Company Name: ALADDIN KNOWLEDGE SYSTEMS Mission Representative: David Collins - Vice President of Sales Telephone 800.562.2543 (USA) Email: David.Collins@aladdin.com URL: www.aladdin.com Business Description Aladdin Knowledge Systems Ltd. (NASDAQ: ALDN) is a worldwide leader in Software DRM, USB-based authentication, and secure Web gateways. Serving more than 30,000 customers worldwide, Aladdin products include HASP Software Rights Management, eToken, and eSafe. Aladdin Knowledge Systems’ Software Rights Management products are the #1 choice of software developers and publishers to protect intellectual property, increase revenues, and reduce losses from software piracy. Aladdin eToken is the world’s #1 USB-based authentication solution. The Aladdin eSafe secure Web gateway provides the most advanced protection against the latest Web-based threats and attacks. Aladdin has offices in 12 countries, a worldwide network of channel partners, and has won numerous awards for innovation. Products & Technology 1. eToken: About the size of an average house key, Aladdin eToken is an easy to use and highly portable USBbased smartcard device. It enables both users and IT/security administrators to more effectively manage the authentication process by securely storing passwords, PKI keys and digital certificates, and other personal credentials onboard the eToken. 2. eSafe: Web Threat Protection The secret behind eSafe’s ability to counter unknown threats is the Proactive Security Engine, or PSE. The PSE analyzes the behavior of web and email content at the perimeter before it enters the general network. This allows for the blocking of suspected threats that are as yet unknown. eSafe backs up the PSE with a premium Signature Anti-Virus engine. Certified by ICSA and Checkmark, it blocks 100% of inthe-wild viruses. URL Filtering eSafe’s URL Filter has the industry’s largest database of restricted Internet sites in sixty categories. It covers 97% of commonly browsed web pages, and 150,000 updates web pages 8 times a day. eSafe uses intelligent web crawling technology, content analysis, and massive amounts of data processing hardware to deliver a top of the line filtering solution. Application Filtering The AppliFilter is a real time filter for application level traffic such as instant messaging, peer to peer, and remote control communications. AppliFilter examines hundreds of types of incoming and outgoing traffic, including attempts by spyware and Trojans to connect to an outside source. Awards Recipient of the 2007 Global Frost & Sullivan Award for Product Innovation Finalist – SIIA Codie Award 2007 Best Anti-Trojan Solution – 2006 SC Magazine U.S. Awards Company Name: AMDOCS Mission Representatives: Paul Andrees, Sales Director Zohar Kritzker, Dir. of Product Development Telephone 888.268.3352 (USA) Email: Paul.andrees@amdocs.com URL www.amdocs.com Business Description Amdocs is the market leader in customer experience systems innovation, enabling leading financial services institutions to deliver an innovative, integrated, and intentional customer experience at any point of Service Products & Technology Our Integrated Customer Management Software Suite includes: Customer Management: for Contact Centers, Sales, Customer Information File, Customer Intelligence, Customer Support, and Banking Product Catalog. Mobile Banking Suite : Mobile Broker, Mobile Communications Hub, Interactive Marketing Manager Commercial Billing Suite: Invoicing, Mediation, Billing Customer Manager, Rating, Accounts Receivable and Collections, and Product Catalog. Dynamic Relationship Pricing Suite: Multi Channel Integration, Dynamic Pricing, Settlement and Accounting, Banking Product Catalog, Contracting and Negotiation. All of these products allow leading financial institutions to deliver an innovative, integrated, and intentional customer experience at any point of service. Through a low risk componentized and phased approach to system modernization and consolidation, we help enrich the customer experience , lower operating costs, and grow revenue and profitability. Company Name: APPLICURE TECHNOLOGIES Mission Representative: Carl Hartman, Director, North American Operations Neil Williams, Services Manager Telephone +972.9.9579096 (Israel) 516.661.1900 (USA) Email: carl.hartman@applicure.com neil.williams@zonescs.com URL www.applicure.com Business Description Applicure Technologies develops multi-platform software that protects website and enterprise application from external and internal attacks. Applicure products help companies of all sizes to protect their IT assets by preventing hacking and information theft. Built upon years of research into hacker behavior, Applicure solutions feature a comprehensive knowledge base to identify attacks accurately, and stop them before they reach the website or application. Founded in 2004, and listed on the Tel Aviv stock exchange in April 2007, Applicure is headquartered in Herzliya, Israel Products & Technology Applicure’s flagship products dotDefender and dotDefender Monitor are deployed internationally and serviced by offices and distributors in the US, UK and Israel. dotDefender provides