Tufin Technologies - News & Events

April 18, 2010 One in six teens hack -- and rarely get caught
Security vendor Tufin Technologies has announced survey results that reveal the hacking habits of 1000 New York City teenagers. Exactly half (50%) of US kids sampled revealed they’d had their Facebook or email account hacked, which may explain why 75% feel hacking is wrong and 70% think it should be considered a criminal offense.
April 16, 2010 1 in 6 city teens: E-snooping? Hack, yeah!
"It is very interesting for us to learn more about what our kids are doing," said Reuven Harrison, chief technology officer for Tufin Technologies, a computer-security firm that surveyed 1,000 city teens. "I don’t think parents are aware of how computer savvy their kids are."
April 14, 2010 Do teens hack? Survey says 1 in 6 do
Do U.S teens hack more than U.K teens? What’s the most valuable hacking target from a teen’s perspective? Do girls hack more than boys? What drives them to engage in such activities from a psychological perspective? Here are the details from Tufin’s survey:
April 14, 2010 One in Six New York City Teens Have Tried Hacking, Brian Prince
But a survey of teenagers in New York City by Tufin Technologies indicates that hacking is far from dead among young people. Roughly 39 percent of the New York City teens said they think hacking is "cool", and about 16 percent admitted to trying it. Seven percent reported they hacked for money, and 6 percent said they viewed it as a viable career.
April 14, 2010 One Sixth of NYC Teenagers Have Tried Hacking
"Whether they target a company’s intellectual property, a person’s bank account or their Facebook page, our job as IT security professionals is to stop hackers in their tracks," says Tufin CEO Ruvi Kitov. "We need to ingrain in our children that no matter how harmless your intent, to gain unauthorized access into another person or company’s online assets is both wrong and illegal. This is important not just to combat hacking in the future, but also to educate children about online safety and increase their awareness of common threats."
April 14, 2010 It’s 10 p.m. Do You Know What Your Kids Are Hacking?
Half of New York’s teens have fallen victim to hackers, a survey says. Out of 1,000 kids questioned by Tufin Technologies, 500 of them claimed to have had the passwords of their Facebook or email accounts cracked but, unlike their British counterparts in a similar survey last month, 75% of the respondents thought that it was morally wrong. Seven in 10 even went as far to say that it should be a criminal offense
March 30, 2010 Perimeter security: leveraging innovation to expedite convergence
While physical and IT security convergence has been more of a subtle shift than many experts predicted, high performing security groups understand that today’s business environment requires an integrated approach to managing security.
March 20, 2010 Most Brit teens hack 'for fun'!
A new survey has found that one-fourth of British teens try to access their pals’ Facebook accounts.
March 19, 2010 One In Four Children Have Tried Hacking, Study Says
Getting into friends’ Facebook accounts is first on the list, survey reports. One in four children has attempted hacking into friends’ Facebook accounts using their targets’ passwords, according to a study released yesterday. According to the study, conducted by security company Tufin Technologies in conjunction with the U.K.’s Cumbria Constabulary, 18 percent of respondents said they had tried to access a friend’s email. Six percent admitted trying to access their parents’ email accounts.
March 18, 2010 Hacking 'fun' for British teens
E-mail accounts and websites were also targeted by young hackers. One in four young Britons attempts to access the Facebook accounts of their friends, a survey claims. The most common route of access was by working out - or "cracking" - each other’s passwords. The poll of 1,150 under-19s found that nearly half of those who accessed other accounts did so from either their own computer or one at school.
March 18, 2010 Quarter of UK kids have tried hacking, survey finds
"One of the most worrying statistics from this survey is the staggering numbers of kids that are successful and the ages involved," said Reuven Harrison, co-founder of Tufin Technologies. "Hacking has changed a lot in the past few years from the curiosity or fun factor to now making serious money or causing havoc in the corporate environment."
March 11, 2010 Firewall Management Today and Tomorrow
Firewall vendors currently fall short in terms of firewall management functionality and the upcoming trends in firewall management. What features are real game changers when it comes to firewall management, and how far along is the market in the development cycle?
February 12, 2010 How to Optimize your Firewalls for Maximum Performance
Are your firewalls overloaded? Symptoms of overloaded firewalls include high CPU, low throughput and slow applications. Before upgrading your hardware, it is worth checking whether or not your firewall configuration can be optimized. Here, Knowledge Center contributor Reuven Harrison gives firewall administrators some best practices for optimizing firewalls for maximum performance and throughput.
