Welcome To Tools Directory - 2010

Tenable Network Security, Inc. (Tenable) is a US-based Delaware C Corporation. Tenable’s corporate offices are located in Columbia, Maryland with additional offices in New England, California , Virginia , Pennsylvania , and Georgia . Tenable was founded in September of 2002 and is privately owned. Tenable has hundreds of Global 2000 customers in the US , Canada , Asia Pacific, and Europe .

Tenable Network Security, Inc.
7063 Columbia Gateway Drive
Suite 100
Columbia, MD 21046

Headquartered in Oulu, Finland , with offices in Silicon Valley and Hong Kong , the company markets its testing software and services directly and through international partners. Codenomicon’s customers include Adobe, Alcatel-Lucent, AT&T, Cisco Systems, F5 Networks, Nordea, Nortel, Microsoft and Siemens AG among many others. The company is privately held with investments from Eqvitec Partners and Prime Technology Ventures.

Codenomicon Ltd. (Headquarters)
Tutkijantie 4E
FIN-90570 OULU
FINLAND

Tel. +358 424 7431 (international)
Tel. 0424 7431 (inside Finland )

Fax: +358 8 340 141 (international)
Fax: 08 340 141 (inside Finland )

Email: sales@codenomicon.com

Sara

It is a comprehensive network security scanner that discovers, analyzes, and reports on security vulnerabilities of network-based computers, server, routers, and firewalls.

Computer security is the Company's primary focus where we provide the community with tools, services, and training. We are proud that we provide "24/7" security protection and remediation for our Government and Commercial clients.

http://www-arc.com/contact/index.php

STAT Scanner is built to deliver a solid balance of speed and accuracy via its adaptive scanning techniques and false-response correlation technology. Through deep inspection of target systems that include redundant file attribute and registry value correlation, as well as SSH tunneling and authenticated OS fingerprinting refinement, STAT Scanner dramatically reduces the risk of false positives and false negatives.

Features & Benefits

• Flexible Architecture - Flat or Hierarchical implementations, with a single management console instance or multiple consoles rolling up into a centralized, master console.
• Common Criteria EAL2 Certified - Complies with the all specified security requirements of the CCS Certification Body
• Consolidated Views - Multiple scan and remediation reports can be merged together to form a comprehensive security posture
• Highly Scalable -Currently deployed by customers across hundreds of thousands of endpoints.
• Role-Based Administration - Delegate remediation and reporting activities to improve productivity while maintaining security
• Policy-Based Administration - Push out mandatory baseline policies to all endpoints — a key aspect of regulatory compliance
• Standard Industry Classifications - Identified vulnerabilities are linked to common industry vulnerability classifications like CVE, BugTraq and IAVA codes for easy identification, analysis and remediation.
• Comprehensive Reporting - Document changes and demonstrate progress toward audit and compliance requirements with enterprise & local reporting of asset inventory, network or agent-based scans, vulnerability remediation and much more
• Global Installation Support - Inclusion of international date / time designations for assessment and remediation activities and A4 support for report generation.

Lumension Security™, Inc., formed by the combination of PatchLink and SecureWave S.A., is a leading global security management company, providing unified protection and control of all enterprise endpoints, applications and devices. The ineffectiveness of silo endpoint solutions that are reactive in nature has sparked demand for a shift in the security paradigm as organizations look to a more proactive approach to security.

Global Headquarters
15880 North Greenway Hayden Loop, Suite 100
Scottsdale, AZ 85260
United States of America

phone: +1 888 725 7828  
fax: +1 480 970 6323

The Bastille Hardening program "locks down" an operating system, proactively configuring the system for increased security and decreasing its susceptibility to compromise. Bastille can also assess a system's current state of hardening, granularly reporting on each of the security settings with which it works.

This hardening tool supports such Linux distributions as the Debian, Red Hat, Gentoo, Mandrake, SuSE and Fedora Core; and it can also be used for such operating systems as HP-UX and Full Mac OS X. Moreover, Bastille has been recommended by the Center for Internet Security's Linux Hardening Guide as one of the best hardening systems. This system can also be called an educational tool which helps users learn more about the security process and its work.

http://www.bastille-linux.org/Contact-Us.htm

Cenzic Hailstorm

With a Cenzic vulnerability assessment and risk assessment solution, a company can rely on the most innovative and accurate Web application security products and services available in the industry today.

For CISOs, information security teams, developers and QA professionals alike Cenzic’s vulnerability assessment and risk management solutions provide:

• Reduced risk and liability through most secure applications possible on the Web today

• Reduced costs for security assessment

• Keeps companies up to date on regulatory compliance for security

• Reduced development and testing costs

• Faster time-to-market for internally developed applications

• Ability to safely test and re-test production applications
  

Cenzic is the innovative leader in application security risk management, vulnerability assessment, and compliance solutions. Voted #1 by eWeek and InfoWorld, lauded by Gartner Group and IDC, and recipient of many prestigious awards, Cenzic has state-of-the-art, next-generation solutions — changing the dynamics of the application security industry.

Cenzic Inc.

455 El Camino Real
Suite 100
Santa Clara, CA 95050
Tel:    +1 866-4-CENZIC (866-423-6942   )
Fax: +1 408 200-0701
Email: request@cenzic.com

IBM Internet Security Systems (ISS) products secure your IT infrastructure, ensuring business continuity and enabling cost-effective processes while supporting compliance and risk management requirements.