dedicated application security that complements the network protection (firewall, IPS/ IDS). dotDefender is deployed as a server plug-in in IIS, Apache or Microsoft ISA server. This innovative website security software provides strong protection against SQL Injection, Cross-site scripting, Path Traversal, and many other application attacks. dotDefender Monitor is a software tool that is installed on the web server to identify attacks. It comes packed with best practices security rules that work for any web application, so you don’t need any security expertise to use it. Advanced customization is also available for complex environments. The monitor provides very detailed attack information: time stamp, originating IP, type of attack, which website or application were attacked, the original request, and much more. Even better, it presents attack statistic over time in a colorful, easy to understand log viewer. Company Name CONTINUITY SOFTWARE Mission Representative: Adam Young, Regional Sales Manager Telephone +972.3767.2080 (Israel) 773-944-9226 (USA) Email: adamy@continuitysoftware.com URL www.continuitysoftware.com Business Description: Continuity Software is a leading provider of Disaster Recovery Management solutions. Its RecoverGuard™ software mitigates risk by monitoring your production and remote replication environments to detect data protection threats, vulnerabilities and gaps. With RecoverGuard you will be confident your data is protected and you will exceed your business continuity goals. Continuity Software was founded in early 2005 by a team of experienced IT and Data Protection professionals, with a passion for building innovative enterprise software solutions. Products & Technology RecoverGuard is an agent less enterprise monitoring software solution that constantly scans your IT infrastructure, including storage, database, servers and replications configurations, and detects Data Protection risks, Disaster Recovery risks and infrastructure vulnerabilities in your system. RecoverGuard ensures that your business critical data is always protected and available. Our process is based on a structured methodology, which utilizes both the unique RecoverGuard technology and the know-how of the Continuity Software experts to provide an exceptional solution. The stages of the DPRA service are: Dependency and Correlation: Using the RecoverGuard Dependency engine, we automatically detect production IT assets and their protection pairs in the Disaster Recovery configuration. The RecoverGuard technology understands the relationships between both physical and logical IT assets and their de-facto protection status. Risk Detection: Using the proprietary RecoverGuard Gap Detection engine, we scan the collected data and compare it with a database containing hundreds of data gaps and best practices signatures, to identify potential problems in the IT environment. In addition, at this stage RecoverGuard scans for customer-specific Data Protection policy violations to detect any policy compliance violations. Risk Analysis: Continuity Software experts review the information gathered and the risk detection results, to assess their impact on your overall Data Protection and Business Continuity reliability. At this stage, the RecoverGuard technology suggests the priority and remediation approach for handling each detected risk. Reporting: The result of this assessment process is a set of detailed descriptive reports, including the Data Protection overview and status, risk analysis report, and best practices and recommendations. To learn more, please contact us to get a sample of the reports. Awards Byte and Switch top 10 storage startups to watch Company Name EUREKIFY Mission Representative: David Hochhauser, VP US Telephone 631-764-5709 (USA) Email: dhochhauser@eurekify.com URL www.eurekify.com Business Description: Eurekify is the leading provider of Role Management, Auditing and Compliance solutions. Leveraging on advanced pattern-recognition technology, Eurekify Sage is unique in its capabilities and is regularly recommended by leading Identity Management (IdM) and Governance, Risk, and Compliance (GRC) implementers worldwide. Products & Technology Eurekify Sage Enterprise Role Manager (ERM) helps large organizations implement and manage Identity Management and Automated Provisioning solutions * Quickly consolidate privileges from any and across systems and applications * Quickly review current privileges in any and across systems and applications, to build business case for Identity Management projects * Analyze existing privileges to determine best fitting role model, and to quickly create a role model that covers 80% of all privileges * Deploy role-based privileges model in an IdM system of choice for automated provisioning * Manage role-based privileges model over time, and adapt role model to business changes * Periodically review role model for inconsistencies, policy violations, excessive risk, etc. * Provide processes for individuals and business owners to request, approve, and grant privileges, while testing for compliance with policies, risks, and guarding against inconsistencies Eurekify Sage