February 12, 2010 Security: Moving Beyond Firewall Configuration Management
For over 20 years, the firewall has been the cornerstone of TCP/IP (Internet) security. In fact, the firewall has crossed-over from the geek to the chic as it has appeared or starred in print, television, and movies. While the battle between hackers and security vendors rages on, firewalls have become more sophisticated and complicated to operate and manage. Further adding to the complexity is the increasing trend to build firewalls into routers, switches, unified chassis, and more.
February 11, 2010 Technologies come and go, but managing networks is still about problem-solving
Technologies come and go, but managing networks is still about problem-solving in a changing world, as these IT executives can attest. The main problem that faced Colin Miles, IT manager at entertainment and communications company Virgin Media last year in the United Kingdom, was that business mergers had burdened the organization with "multiple sets of firewalls" and "some were managed well, and some not managed at all," he notes. Among the 100 pairs of firewalls that found a home at Virgin Media, just less than 70% were Check Point, with the remainder mostly Cisco PIX, which were being migrated over to Cisco Adaptive Security Appliance (ASA) since PIX was headed to its official end of life.
February 1, 2010 Top 10 reasons the firewall guys hair is on fire
Firewalls are a mature technology, right? Most companies have at least one, if not several. And since an established knowledge base exists to tap for issues and Payment Card Industry’s Data Security Standards (PCI DSS) are pretty clear-cut, firewall management shouldn’t be much of an issue, right? No one is going to suffer the brunt of managing the significant infrastructure change these regulations are bound to bring more than the security operations team, correct?
January 26, 2010 Tufin Rolls Out New Version of Firewall Management Tool
TSS 5.1 features the Tufin Security Score, a risk scoring engine that provides visibility into the security and compliance posture of firewalls, enhanced workflow automation, and updated PCI-DSS reporting
January 21, 2010 Tufin announces version 5.1 of Tufin Security Suite
Israeli-based Tufin Technologies, which makes Security Lifecycle Management solutions, has announced version 5.1 of its award-winning Tufin Security Suite (TSS). TSS is the combined offering of Tufin’s flagship firewall operations product, SecureTrack, and SecureChange Workflow, its innovative change management solution. Version 5.1 features the Tufin Security Score, a risk scoring engine that provides all stakeholders with instant visibility into the security and compliance posture of their firewalls, enhanced workflow automation, and updated PCI-DSS reporting.
January 19, 2010 Tufin upgrades security suite
Tufin Technologies, the leading provider of Security Lifecycle Management solutions, today announced version 5.1 of its award-winning Tufin Security Suite (TSS). TSS is the combined offering of Tufin’s flagship firewall operations product, SecureTrack, and SecureChange Workflow, its innovative change management solution. Version 5.1 features the Tufin Security Score, a risk scoring engine that provides all stakeholders with instant visibility into the security and compliance posture of their firewalls, enhanced workflow automation, and updated PCI-DSS reporting.
December 2, 2009 Partner match-making requires commitment and loyalty
Calum Macleod asks how you find the ideal partner when resellers and vendors alike are so easily swayed by superficial look. Wse’ve all heard often enough that quality is more important than quantity, and I think this applies in the IT security business. Almost daily, new vendors appear with a supposed panacea for all ills, or an existing vendor suddenly creates a product that is actually useful - which makes you wonder about all their other products.
December 2, 2009 ’Tis the Season for Hacking
This is the time of year when thoughts turn to staying home with the family, so IT organizations go with skeletal crews as employees take time off. But while the IT staff is at home getting some well-deserved rest and relaxation, this could be the prime time for hacking. At least that’s what a survey by Tufin Technologies predicted last August when the company surveyed 79 hackers during the Defcon 17 event in Las Vegas. Eighty-one percent of them viewed the holiday season as an ideal time to hack corporate systems. After all, the hacker is probably at home, too, enjoying the holiday. So why not engage in his favorite pastime?
November 30, 2009 Firewalls Need to Be Managed in Context of an Overall ROI Framework
Firewalls have come a long way in the past 20 years, driven in part by the rising uptake of IP communications, itself driven by the IT phenomenon that is the Internet. When the first firewalls were introduced in the late 1980s, few people foresaw that rule sets would become so large and complex, often containing hundreds of rules.
November 26, 2009 Lost Phones And Good Samaritans
It happens in a moment - playing with my mobile before going into a meeting. I put it down for a moment and suddenly my host is standing in front of me. Two hours later I’m desperately searching for my phone. Rush back to reception but it’s not there. Here I am in Dubai and my phone is gone.