IBM Internet Security Systems (ISS) offers a comprehensive portfolio of IT security products and services for organizations of all sizes. Our threat mitigation solutions afford preemptive protection against a wide variety of attacks and Internet nuisances, including hackers, worms, viruses, spam, spyware and more. We also provide data security solutions to safeguard valuable information while preserving accessibility.

IBM Corporation
1 New Orchard Road
Armonk, New York 10504-1722
United States

Email: ews@us.ibm.com

TeamMentor™ is a sophisticated application security guidance system that delivers the collected experience of Security Innovation engineering to development teams of all sizes.

Security Innovation has guided software development teams through the process of developing secure applications for years.  This experience allows our engineers to recognize the problems that software development teams typically encounter and drive the behaviors they need to adopt to succeed.  TeamMentor™, the industry’s first Web-based application security learning and knowledge management system, encapsulates this cumulative know-how and experience. In a wiki-like format, TeamMentor™ provides each development team member complete SECURITY GUIDANCE up front and as they code - in a way that can be leveraged immediately and repeatedly.

Security Innovation is an authority on application security and leading independent provider of risk assessment, risk mitigation and education services to mid-size and Fortune 500 companies. Global technology vendors and enterprise IT organizations such as Microsoft, IBM, FedEx, ING, Symantec, Visa, Coca-Cola and GE rely on our expertise to understand the security risks in their software systems and facilitate the software and process change necessary to mitigate them. 

U.S. Headquarters:  Boston , MA

187 Ballardvale Street, Suite A195
Wilmington, MA 01887
Ph.:     +1.978.694.1008  
Fax:   +1.978.694.1666
Sales:   +1.978.694.1008   x24 or

 Email: sales@securityinnovation.com

Contact: http://www.sisecure.com/contact/index.shtml

HP WebInspect identifies security vulnerabilities that are undetectable by traditional scanners. With innovative assessment technology, such as simultaneous crawl and audit (SCA) and concurrent application scanning, you get fast and accurate automated web application security testing and web services security testing.

HP AppInspect identifies security vulnerabilities that are undetectable by traditional scanners. With innovative assessment technology, such as simultaneous crawl and audit (SCA) and concurrent application scanning, you get fast and accurate automated web application security testing and web services security testing.

• Get innovative assessment technology for web services and web application security

• Automate web application security testing and assessment

• Enable application security testing and collaboration across the lifecycle

• Run interactive scans easily via a sophisticated user interface

• Meet legal and regulatory compliance requirements

• Conduct penetration testing with advanced tools (HP Security Toolkit)

• Configure to support any web application environment

Securing your information and protecting your company's reputation isn't just about technology.

Services Overview

Our consulting and education services focus on the areas of firewall, web site, web-based application, and dial-in architectures.

• Ethical hacking & vulnerability assessments (networks, web apps, wifi, VoIP and NGN)
  (Assessment Phase of Security Life Cycle)
• Web application security architecture reviews
  (Design Phase of Security Life Cycle)
• Web application development best practices
  (Design Phase of Security Life Cycle)
• Security training & education
  (All Phases of the Security Life Cycle)
• Maven Security has provided expert testimony in a computer-security related criminal

Company Overview and Contact:

Maven Security Consulting Inc. is a vendor-independent security consulting firm that helps companies secure their information assets and digital infrastructure by providing a wide range of customized consulting and training services.Services include ethical hacking; web application security testing; network security architecture reviews; training;

Maven Security Consulting, Inc.

14525 SW Millikan #50645

Beaverton, Oregon 97005-2343

Phone:  +1-877-MAVEN-HQ  
(   +1-877-628-3647  )

Email: contact-us@mavensecurity.com

Holodeck provides testers and developers with the following benefits:

• Safe fault injection and environment simulation
• Comprehensive reporting
• Application insight via detailed application monitoring
• API integration with automated testing tools
• Built-in debugger for fast problem solving
• Automated scheduled and random test generation
• more features and benefits .

Security Innovation is an authority on application security and leading independent provider of risk assessment, risk mitigation and education services to mid-size and Fortune 500 companies. Global technology vendors and enterprise IT organizations such as Microsoft, IBM, FedEx, ING, Symantec, Visa, Coca-Cola and GE rely on our expertise to understand the security risks in their software systems and facilitate the software and process change necessary to mitigate them.

U.S. Headquarters:  Boston , MA
187 Ballardvale Street, Suite A195
Wilmington, MA 01887
Ph.:     +1.978.694.1008  
Fax:   +1.978.694.1666
Sales:   +1.978.694.1008   x24 or

 Email: sales@securityinnovation.com

Fault Factory injects socket API failures and SOAP/HTTP faults into any running application

ExtraData Technologies

Founded in 1998 in the heart of the Silicon Valley Privately held

Headquarters:

1922 White Oaks Road

Second Floor

Campbell,CA95008

USA

Phone: 866-580-9168

E-mail:

     Sales:   sales@extradata.com

     Support: support@extradata.com

Breaking point

Highlighted Features:

• 10 Gigabits per second and faster, 7.5 million simultaneous TCP sessions and 750,000 TCP/IP requests per second.
• Supports transmissions and verification of up to 30 million packets per second at 64 byte packets.
• An extensive library of pre-configured tests.
• 1 Gigabit and 10 Gigabit models
• Built-in power receptacle on the front of the system for power cycle testing of the device under test.
• Built-in serial and Ethernet ports for controlling the device under test.
• Point and click automation via Telnet, SSH and Serial for any device under test.