Enterprise Compliance Manager (ECM) helps large organizations to more quickly and more effectively address their GRC requirements, especially with respect to regulations such as SOX, GLBA, PCI, HIPAA, FERC, Basel II, etc. * Quickly review the current situation in any and across systems and applications, to build business case for GRC projects * Review business processes and quickly build a compliance model with the relevant IT controls (e.g., Segregation of Duty (SoD) rules) * Review business processes and quickly build a risk assessment model that takes into consideration the sensitivity of specific applications, transactions/reports, and data sets, as well as the sensitivity of a combination of access rights * Identify and report on policy violations and risks * Provide a process for privileges recertification/attestation by business owners Eurekify Sage Privileges Quality Manager helps owners and administrators of specific platforms, systems, and applications in the management of access rights * Review existing privileges and identify inconsistencies, outdated and orphan accounts, and many other privileges cleanup opportunities * Set up and enforce policies on allocation of access rights in all levels of granularity * Provide a process for business owners to review and comment on privileges assignments * Archive privileges in certain points in time * Review and adapt group definitions, cleanup unnecessary groups, and set up a local role-based regime using groups Company Name FINJAN Mission Representative: Joann Davis - Sr. Account Executive - Midwest Region John DiTroia - VP, North American Field Operations Telephone 847 769 3018 (USA) Email: jditroia@finjan.com; jdavis@finjan.com URL www.finjan.com Business Description: Finjan is a leading provider of secure web gateway solutions for the enterprise market. Utilizing patented real-time content inspection technology, Finjan’s solutions prevent crimeware and other malicious web content from infiltrating corporate networks and stealing business data. Finjan’s real-time security technology detects malicious content based on the code’s intended criminal action, without using signatures, URLs or reputation attributes. By preventing crimeware and targeted attacks that bypass other solutions, Finjan enables companies to safeguard their sensitive corporate and customer information. Products & Technology Finjan’s comprehensive and fully integrated Vital Security™ Web Appliances leverage patented realtime security technologies (Real-time content inspection security, Vulnerability Anti.dote™, AntiSpyware and SSL Inspection engines) to achieve the highest level of protection against any type of malicious code. Anti-Virus and URL Filtering are also available as optional modules. Finjan’s secure web gateway solutions include an optional cache appliance, providing enterprises with a complete solution for real-time web security and content acceleration. For larger deployments, this solution can be integrated with various third party Load Balancing options to ensure compliance with the high performance and availability requirements of enterprise networks. These optional modules are deployed in a fully integrated manner with our web security appliances based on each organization's needs. Powerful management capabilities allow network administrators to configure, manage and maintain the solution efficiently and easily, even in highly complex corporate environments. Finjan protects enterprise clients across industries targeting large organizations and enterprises Awards Among the notable awards and achievements, Finjan has been listed as a visionary in the in Gartner Magic Quadrant (MQ) report for Secure Web Gateways (SWG) 2007. Finjan was also awarded the eWeek Excellence Award in Network Datastream Protection Category as well as awarded the InfoSecurity Product Guide Global Product Excellence Awards in 3 categories. Company Name: INSIGHTIX Mission Representatives: Toni Burhke, Sales Engineer Bill Lavelle, VP Sales Telephone 212.461.3620 (USA) Email: toni.burhke@insightix.com Bill.lavelle@insightix.com URL www.insightix.com Business Description Insightix develops IT visibility and network access control solutions. Insightix's solutions are agentless, provide full network coverage and deliver an immediate return-on-investment for network security, IT operations and regulation compliance. Insightix solutions are simple to use and overcome the technical limitations of existing solutions. Insightix customers include prominent companies in the banking, retail, media, transportation, manufacturing, education and additional industries. Insightix’s investors include SoftBank Capital, Blumberg Capital, Quest Software (NASDAQ:QSFT) and several technology veterans Products & Technology Insightix offers two main products – Insightix NAC and Insightix Visibility. Insightix NAC delivers complete and real-time network access control, ensuring that only authorized and compliant devices are allowed to access and operate on the network. Insightix NAC is simple to install and operational in a matter of hours. The deployment of Insightix NAC requires no software agent agents, switch