November 25, 2009 Online Security Tips for Black Friday, Cyber Monday
While the holidays may be a busy time of year for consumers and retailers, it is also a busy time for attackers. According to Consumer Reports, cyber-criminals have stolen about $8 billion from consumers in the past two years. In a survey by Tufin Technologies released at the Defcon conference held July 30 to Aug. 2 in Las Vegas, 81 percent of the hackers surveyed said they were "far more active" during the winter holidays than during the summer.
November 23, 2009 Tufin Releases New Plug-ins to Extend Lifecycle Management Solution’s Reach
Tufin Technologies, a provider of security lifecycle management products, announced that it has released a new set of plug-ins to extend the reach of its "lifecycle Management" solution to a wider range of network devices. The new plug-ins are designed to help the company’s customers to integrate security management into their operations processes.
November 17, 2009 Tufin Expands from Security into Network Management
Firewall management firm Tufin Technologies recently announced that it plans on expanding into the field of general network management through a clutch of 12 new plug-ins to expand its open extensible architecture.
November 13, 2009 Tufin Adds Network Device Support to Security Lifecycle Manager
Tufin leverages its open architecture to automate policy management across network and security devices. Tufin Technologies has released a set of 12 plug-ins, extending support of its solution set to a wider set of network devices. Showcasing the value and utility of Tufin’s open extensible architecture, the Tufin Open Platform (TOP), Tufin has released plug-ins for switches and routers from industry leaders including Cisco, Juniper, and HP.
November 10, 2009 Press Quote: Tufin extends security lifecycle management
Tufin has a nice vision for helping IT manage network access policies - coordinating rules between firewalls, routers, and switches for consistency and security. It is worth checking out, especially if your network has sensitive data (and what network doesn’t).
November 9, 2009 Products of the Week
Our round-up of intriguing new products from CA, McAfee, HP among others. Tufin has released a set of 12 plug-ins, extending support of its firewall management solution across an extensive set of network and security devices from Cisco, Juniper, HP, Dell and others.
November 6, 2009 Firewall Auditing Tools
Automated Tools Help Keep Up The Primary Defense Against Network Security Threats. The convoluted maze known as spaghetti code isn’t an affliction restricted to application programmers; network security admins have their own strain known as the firewall rulebase. Although firewalls have been a standard feature of enterprise network security for years, ever-changing and morphing threats mean that one’s database of firewall filtering rules continues to get more complex, convoluted, and incomprehensible.
November 5, 2009 Is security outsourcing up or down? Survey says: down
I am not Richard Dawson and this ain’t the Family Feud. But I don’t quite get the results as reported by Bill Brenner on CSO online and his podcast. According to Bill the economic downturn has led to companies spending less on outsourced security and doing more in house. This seems to be counter-intuitive and against all of the evidence I have seen. In fact most analysis I have seen says that the economic turmoil has led to a greater use of security outsourcing. Companies cannot afford the resources in house, full time and instead are saving costs outsourcing security.
October 29, 2009 Enterprise Security: Cheating on Your IT Security Audits
An audit isn’t worth much if the people doing it are cutting corners. Unfortunately, a survey by the folks at Tufin Technologies suggests many IT pros may be doing exactly that. The survey, which was conducted at the InfoSecurity Europe 2009 Conference in April, took opinions from 151 IT security pros. The aim was to determine companies’ approach to firewall auditing and management. What Tufin turned up was that 20 percent of the respondents admitted they or a colleague had cheated on an audit to get it passed.
October 16, 2009 Tufin Technologies Adds Salt River Project to Customer Roster
Tufin Technologies, a provider of security lifecycle management solutions, has added Salt River Project to their customer list. SRP will be gaining the capability to halve the time it spends on firewall operations by making use of Tufin’s SecureTrack for managing firewall changes and thereby cost-effectively and efficiently maintain highly available, redundant, secure access to the core systems fundamental to its success, company officials said.
October 15, 2009 Lingerie and IT
So we’re into a presentation and demo of automatic policy generation for firewalls and I’m thinking "I wish I was next door" but then I’m slowly being seduced by what I’m seeing. Maybe it’s an age thing but I found myself thinking less about the demos next door and started to be drawn into a description about how the firewall administrator was able in a few minutes to carry out forensics on their firewalls. Suddenly instead of spending weeks or months pouring over firewall logs to find out what was going on he was talking about how they could spot unknown mail servers in the organization, outbound access through non-standard ports, who was accessing which HTTPS and HTTP servers on the internet, and even access to non-corporate mail servers!
October 14, 2009 How to... get ready for the festive season
If your office is unattended during the Christmas break, make sure that your security is up to scratch. This includes IT security. At the Defcon conference for computer hackers, held this year in Las Vegas, a survey by Tufin Technologies, an IT security company, found that 89 per cent of hackers regarded Christmas as their most active period.
