Sophos, Shavlik, nCircle, Counterpane Roll Out Security Wares

Large-scale firms like Symantec, McAfee, and Microsoft may have stolen the thunder at the RSA Conference's opening day, but Tuesday's round two went to several well-known, if smaller, firms that touted new security software and services.

U.K-based Sophos, for instance, launched enterprise gateway, server, and client products that now include its new Genotype detection, a forensics-style technology that the company said identifies suspicious patterns and traits that give away a virus family or a spam campaign.

The new software -- Sophos Anti-Virus 5.0 at the client, PureMessage at the e-mail gateway and message server -- also boast additional enhancements, including a new admin console for the former and a new reporting engine for the latter.

"As threats increase in volume, maliciousness, complexity, and speed, the quality of protection is now defined by early detection," said Chris Kraft, the company's senior security analyst, in a statement. "In both our labs and in real-world testing, [Genotype] has improved on predictive detection, ensuring that threats are harmless even before they're created."

Most other enterprise-grade anti-spam and anti-virus defenses have integrated similar technologies that look at data behavior to identify threats-in-the-making, rather than rely solely on static definitions.The new Sophos products will debut starting at the end of the month, said Sophos.

Counterpane Internet Security, meanwhile, used the San Francisco security conference to announce that it has shipped Enterprise Protection Suite 2.0, a hosted security package that includes defenses against denial-of-service (DoS) attacks.

The suite now filters out malignant packets from inbound Web traffic to public-facing sites, and removes excess overhead to give a side effect of faster overall performance the customer's Web site.

And patch and vulnerability management vendors nCircle and Shavlik both rolled out new editions of their flagship software at RSA on Tuesday.

San Francisco-based nCircle released version 6.4 of its IP360 Vulnerability Management System, which profiles IP-based devices to uncover the OSes, services, and applications on the network to help users spot vulnerabilities before they're exploited. The new edition adds additional ways to deploy vulnerability signature and software updates -- such as Microsoft's monthly patch list -- to remote sub-networks, and now integrates with nCircle's IDS nTellect, software that correlates nCircle's alerts with those generated by Cisco's intrusion detection/prevention system alerts. The goal, said nCircle, is to reduce false alerts.Also at the conference, St. Paul, Minn.-based Shavlik Technologies demonstrated the upcoming HFNetChkPro 5, the next version of its patch manager which is scheduled to release before the end of March. Boasting more than 50 improvements, the manager allows users and administrators to decide when to reboot systems after patching -- after logging off at the end of the day, for instance -- and now includes a distribution server so client systems can pull patches, rather than wait for HFNetChkPro to push the fixes.

The new software will come in four versions, from a basic edition suitable for firms with fewer than 500 machines to Plus, which adds advanced deployment and reporting tools to the mix.