integration, specialized software or hardware replacement. Insightix Visibility is a comprehensive network discovery and monitoring application. It generates a complete and accurate inventory of all devices connected to the network and presents a graphic topology of the entire IT infrastructure. Both Insightix NAC and Insightix Visibility utilize Insightix’s Network Detection technology, which generates and maintains in a real-time “state” of all devices connected to the network. Company Name: INTELLINX Mission Representatives: Hagai Schaffer, VP Products & Marketing Telephone +972.3.5385506 (Israel) Email Hagai.schaffer@intellinx-sw.com URL www.intellinx-sw.com Business Description Intellinx presents a breakthrough in insider threat detection and prevention. It provides a first-of-its-kind cross-platform surveillance system for unparalleled visibility of end-user activity in corporate applications across the enterprise. Intellinx provides a critical infrastructure for combating internal fraud and information leakage, making authorized users accountable for their actions in all major platforms, from mainframe to iSeries to web. The system tracks user behavior patterns at the application screen level, triggering alerts on exceptions in real-time. It enables internal auditors to immediately zoom-in on specific suspects and replay all their actions, screen by screen. By generating forensic audit trail, Intellinx allows organizations to comply with privacy regulations (HIPAA, GLBA, PCI). Intellinx enables organizations to reduce internal fraud and other types of operational risks in response to Basel II. The Intellinx patent-pending agent-less technology imposes no risk and no overhead on the organization’s infrastructure. Products & Technology Intellinx patent-pending technology enables Security officers and internal auditors to detect internal fraud and information leakage in 4 major ways: 1. Unparalleled Visibility to end-user activity - Complete visibility into end-user activity is provided with visual replay of every screen and keystroke in every application across all major platforms. All actions are visible, including update and read-only actions. All types of end-users are tracked including privileged end-users such as System Administrators and Data Base Administrators that may pose higher risk as they have higher authorization level. 2. Complete Audit Trail - Intellinx records the full user activity 24x7, not just events detected as suspicious in real time. This is crucial for making end-users accountable for their actions. Regardless of whether appropriate rules are in place at the time of an event, post-event replay enables forensic investigation at a later time. 3. Cross Platform Search including Modern & Legacy applications - Intellinx provides a unique solution for tracking user activity across all major platforms including mainframe, AS/400, web and ClientServer. It allows information security officers, for example, to search from one simple query screen for all users who displayed or updated a specific account number on any user screen across multiple platforms in a specific timeframe. 4. Real-time User Behavior Tracking at the Application Level - Intellinx is the only solution on the market that analyzes user activity at the application level (not at the network or database level) generating real-time alerts on exceptions to normal user behavior. The Intellinx rule engine tracks all user keystrokes and flow of screens accessed by the user, detecting the relevant business process including each field value accessed or updated. This information is correlated in real-time with the activity of other end-users, with previous activity and other types of information. The Intellinx rules track cross-platform business processes. For example, a business process tracked by Intellinx may start on a mainframe, continue in a client-server application and end on the web. Utilizing an agent-less non-invasive sniffing technology, Intellinx requires no change to organization infrastructure, generating no risk, no overhead, and no performance degradation on servers, networks or clients. Company Name: KIDARO Mission Representative: Brandt Mackey, Sr. Sales Executive Denis Eversen, Senior Director Telephone +972.3.6111830 (Israel) Email: bmackey@kidaro.com kevinp@accessitgroup.com URL www.kidaro.com Business Description Kidaro is the leading provider of enterprise-class solutions for deploying, managing and securing virtualization across desktops and laptops. The Kidaro platform leverages industry-standard virtualization engines to eliminate key desktop computing challenges, providing secured mobility, reduced laptop TCO, disaster-recovery readiness, data leakage prevention and legacy-application support. Products & Technology Kidaro delivers an end-to-end desktop computing solution for enterprise desktops and laptops. The Kidaro platform leverages innovative virtualization technology to enable enhanced security, manageability, and mobility without disrupting existing desktop capabilities and infrastructure. A corporate-controlled workspace - completely mobile, runs on existing PC hardware, no server farms