September 16, 2009 Firewall management today and tomorrow
What features are real game changers when it comes to firewall management, and how far along is the market in the development cycle? Firewall eulogies are premature. Firewalls have been at the cornerstone of network security for almost 20 years and will probably remain so until a paradigm shift occurs.
September 11, 2009 Top 5 best practices for firewall administrators
At the recent Defcon 17 conference in Las Vegas, Tufin Technologies conducted a survey among 79 hackers, asking about their hacking habits. According to the survey results, the hacking business is just coming off its summer break and gearing up for the busy Christmas holiday season, so you’d better get ready.
September 9, 2009 As summer ends, phishing season is on the horizon
Tufin Technologies, an Israel-based security company, found similar results in a survey of hackers attending last month’s DefCon conference in Las Vegas. Hackers, like the rest of us, apparently take it easy during the summer. "The survey reveals that the Christmas and New Year holidays are popular with hackers targeting western countries," said Tufin’s chief security architect, Michael Hamelin. "Hackers know this is when people relax and let their hair down, and many organizations run on a skeleton staff over the holiday period."
September 9, 2009 Technical certification for Tufin channel partners
Tufin Technologies, the award-winning provider of Security Lifecycle Management solutions, has announced strategic enhancements to its channel partner program to keep up and reflect the spike in demand from customers and partners alike. The launch of the Tufin Certified Security Expert (TCSE) world-wide training and certification program coupled with the introduction of a new two-tiered channel structure increase the ability of Tufin’s channel partners to capitalize on the lucrative market opportunity for Security Lifecycle Management solutions while positioning the company to maintain its growth and enable partners to more proactively and independently sell and support Tufin products.
September 9, 2009 Tufin Technologies Revamps Partner Program
Tripling profits over past three years, the Israeli firewall management company looks to expand its solution provider ranks and bolster incentives for top partners. Tufin Technologies beefed up its channel partner program this week with a three-pronged upgrade that it hopes will jumpstart indirect sales and benefit resellers and integrators that focus strongly on security.
September 9, 2009 Tufin Enhances Partner Program to Capitalize on Company Growth
Tufin Technologies, the award-winning provider of Security Lifecycle Management solutions, today announced strategic enhancements to its channel partner program to keep up and reflect the spike in demand from customers and partners alike. The launch of the Tufin Certified Security Expert (TCSE) world-wide training and certification program coupled with the introduction of a new two-tiered channel structure increase the ability of Tufin’s channel partners to capitalize on the lucrative market opportunity for Security Lifecycle Management solutions while positioning the company to maintain its growth and enable partners to more proactively and independently sell and support Tufin products.
September 8, 2009 Tufin resellers are moved to tiers
Firewall management vendor Tufin Technologies has moved to a tiered channel model and has created a new training programme. Resellers will now be classified as Gold and Silver, determining their level of incentives, sales enablement and technical training. The vendor has also launched the Tufin Certified Security Expert (TCSE) programme to help resellers support customers on the full breadth of its product range.
September 8, 2009 Tufin enhances partner program
Tufin Technologies announced strategic enhancements to its channel partner program to keep up and reflect the spike in demand from customers and partners alike. The launch of the Tufin Certified Security Expert (TCSE) world-wide training and certification program coupled with the introduction of a new two-tiered channel structure increase the ability of Tufin’s channel partners to capitalize on the lucrative market opportunity for Security Lifecycle Management solutions while positioning the company to maintain its growth and enable partners to more proactively and independently sell and support Tufin products.
September 8, 2009 Tufin Enhances Firewall Management Channel Program
Tufin Certified Security Expert (TCSE) training and certification program is coupled with the introduction of a new two-tiered channel structure.
September 2, 2009 Hacker Habits: When to be On Guard
Michael Hamelin, Tufin’s chief security architect, said in an interview, "this may be obvious, but poorly configured firewalls remain a significant risk for many organizations. It’s not the technology that’s at fault, but rather the configuration and change control processes that are neglected or missing altogether."
September 1, 2009 Data Security Podcast Episode 68
Ira talks with Michael Hamelin, Chief Security Architect, with Tufin Technologies, about the survey of hackers he crafted for DEFCON 2009. We cover: Hackers Take a Break This Summer Before Winter Hacking Spike, and importantly, counter-measures to get prepared.
