Security-Risk Assessment And Management

Winner:

FireEye Mandiant Security Validation

With the Security Validation offering from FireEye’s Mandiant unit, the effectiveness of a customer’s security programs can be accurately measured on a daily basis—revealing a true picture of the customer’s security management technology. The Security Validation offering uses security instrumentation technology combined with threat intelligence and incident response data from the front lines. The result is that security teams are enabled to safely emulate real-world cyberattacks, delivering visibility into the performance of their security tools in protecting against a variety of attack behaviors. Customers can thus determine which improvements to invest in first on their cyberdefenses, as well as how to effectively—and quantifiably—communicate about their security risk.

Finalists:

AttackIQ Security Optimization Platform

The AttackIQ Security Optimization Platform offers continuous security control validation and enables security leaders to move to a strategic security program that delivers improved effectiveness and efficiency. The platform also enables risk and security practitioners to continuously assess and improve critical security controls within their production environment.

BitSight Attack Surface Analytics

BitSight Attack Surface Analytics enables organizations to continuously discover the assets, applications and devices that make up their digital footprint; assess current risk exposure; and take action to reduce risk. The solution ultimately provides a comprehensive view of an organization’s assets and risk.

CyberGRX Control Framework Mapping

CyberGRX Control Framework Mapping offers a vendor risk module that can take standard inputs and then deliver custom results. The platform enables mapping of organizations’ customized controls or standard framework to a CyberGRX vendor risk assessment—delivering a comprehensive view of vendor risk.

McAfee Total Protection For Data Loss Prevention

Key capabilities in McAfee’s Total Protection For Data Loss Prevention offering include device-to-cloud DLP, allowing admins to rapidly connect and synchronize on-premises DLP and cloud DLP policies; capture technology that aids forensic analysis of data loss events and provides visibility into how data is being used; and flexible end-user classification, which alleviates administrative burden and increases end-user data protection awareness.

SecurityScorecard Atlas

SecurityScorecard Atlas is a centralized platform that leverages machine learning to automate the cybersecurity questionnaire exchange process for senders and receivers, making it faster and more accurate. Atlas instantly maps cybersecurity ratings data to individual responses, providing a 360-degree view of risk.