Strong encryption, data leakage prevention, and policy enforcement enable enterprise virtual desktops to run securely on any PC Centrally managed and provisioned architecture allows IT administrators to manage one virtual image vs. thousands of unique PCs Kidaro makes virtualization invisible for end users, seamlessly integrating the corporate workspace into existing desktops Kidaro's scalable, mobile desktop virtualization platform leverages a choice of industry-standard virtualization engines (e.g., VMware®, Microsoft®) to create a corporate-managed encrypted workspace, delivered for local use via DVD, over the network, or for ultimate mobility, via the Kidaro ToGo™ virtual desktop on a USB flash drive. Once the virtual workspace is delivered, users simply authenticate to get started. Predefined applications, resources and network settings become available on their desktop, protected from data leakage, loss or theft, and isolated from vulnerabilities on the underlying PC. All virtual machine management, deployment, and policy enforcement is automated and centrally controlled. This allows IT groups to manage a single virtual desktop, instead of managing thousands of unique desktop images and hardware configurations. The system provides: End-to-end Enterprise Desktop Computing Flexible Dlivery Modes Central Management Modes Kidaro vDNA™: Self-cleaning Virtual Desktop Security and Data Leakage Prevention Modules Single-Desktop Interface Company Name: PROMISEC Mission Representative: David Roudebush, VP Sales Telephone +1-212-743-9916 (USA) Email: sales@promisec.com URL www.promisec.com Business Description Promisec was founded in 2004 by four IT visionaries who saw a need for simple, easy-to-use products to simplify the way companies manage their internal networks. Promisec developed its Clientless Endpoint Security Management (CESM) technology into powerful, agentless solutions that address company’s needs for endpoint compliance enforcement and risk management. Promisec’s technology provides fast, accurate and flexible products that address the volatile status of internal networks. When processes, technology and human elements come together breakdowns will occur. Whether these breakdowns are caused by human error, technical faults or malicious activity, they all pose a real and significant threat to the health and security of the corporate network. It is essential to quickly identify anything and everything that should or should not be evident on a corporate network as well as neutralize the risks to systems that are identified. Products & Technology Spectator Professional is Promisec’s original product designed to manage the endpoints and servers of SMBs and SMEs from a single central location. Spectator Professional is a single installation that provides companies with complete visibility and control of their endpoints and servers identifying any risk or internal threat that may have been introduced to the network. In addition it will also identify any failures or missing installations of essential components needed to maintain a secure and operational internal network. Recently introduced InnerSpace is an enterprise class management solution for a globally distributed network with multiple sites and dispersed infrastructure. Innerspace helps administrators to optimize the performance of their existing applications and security infrastructure and to minimize any breakdowns or failures to their compliance policy or operational status. InnerSpace is a 3 tier product with a central management server, remote Sentries that are deployed to local networks and two interfaces; one for overall management and control and the other (Console Interface) for local administrators to view or edit inspections and configurations. It provides full management capabilities and includes a complete audit trail of actions carried out by local networks to the central management server . INspection is Promisec’s audit only product that provides both a database of black list items to search for and a white list baseline that can be compared against and a user defined customization module to include specific items that need to be audited for. Promisec INspection offers the fastest endpoint and server audit with virtually no impact on network resources and with no agent installed on the machines inspected, hence it can be run any time even during production hours. Awards annual France-Israel Chamber of Commerce Award, the CRN Test Center Recommended award, 2008 Outstanding Award winner for ‘World’s Best Security Product, one of Red Herring's 15 security companies to watch. Company Name: RADWARE Mission Representative: Avi Chesla, VP Security Telephone +972-3-766-8666 (Israel) +1 (201) 512-9771 (USA) Email: AviCh@Radware.com URL www.radware.com Business Description Radware is a global leader in integrated application delivery and application security solutions for business-smart networking, assures the complete availability, performance, and security of businesscritical applications for enterprises and carriers worldwide. Products & Technology DefensePro is an in-line intrusion prevention, DoS protection and traffic-shaping