Audust 26, 2009 Hacking, Like The Weather, Is Seasonal
Hackers, malicious and otherwise, are just people -- that’s easy to forget, but it also means their hacks are subject to human habits too. A recent survey by Tufin Technologies suggests that the summer and weekends are low hacking periods. A survey of the hackers attending this month’s DEFCON 17 conference turned up these rather interesting results: Only 25% of the hacker community is thought to be the malicious Black Hat type, according to the majority of the DEFCON 17 hackers themselves. And when these dodgy coders are doing their worst, most often their hacks happen in the Winter holidays. About 81% of the hackers say they’re more active during this period. 6% of hackers say Christmas is in fact the ideal time to tackle a corporate network, while 25% think New Year’s Eve is best.
Audust 26, 2009 Survey: Hackers on Vacation Before Q4 Saturation
Malware and spam rates may not be on the decline, but a survey of hackers attending the DEFCON 17 conference in Las Vegas earlier this month found that many members of the underground cyber-economy work less during Q3 before ramping up their efforts again during Q4 ahead of the holiday season.
August 25, 2009 DEFCON survey suggests hacker community on vacation
Companies and individuals are less likely to be targeted in late summer by spammers, phishers and malware pushers, according to the Tufin Technologies survey of 79 hackers attending DEFCON 17 in Las Vegas earlier this month. Tufin said 81% of those surveyed revealed they are far more active during the winter holidays.
August 25, 2009 Hackers Like Christmas Best of All
Most people may be busy with year-end gift buying and holiday parties at the end of December, but security professionals have an added obligation: keeping the hackers off their corporate networks. Most security pros know that spammers and online criminals like to launch their campaigns when they think nobody will be minding the store, and according to a survey of attendees at the DEFCON hacking conference earlier this month, Christmas is the best time of year for hackers to strike.
August 25, 2009 Hackers Tend to Take the Summers Off
Even hackers need to take a breather when the weather gets warm. According to the Hacker Habits survey by Ramat Gan, Israel-based security management company Tufin Technologies, 79 hackers attending the DEFCON 17 conference in Las Vegas said they are less likely to ply their "craft" in the summer months than they are during Christmas and New Years.
August 25, 2009 Message From Hackers: Enjoy The Summer Break Because Winter Attacks Will Be Harsh
Around 81 percent of hackers say they are more active around the winter holidays - 56 percent say Christmas is the ideal time for corporate hacking, and 25 percent say New Year’s Eve. Weekday nights are when they do most of their hacking, according to 52 percent of the respondents. More than 30 percent do so during business hours, and only 15 percent on weekends. More than 85 percent say they can hack into a corporate network via the firewall: One-fourth say they could accomplish that within minutes, and 14 percent within a few hours. Another 16 percent say they won’t bother hacking a firewall at all, even if they could get in that way.
August 25, 2009 Hackers rest over Summer Vacation, Chuck Miller
The summer season could end up with fewer cyberattacks because companies are less likely to be targeted now than other vacation periods, a new survey shows. In another area of concern, the survey found that Payment Card Industry Data Security Standard (PCI DSS) compliance is not necessarily a huge hacker deterrent. Some 70 percent said that PCI compliance makes no difference; 15 percent said that it actually made corporate hacking easier.
August 25, 2009 Really quite hacked off with the hackers
Encouraging news. A company called Tufin Technologies has revealed that computer hackers take the summer off - so you are unlikely to get your bank details nicked at the moment.
August 25, 2009 Ian Grant Hackers take summer breaks, and work mostly on weeknights
Hackers take summer breaks and reserve the winter holiday season for most of their exploits, but fewer than a quarter are motivated by money or malicious intent, according to a study of hacker behaviour. A survey of 79 hackers’ habits conducted by Tufin Technologies at last month’s DEFCON hacker convention in Las Vegas showed that 81% were more active during the winter holidays. Christmas was the best time to engage in corporate hacking for 56%, and 25% preferred New Year’s Eve.
August 25, 2009 Security laws have not made businesses safe, say hackers
Government attempts to improve information security through regulation have had no impact on the ability of hackers to break into corporate networks, according to 70% of self-identified hackers polled at the DEFCON conference in Las Vegas earlier this month.
August 25, 2009 Richard Steinnon, Can the clock aid attribution?
A survey reported by Tufin Technologies reminded me of a possible way to address the issues around attribution. Tufin surveyed a bunch (79) of "hackers" at DEFCON this year. They report that hackers take the summer months off and view major holidays as a good time to hack corporate networks. Of course, the population of hackers who attend DEFCON are not representative of the 16 and 18 year olds that still live with their parents and cause a lot of the havoc we witness. It is still an interesting survey because it highlights that amateur hacking is not a 9-5 job.
