Devoted to hardware, software, IT issues, and information technology management

InfoWorld magazine recently selected the Fortify Software Source Code Analysis suite as the "Best Security Analysis Tool" in the magazine's "Technology of the Year 2006" issue. With so many security breaches, viruses, spyware prevalent out in the wild, it's time companies choose the correct security tools to beef up with IT defences.

When I was entrusted to evaluate security tools for large organisations in Asia, cost was a main concern, particularly for Small and Medium Businesses. It did not matter that the security tools were lacking in certain features like good management reports or GUI interface, the bottomline was that it had to be cheap and dependable. That really gave me headaches and I had a hard time justifying expensive Windows based Security Software expenditures to the upper management. Luckily, I deal mostly with Linux / Unix nowadays and there's hardly any virus or spyware attacks but some people says that's not fun.

Just recently, Windows systems also suffered a "Zero Day" exploit breakout called the Windows Metafile vulnerability. That used to be only theory but now , its prevalent in the wild. Maybe someday, companies will rush to migrate their systems to Unix / Linux based ones just to get rid of exploits, spyware, viruses or a need to update patches every week.

If you are an IT manager or System Administrator, just be mindful that there are basically five classes of vulnerabilities for any IT system :

1. Software defects
2. Unsecured accounts
3. Unnecessary services
4. Mis-configurations
5. Software backdoors

Tech firm wins security award source
http://tech.monstersandcritics.com/news/article_1073210.php/Tech_firm_wins_security_award

A list of Unix Security Tools ( open source )
http://www.alw.nih.gov/Security/prog-full.html

A list of Windows based Security Tools
http://dmoz.org/Computers/Software/Shareware/Windows/Security/