solution, designed for enterprise core and perimeter deployment, data centers, university campuses and carrier backbones. It integrates multiple layers of defense, including: Signature-based protection Server-cracking protection DoS/DDoS floods mitigation Encrypted SSL attack protection Access control Bandwidth management and traffic shaping DefensePro is the industry’s first solution providing unparalleled security by fully integrating adaptive, behavior-based protection capabilities in both network and application levels. It immediately identifies and mitigates a wide range of threats (including zero-day attacks) by employing adaptive behavioral analysis – all without human intervention. DefensePro provides zero day protections against: Zero day worm propagation and pre-attack probes (scanning activities) Zero day server cracking attempts such as Brute force, dictionary attacks and application vulnerabilities scanning Zero day DoS/DDOS flood attacks Awards Info Security Products Guide - Finalist, 2008 Global Product Excellence Award for both the Intrusion Prevention and Application Security Solution categories Innovation Award by PC Professional - Finalist, 2006 Innovation of the Year Award, Network Technology Category SP Magazine - Winner, 2006 Channel Best Value Award Info Security Products Guide - Winner, Tomorrow's Technology Today Award (2005) NSS Approved for Group IPS test 2005 Tolly Group Reports on IPS and DoS capabilities - Testing reveals DefensePro Robust Platform Common Criteria Evaluation & Validation Scheme - Radware has achieved Common Criteria validation at the prestigious EAL 3 level of assurance. Company Name: SAFEND Mission Representative: Dave Trasher -Northeast Regional Sales Director Jay Smilyk Telephone (508) 740-8202 (USA) Email: dave.trasher@safend.com URL: www.safend.com Business Description Safend’s best of breed endpoint security solutions enable organizations to securely enjoy the advantages of mobile computing. Safend's advanced solutions deliver granular visibility and control over the organization’s endpoints – exposing existing and potential threats, and enabling precision prevention and remedy to ensure comprehensive internal data security. Committed to delivering maximum security with the greatest simplicity and minimum Total Cost of Ownership, Safend delivers highly-robust, ultra-secure solutions that are intuitive to manage and virtually impossible to circumvent. Products & Technology Based on patent-pending Digital Membrane technology, Safend's security solutions deliver complete visibility and granular control over all enterprise endpoints. Safend's robust, ultra-secure solutions are intuitive to manage, almost impossible to circumvent, and guarantee connectivity and productivity, without sacrificing security. Safend Auditor is a lightweight, intuitive, clientless software utility that illuminates enterprise endpoint blind spots – providing organizations with the visibility they need to identify and effectively manage endpoint vulnerabilities. Safend Protector is the industry's most comprehensive, secure and easy-to-use endpoint information leakage prevention solution - controlling every endpoint and every device, over every interface. Safend Protector monitors real-time traffic and applies customized, highly-granular security policies over all physical, wireless and storage interfaces Awards Red Herring most promising Software start-up in Israel for 2007 Award Info Security Products Guide 2006 - Tomorrow’s Technology Today Award Company Name: SENTRIGO Mission Representative: Craig Clark, Director of Sales, NA Telephone +972.97944700 (Israel) Email: craigc@sentrigo.com URL www.sentrigo.com Business Description Sentrigo is an innovator in security software, providing a solution for protecting databases in real time in order to prevent both internal and external data breaches, while reducing the cost of regulatory compliance. The company was founded in late 2006 and received funding from Benchmark Capital. Its management team comprises seasoned executives and technologists in security, database and enterprise software, and it currently employs 30 employees in Israel and the US. Products & Technology Sentrigo’s flagship product, Hedgehog, is a host-based software solution for database security. It monitors all database activity in real-time, issues alerts and if necessary, can terminate user sessions to prevent breaches as they happen. Unlike other host-based solutions, it does not use transaction logs or DBMS audit capabilities, and has minimal impact on database performance. Hedgehog is targeted at any sector where valuable or sensitive data is stored, including regulated industries such as financial services, telecom, healthcare, government and publicly listed companies. The product is currently available for Oracle on multiple platforms and is being used by customers including universities, governmental organizations, financial institutions and cellular operators. Awards Sentrigo a finalist nominee for the Rookie Security Company of the Year in SC Magazine’s 2008 Excellence Awards Sentrigo named among 10 “IT Security Companies to Watch” by Network World for 