August 25, 2009 Alan Shimel, Now I know why hackers don’t need a union
I have always thought of hackers as not putting in the long hours and hard work that many of us do in our jobs and careers. Lets face it most hackers are looking for short cuts, holes and angles to accomplish their goals, whether that is getting rich or just putting another notch on their belt. Now a survey from Tufin Technologies confirms it. It seems most hackers take the summer off. The only other job I know of that gives you summers off is school teacher. According to the survey the Christmas/New Years holiday time is the busiest time of year for hackers. They don’t work very much on weekends, but do favor evenings over work days. Now I wonder if there is any health insurance plans that come with that hacker thing?
August 3, 2009 Compliance Pressures Fuel Adoption Of Firewall Auditing Tools - PCI, staffing cuts are driving organizations to rein in their firewall policies and change processes with automation tools
Misconfigured firewalls are more common than you’d think: With the massive number of firewall rules that accrue in a large network and the typically manual process, mistakes happen, and often.
July 20, 2009 McAfee expands SIA program; adds new compatible solutions
McAfee has announced that it has added 11 new partners across the United States and Europe to its McAfee Security Innovation Alliance (SIA) program. Its SIA is a technology partnering program that accelerates the development of inter-operable security products and simplifies the integration of those products within complex customer environments.
July 16, 2009 McAfee and Tufin team up on firewall management
Streamlining processes for speed and better compliance. Tufin is teaming up with McAfee to reduce the time and cost of running firewalls and make it easier for users to draw on data needed to meet regulatory audits.
July 15, 2009 McAfee teams with Tufin to streamline firewall management
McAfee alliance blends firewall with optimization and analysis tools. Tufin is teaming with McAfee to integrate their security products to reduce the time and cost of running firewalls and make it easier to draw on data needed to meet regulatory audits. With the agreement, Tufin Security Suite (TSS) will be integrated with McAfee Firewall Enterprise and the McAfee ePolicy Orchestrator (ePO), bringing management, optimization, change automation and auditing tools to McAfee’s products, the companies say.
July 2, 2009 Profile: Tufin Technologies. What they do for device management is insane, in a good way
SecureTrack centers on policy management and auditing. It does this by tracking changes to devices, without needing to open a console or other interface. Most companies are far from a single-vendor shop, so it’s no surprise to see Cisco sitting in the same rack as Check Point or Juniper. However, Tufin cares little for your vendor; it simply allows you to get a visual of what’s happening on what devices and, if there was a change, what it affected and who initiated it.
July 1, 2009 Tufin takes an operational view on firewall rules management
Tufin is one of the promising companies in the firewall rules management market. While security and managing compliance is of primary importance, Tufin also appreciates the operational cost savings benefits of controlling and automating firewall rules administration.
June 29, 2009 Q & A with Ruvi Kitov, CEO of Tufin Technologies
Topic: Security Lifecycle Management.
June 29, 2009 Gartner IT Security Summit: Tufin APG announced
The first vendor announcement worth thinking about is Tufin’s Automatic Policy Generation tool that is part of their complete firewall policy management solution. The problem that APG addresses is that of deploying a new firewall to a network segment that has gone unprotected in the past. Certainly universities and research institutes have lots of these! Many enterprises may also find that an audit or tightening security controls identifies the need for a new deployment. Perhaps in front of HR or between the core and the transaction processing systems. The question is: how does one determine the rule set for the new device?
June 26, 2009 Top 10 Reasons the Firewall Guy’s Hair is on Fire
Firewalls are a mature technology, right? Most companies have at least one, if not several. And since an established knowledge base exists to tap for issues and PCI DSS 1.1 and 1.2 are pretty clear cut, firewall management shouldn’t be much of an issue, right? No one is going to suffer the brunt of managing the significant infrastructure change these regulations are bound to bring more than the security operations team, correct? Well, not really. If your friendly neighborhood firewall guy (or gal) rolls into work late on a Monday morning sleep deprived and grouchy, cut him some slack. Here are some of the most common-yet-nerve-sizzling firewall snafus that have kept many an admin on a Friday-to-Sunday diet of fast food and Red Bull.
June 19, 2009 Market for Network Firewall Auditing Tools on the Upswing
Forrester Research expects the market for tools to help enterprises manage and audit their firewall policies to jump 25 percent this year due to the requirements of PCI-DSS. Third-party vendors are competing to take advantage of interest in the space by attempting to surpass the capabilities offered by companies such as Cisco and Juniper Networks.
June 18, 2009 20% of IT managers don’t emphasize IT security
IT managers survey has revealed that 20pc cheat in order to pass security audits. The survey "Reality Bytes" was conducted by Tufin Technologies among 151 IT security professionals. It discovered that 63% of them check their firewalls between 3 months to a year. 9% never check them at all. 51% of companies labeled their firewall rules as "a mess".
