Articles

Apache Hadoop vs. MongoDB: Which Is More Secure?


Either you’re reading this because the question has been puzzling you secretly, or you’ve arrived to protest this admittedly incongruous comparison. Fortunately, both sides of the fence are covered here.

In this article we’ll compare and contrast their features and benefits, but not before clearing up some popular misconceptions about the two big data platforms. We’ll then delve into each respective platforms’ attack surfaces/vulnerabilities and evaluate them from a security angle.

Read More

Bit9 + Carbon Black vs. Symantec Endpoint Protection: How Do They Compare?

The information security (infosec) space is for the most part divided into two camps:  established players using a combination of old/new tactics for combating cybercrime, and market entrants attempting to rethink security from the ground up. Attack methods are increasingly sophisticated and require novel approaches for detection and remediationsince very little is understood about the next generation of threats, opportunities abound for both incumbent leaders and upstarts alike. And with targeted attacks and advanced persistent threats (APT) on the rise, newer players with innovative approaches to security are seeing ample opportunities for supplanting longstanding market leaders and their aging security products.

Read More

Splunk vs. Sumo Logic: Which Is Better For Big Data Log Analysis?

Splunk and Sumo logic are two competing big-data analytics, machine data, and log management solutions designed mainly for IT operations and security use cases. Albeit fierce competitors on many fronts, the two also take different approaches to the problem space and cater to slightly different markets. Splunk is more enterprise-focused and geared towards on-premise solutions, whereas Sumo Logic is the plucky innovative startup offering a cloud-based offering at lower price points. Let’s look at them in more detail.

Read More

Tripwire Enterprise vs. OSSEC: Fee or Free, Which Is Better?

How good can free be? Or perhaps a more fitting question is whether free can be good enough for securing one’s enterprise against current and future threats. To answer this, we’ll be comparing the popular open source host-based intrusion detection system (HIDS) OSSEC with commercial offering Tripwire Enterprise to find out if that pretty penny spent can indeed lead to a stronger security posture.

Read More

Tripwire Enterprise vs. Tanium: Which Is Better For Your Organization?

As information security (infosec) models continue to evolve in response to the expanding threat landscape, new generations of tools are emerging that take different approaches to securing IT infrastructures. The question for legacy security vendors is how well their respective solutions will hold up in the face of today and tomorrow’s threats, and whether emerging models will supplant long-standing approaches to security. Many existing solutions were created before the advent of the cloud, and though effective for yearshold diminishing value as new attack methods like polymorphic malware and advanced persistent threats (APT) become increasingly commonplace.

This dire need for innovation in the security space is giving upstarts like Tanium ample traction, even as stalwarts like Tripwire augment and retrofit their solutions to address a new era of threats.

Read More

7 Configuration Management (CM) Tools You Need to Know About

In a few short years DevOps has gone from a fringe movement to a must-have for any IT leader. There's a lot of buzz around it, but there's alot of practical knowledge in there as well. Provisioning environments, deploying applications, maintaining infrastructures--these are all critical yet delicate tasks traditionally done by hand. What if we could get a machine to do all that stuff for us, not just saving hours of work but also removing the element of human error?

Read More

Tripwire Open Source vs. OSSEC : Which Is Right For You?

The following is a comparison of two leading open-source host-based intrusion detection systems (HIDS): Open Source Tripwire and OSSEC. Both are competent HIDS offerings with distinct benefits and drawbacks that warrant further analysis.

Read More

SCCM vs. Chef : How Do They Stack Up Against Each Other?

The following is a tale of two heavyweights in the CM arena: Microsoft’s Systems Center Configuration Manager (SCCM) and Chef. But even a big fish like Chef is still a minnow compared to the whale that is SCCM, which runs on about two-thirds of enterprise organizations. This is largely due to the fact that as a Microsoft product,  SCCM rides on the dominance of Windows desktop and server. It’s nevertheless a truly useful product, though it may be overkill– and also horribly expensive– for smaller organizations. This is where open source solutions like Chef come in, offering a pay-per-node pricing structure that is much more cost effective than SCCM. Let’s dive into the details.

Read More

Top Free Network-Based Intrusion Detection Systems (IDS) for the Enterprise

Due to the sophistication of today’s data breaches and intrusions, implementing and maintaining network security more often requires a multi-tiered approach; companies securing their networks often use a combination of technologies to combat the myriad of cyber attack, intrusion, and compromise methods available to cyber criminals today. Though a variety of tools and methodologies exists, the two common elements to all secure enterprise network configurations are the firewall and the intrusion detection/prevention system (IDS/IDPS). Firewalls control incoming and outgoing traffic based on rules and policies, and act as a barrier between secure and untrusted networks. Inside the secure network, an IDS/IDPS detects suspicious activities to/from hosts and within the traffic itself, and can take proactive measures to log and block attacks.

Read More

Open Source Chef vs. Hosted Chef vs. On Premises (Private) Chef: Which Do You Need?

Chef is one of the most widely-used CM tools today, arguably playing second fiddle to the mighty Puppet. The tool is written in Ruby and Erlang, uses a pure-Ruby DSL in the Knife CLI, and includes a nice GUI for easy management. Developers and DevOps types will prefer using Chef, much more so than sysadmins.

Read More

About Us

We make a no-nonsense platform for managing complex environments. You can try it for free because we like you.

Subscribe to ScriptRock's Articles Blog