Information risks in the enterprise
by Mirko Zorz - Editor in Chief - Friday, 1 February 2013.
The problem surrounding the lack of experts in the industry is being tackled in the UK with funding from central government in order to help create the next generation of security specialists. This has started with the first eight universities being awarded the “Centre of Excellence in Cyber Security” status and the funding that it brings. There has also been a closer tie between government and industry in order to identify security weakness areas that we can develop together. This is something that I am proud to say that Titania is deeply involved in and have found very worthwhile.

Titania Labs released a variety of free tools. Which ones do you find security professionals using the most?

We provide a number of different free tools on our site, mostly with a security theme. They are typically used to help an auditor quickly identify useful information during an audit. SSLScan is probably the most popular of these tools. It queries SSL services, such as encrypted web services, and provides details of what cryptographic ciphers are supported by the service. It is useful for highlighting where weak cryptographic ciphers are used.

What are your flagship products and who are your clients?

Our flagship product is Nipper Studio which produces a variety of expert level reports on network infrastructure devices such as Firewalls, Switches and Routers. Nipper Studio has recently won a variety of awards, and gained glowing independent reviews. This is largely because it is easy to use and yet provides a detailed report similar to that custom written by an auditor. The level of assessment Nipper Studio provides is normally only achievable via costly external audits and is vastly greater than results that can be found by scanning based solutions.

The software highlights potential vulnerabilities with specific findings, how they impact the systems security and how easy they would be for an attacker to exploit. Nipper Studio also produces detailed mitigation recommendations with device specific commands. Essentially it allows companies to reduce risk while saving time and money.

Extensive customizable settings and the support for over 100 different network device types means that Nipper Studio is flexible enough to adapt to organizations individual networks and security priorities. Change tracking functionality, compliance & the ability to integrate Nipper Studio into other tools can aid with continuous monitoring and because Nipper Studio is non-intrusive, it is perfect for secure environments.

We provide Nipper Studio to organizations of ranging sizes and is currently used in over 40 countries worldwide. Our customers are not only serious about compliance but also about security. They include some of the world’s largest banks, IT auditors, telecommunications & critical national infrastructure organizations. Our licensing is fully scalable from our starter pack which covers up to 25 devices right through to global licence arrangements.

Our largest customer base can be found in the government and defence industries including the US Department of Defence, US Treasury, Department of Energy, Homeland Security & FBI but we are also used by device manufacturers such as Cisco and Crossbeam and leading online retailers.

What challenges do you face in the marketplace? What do you see as your advantages?

The cyber security marketplace is a dynamic and exciting one to be trading in. Hackers are constantly evolving new tools and actively share exploits and vulnerabilities. Developers of solutions must follow suit or find their solutions rendered useless. As an SME we interact directly with our customers and can respond quickly to the changing marketplace in a way that a larger organization would find difficult. Our dedicated team of developers are constantly advancing the functionality of our tools and are creating new products to meet the demand for focussed cyber security toolkits.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th