June 17, 2009 First Look: SecureTrack Firewall Operations Management from Tufin / Stephen Northcutt
Firewalls, they are boring, right? We have them dialed in. Sorry, no. A while back I got some of my friends to run the free AthenaSecurity firewall rule base tool and several mentioned they found issues with their rules. These are guys that know what they are doing and they still had problems. Based on this I am guessing there are more than a few misconfigured firewalls out there.
June 17, 2009 [Product Review] Tufin’s SecureTrack 4.5 - Simplifying Chaos
Do you work for a large company or an extremely large enterprise? If you answered yes then I know what your biggest problem is... without even talking to you - you have too many network devices to manage. Period, end of story.
June 17, 2009 20% of IT managers cheat to pass security audits
A survey of IT managers and technical staff has revealed that 20% admit to cheating on a security audit to get it passed. The survey by security lifecycle management company Tufin Technologies was conducted amongst 151 IT security professionals, many of whom were from multinational organisations and government departments, employing 1,000 to 5,000-plus employees.
June 15, 2009 Security pros find corporate firewall rules tough to navigate
It is near impossible for a human to manually audit firewall rules across the enterprise to reduce risk, optimize firewall device performance, and streamline data paths through routers, switches and firewalls. Security teams are turning to firewall management tools to perform security audits of the infrastructure and automate operational control of the firewalls.
June 4, 2009 IT failures will have to wait - LogisticsIT.com
That’s according to a survey conducted at Infosecurity Europe, by Tufin Technologies, the leading provider of Security Lifecycle Management Solutions who interviewed 151 IT professionals.
June 2, 2009 Know Thy MSSP: Maintaining Control in a World of Shifting Accountability
Ask 10 IT professionals if outsourcing security operations to a Managed Security Services Provider (MSSP) is a good idea and you're likely to get 10 different answers ranging from "absolutely yes!" to "are you crazy?" What to outsource and why is a function of a large set of variables ranging from the nature, size and location of your business to the size, makeup and skill set of your IT team, current and planned IT initiatives, who and where your business partners are, what your security budget is... and the list goes on.
May 28, 2009 Security Challenges Italian Style | SOA World Magazine
David Aminzade is the Regional Director of Tufin Technologies. Tufin specializes in Security Lifecycle Management, a category of software solutions that enable organizations to effectively implement their security objectives.
May 28, 2009 IT managers 'lying on security audits'
One-fifth of IT managers have admitted that they or their colleagues have cheated security audits. That’s the main finding of a new survey, conducted by Tufin Technologies at the InfoSecurity Europe Conference 2009, which also revealed that 63 per cent of firms only check their firewalls every three months.
May 28, 2009 Cost-Cutting Leads to Compliance Issues among IT Organizations: Survey
A new "Reality Bytes" survey from security lifecycle management solution provider Tufin Technologies reveals that recession and related cost-cutting have yielded compliance issues for many organizations. The survey, conducted at the InfoSecurity Europe 2009 Conference last month, sampled 151 IT security professionals, most of them from multinational organizations and government departments. The survey was conducted to understand larger social, economic and cultural context in which Tufin’s customers and potential customers operate, officials said.
May 27, 2009 Cheating on Your Security Audits
An audit isn’t worth much of the people doing it are cutting corners. Unfortunately, a survey by the folks at Tufin Technologies suggests many IT pros may be doing exactly that.
May 27, 2009 Study finds IT security pros cheat on audits - SC Magazine US
IT security professionals might think of auditing as a pain, but some are actually cheating to get audits passed, according to a study release today by security vendor Tufin Technologies.
May 27, 2009 Champions League final bad news for tech support
A survey has revealed that 39% of IT professionals will not be disturbed during the last five minutes of tonight’s Champions League final, even to fix a major IT failure. The findings appeared in a frank study gauging the attitudes of 151 IT security professionals, conducted by firewall experts Tufin Technologies.
May 27, 2009 Most IT professionals believe their corporate firewall base rules are in a mess
According to a survey conducted by Tufin Technologies, if you are unlucky enough to suffer a major security failure during the last 5 minutes of a major football match like tonight’s UEFA champions league, 39% of IT professionals say the problem will have to wait until the footie is over! On the flip side that does leave an incredibly loyal 61% who would right their company’s IT problems before watching the footie.
May 27, 2009 Security problems will have to wait till the football is over
If you’re unlucky enough to suffer a major security failure during the last five minutes of a major football match, like tonight’s UEFA champions league event between Manchester United and Barcelona, 39% of IT professionals say the problem will have to wait. That’s according to a survey of 151 IT professionals at Infosecurity Europe by security solutions firm Tufin Technologies. On the flip side that does leave an incredibly loyal 61%, who would right their company’s IT problems no matter how nail-biting the final minutes of the match.