2007 American Venture Magazine named Sentrigo one of “Most Promising Start-ups for 2008” Company Name: SKYBOX SECURITY, INC. Mission Representative: Bob Usher, Sr. Security consultant Telephone +972.9.9545922 (Israel) Email: bob.usher@skyboxsecurity.com URL www.skyboxsecurity.com Business Description Skybox Security helps the largest corporations in the world protect their brand and reputation by increasing the efficiency of their existing security investments while reducing resource dependency. Products & Technology Skybox View is a next-generation Security Risk Management and advanced Network Modelling solution. Skybox offers two product lines based on the Skybox View® platform: Skybox Secure™ and Skybox Assure™. Skybox Secure Products: • Threat Alert Manager™ (TAM) Skybox Assure Products: • Network Compliance Auditor™ (end ‘07) • Risk Exposure Analyzer™ (REA) • Security Profile Advisor™(SPA) • Firewall Compliance Auditor™ • Change Assurance Manager™ Skybox Secure can underpin security related decisions and provide precise business analytics to make better security related decisions, faster, with less resource overhead than has been previously possible. Skybox Secure significantly improves the proactive identification and elimination of critical exposures introduced by weak configurations of security controls and vulnerabilities. Skybox Assure provides regular, comprehensive firewall audits and network policy audits across all network devices. Skybox Assure allows collection of firewall configuration data and rules, compares to best practice policy, highlights incompliance conditions, enables correction of out-of-compliance conditions, and identifies obsolete rules for remediation. Skybox Assure comprehensively assists in the transition of the current firewall change process: all proposed changes can be validated in the model prior to going live to assess access and ensure policies and best practices have not been breached. This provides a critical control in preventing key business services being denied by inadvertent changes or mistakes being made during this process. Awards Info Security 2007- Info Security Hot Companies 2007 SC Magazine 2007 – Finalist Best Security Solution for Financial Services Network World 2006 - 2006 Enterprise All-Star Award Red Herring - 100 Private Technology Firms in North America Info Security 2006 - Info Security Hot Companies 2006 Information Security Magazine 2006 - Product of the year SC Magazine Awards 2006 Winner - The Best Security Solution for Financial Services Company Name: TUFIN Mission Representative: Steve Moscarelli - VP Sales Americas Telephone 1-781-820-9814 (USA) Email: stevem@tufin.com URL www.tufin.com Business Description Tufin Technologies is a leading provider of Firewall Operations Management solutions that enable large organizations to enhance security, reduce service interruptions and automate repetitive, manual tasks. SecureTrack™, Tufin's flagship product, helps firewall operations teams to control and manage policy changes, analyze risks, and ensure business continuity. With SecureTrack™, managers easily understand the big picture and align operations with corporate security standards that match compliance requirements. Founded in 2003 by specialized firewall experts, Tufin understands the requirements of security operations teams. Tufin serves some of the largest companies worldwide. SecureTrack displays a clear advantage in terms of functionality and ease of use. Tufin’s product quality standards are backed by the company’s commitment to providing immediate, effective customer service. With an exceptionally strong record of customer satisfaction. Tufin works closely with customers to understand obstacles, and to develop and implement solutions that address specific requirements. Products & Technology Tufin SecureTrack is the leading Firewall Operations Management solution. SecureTrack enables organizations to enhance security, reduce service interruptions and automate day-to-day tasks through powerful firewall management capabilities and reporting. SecureTrack features: Change Management: Monitors firewall policy changes, reports them in real-time and maintains a comprehensive, accurate audit trail for full accountability. Security Policy Optimization and Cleanup: Analysis and clean-up of complex rule bases and objects to eliminate potential security breaches and improve performance. Risk Analysis and Business Continuity: Powerful simulation and risk analysis to identify potential security risks, ensure compliance with organizational security standards, and prevent service interruptions. Firewall OS Monitoring: Comprehensive monitoring of critical firewall operating system components and server performance indicators to prevent service interruptions and enable effective auditing. Cross-Platform Visual Monitoring: Intuitive, graphical views of firewall policies, rule bases and configuration changes for Check Point, Cisco and Juniper firewalls. Auditing and Regulatory Compliance: Thorough auditing of firewall policy changes by an objective third party supports industry regulations including PCI-DSS, SOX, HIPAA, ISO 17799 and Basel II.