What will this tool help me decide?
If You Have Enough Security
SecurityNOW! Professional allows you to perform an objective assessment of your security and risk management profile using verified and validated data. SecurityNOW! has the Institute for Security and Open Methodology (ISECOM) seal of approval, guaranteeing that your self-assessment can be combined with professional audit results. It was also created leveraging the Open Source Security Testing Methodology (OSSTMM). Using the software, you will be able integrate the report with a security audit and directly enter verified audit results. You will also be able to generate a Risk Assessment Value that quantifies your risk management using a standardized, consistent framework.
SecurityNOW! goes beyond evaluating your current security situation, to actually generating a plan to improve your security. The business case provides results in a digestible format for senior management (with backing for every assumption). It also details your current security and risk profile, and the financial implications of existing security policies. It forecasts the financial implication of new security initiatives and provides the IT detail related to each financial result. The case integrates with the Open Source Security Testing Methodology to provide a consistent framework for comparison and review at different points in time. Finally, it expresses the results in a standardized financial manner, using Return on Security Investment (ROSI), Net Present Value (NPV), and Payback Period.
SecurityNOW! also helps you calculate the Return On Security Investment (ROSI) for initiatives including:
- Traffic Restriction - firewalls, reverse firewalls, packet filters, Layer 7 firewalls, Web proxy servers, and reverse proxy servers
- Tracking, Logging, and Alarm - antivirus, SPAM filtering, log analyzers, network intrusion monitoring and prevention, and Web traffic monitors
- Identification - authentication, network address translation, port address translation, passwords, and security policies
- Encryption - PKI, PGP, SSL, and data encryption
- Operations - high availability, load balancing, server backup, network operations management, security operations management, and UPS