com/node.aspx?id=3872

Armadillo are happy to announce that we have signed a partnership agreement with innovative APT solution specialist FireEye

FireEye Malware Protection Systems provide next generation network threat prevention to safeguard valuable data and networks against Modern Malware infiltration and data theft/alteration/destruction. The FireEye Malware Protection System breaks the Modern Malware infection lifecycle by stopping inbound, zero hour, targeted attacks, outbound data exfiltration callbacks, and dynamically inoculating networks from future attacks through both local and global intelligence. FireEye finds and blocks the 90% of Modern Malware attacks that conventional defenses miss, at network speeds and near-zero false positive rates, delivering an extremely low security TCO.

FireEye has pioneered the use of transparent virtual machines operating in a network appliance to block inbound, zero-day, targeted attacks and to analyze malware infections in real time. Also, it blocks unauthorized, outbound communications to criminal C&C servers to stop data exfiltration attempts. Taking this multilayered approach, FireEye has the unique capability to provide real-time malware intelligence gathered from a global customer base and shared via the FireEye Malware Analysis and Exchange (MAX) Cloud Intelligence network. FireEye offers a fundamentally new technology to defend against zero-day, targeted attacks, bots, Trojans, and advanced, persistent threats.

In the News

Web MPS Datasheet

Malware Analysis Datasheet

KEY TECHNOLOGY FEATURES:

• Multi-stage inspection and blocking engine that stops known and zero-day attacks while simultaneously eliminating false positives. The multi-stage inspection process unifies virtualization and network security to accurately block Modern Malware that are used to penetrate networks and steal resources and sensitive data
• Malware-VM analysis utilizes proprietary and trade secret virtualization technology to analyze and confirm true, zero-day malware, such as Trojans, targeted attacks, bots, VM-aware malware, and advanced, persistent threats
• Malware-Callback filter blocks outbound callbacks based on local malware intelligence from the Malware-VM analysis as well as based on global malware intelligence provided by the MAX Cloud Intelligence network

Newly discovered malware is installed to completion within the FireEye Malware-VM filter so that malware file locations, new registry keys, corrupted DLL’s, etc. are all tracked in addition to outbound, callback destinations. Now, analysis of polymorphic Modern Malware can be reliably automated to create dynamic blocking of inbound zero-day attacks and its outbound transmissions. Local zero-day malware intelligence is dynamically-generated by each Malware-VM filter to provide real-time malware forensics used to protect the local network. This analysis can be shared globally through the MAX Cloud Intelligence network for use by all subscribers to stop data and resource thefts.

MAX Cloud Datasheet

For further information please contact: sales@armadillouk.com

RSA Announces Authentication Manager Express

Small and mid-sized organizations generally have been priced out of deploying strong authentication solutions, yet their security needs are no less critical than much larger organizations.

On Wednesday January 26th, 2011 RSA will introduce its newest addition to the RSA Authentication portfolio: RSA Authentication Manager Express. RSA Authentication Manager Express rounds out our authentication product line and helps you meet the cost-competitive and convenience requirements of the mid-market. The product, which implements seamlessly and quickly into the widest array of environments, is designed to be one of the easiest, user-friendly ways to offer secure remote access to end users.

Features & Benefits

• Convenient/User-friendly – Provide convenient access for users accustomed to the simplicity of password access:  simple enrollment, nothing to manage, typically seamless authentication.
• Self-learning, Proven Risk Engine – Assure that only approved users can access sensitive company information.
• Layered Authentication Options – Utilize authentication methods tailored to the calculated risk of the access attempt and profile of the end user.
• Simple Provisioning – Deploy without distributing authentication devices or installing software on an endpoint.
• Out-of-the-Box Implementation – Integrate multi-factor authentication with leading SSL VPNs and web servers using minimal IT resources.
• Plug and Play Appliance – Deploy quickly and cost-effectively and migrate seamlessly from passwords to multi-factor authentication.
• Anytime, Anywhere Access – Arm users with convenient, secure access to drive productivity and collaboration.

For more information please visit - http://www.rsa.com/node.aspx?id=3843

RSA SecurWorld Program change 2011: EMEA

RSA Announces major SecurWorld Partner Program change. The top RSA Signature Partner level has now been renamed to RSA Premier Partner. From immediate effect Armadillo are now an RSA Premier Partner.

The RSA SecurWorld Partner Program aims to foster a dynamic and interactive relationship between RSA, The Security Division of EMC, and its channel partners. RSA SecurWorld Partners such as Armadillo Managed Services are experienced in delivering authentication and secure access solutions.