May 26, 2009 Reality Bytes: IT teams admit to cheating on audits and more...
In their Reality Bytes survey due out tomorrow, Tufin Technologies, a company that covers the firewall market with automation and management offerings, says that the IT staffers and managers who took their survey held nothing back.
Israel Innovation 2.0

May 10, 2009 Tufin on the rise
Tufin Technologies, which provides Security Lifecycle Management solutions, has really picked up steam since the beginning of the year. The company, which is five years old, has won three awards in recent weeks and recently attended the RSA conference (the largest infosec conference of its kind) in San Francisco.
"...Live in Infamy" Security Blog by Randall Gamby

May 7, 2009 Overlapping shields of security
A few days ago a friend of mine contacted me because they were excited about a new product they found. While I’m not normally into product evaluations without a specific set of requirements to judge them by, I took a look and, while I can’t say whether the product is good or bad, the idea certainly deserves mention.
May 2009 Calum Macleod, Tufin Technologies: Is Your Firewall a Fire Hazard
With the economy taking quite a bashing and the housing market looking pretty miserable the question might be: Where is the silver lining? And I think I made have found it for those poor souls who have just seen their plans of moving to a new house dashed - you don’t have to tidy up!
April 30, 2009 New Tools Emerge To Ease Enterprise Fear Of Firewall Swapping
Many organizations are loathed to swap out one vendor’s firewall for another because the changeover could disrupt the network and open new security holes. It’s less risky to stick with a single firewall vendor, so often that’s just what they do.
April 29, 2009 Tufin welcomes David Blunkett’s opinions on cybercrime awareness at Infosec
The opinions on security from former Home Secretary David Blunkett MP have been met with approval at the Infosecurity exhibition. Tufin CTO Reuven Harrison claimed that Blunkett’s observations that there is a woeful lack of awareness of cybercrime issues amongst companies were very welcome.
April 28, 2009 Improper risk assessment can have disastrous consequences. Opinion piece submitted by Calum Macleod, Regional Manager, Tufin Technologies
With all the doom and gloom of the past few months and billions of whatever currency you like being poured into the economy I have to report on a ray of hope. I think my son may have hit on the solution completely inadvertently. He’s not a renowned economist, just an honest, hard working car mechanic.
April 28, 2009 RSA: Final Thoughts
SAN FRANCISCO-Attendance was down enough to dull what’s usually a loud roar to a low buzz in the cavernous expo hall at the RSA Security Conference last week. Yet, examples of innovation and security maturation were still in abundance. In particular, there was a lot of standards-based innovation around authentication, managing peoples’ online identities, encryption and data management. Integration between applications and network security was also announced by security lifecycle management startup, Tufin Technologies, which released TOP (Tufin Open Platform) open APIs for developers. Already it partners with F5 and Blue Coat for policy management, and is deeply integrated with Check Point, Juniper, Cisco and Fortinet.
April 23, 2009 Losing that excess weight. Lame ducks, sitting ducks and the CSO
Although I know the term is generally applied to politicians, I am increasingly convinced that one of the biggest challenges faced by many enterprises today are the number of "lame duck" managers filling key functions within organisations.
April 22, 2009 Tufin tops out network security console
Tufin Software Technologies Ltd, which is developing a unified management station for real-time security and network policy administration, has extended the reach of its system to monitor devices from application security and delivery systems, as well as firewalls from the likes of Check Point, Juniper, Cisco and Fortinet.
April 18, 2009 Tufin on the InformationWeek Startup 50 List: Business Technology Companies To Watch
$601.8 million. That’s how much venture capital has been invested in the InformationWeek Startup 50, a group of up-and-coming technology vendors chosen through a three-step process of nomination, online voting, and editorial vetting.
April 16, 2009 Gateway policies: the long and the short of it.
Today, many organizations have thousands of rules in their firewalls. On top of that they have identity based access controls, IPS, and URL blocking devices. Security policies have gotten out of hand. If you have ever tried to get a new application to work through a firewall you are probably familiar with the technique of first opening everything up and then adding rules until you break the application, then backing off a bit. Crude, but effective.
April 12, 2009 IT Voices - Ruvi Kitov of Tufin Technologies - video
IT Security Forum 2007, Interview with Ruvi Kitov.
April 7, 2009 Firewalls and speed traps
Tufin Technologies’ Calum Macleod takes another wry look at firewall policy management through the eyes of a driver trying to avoid being caught by speed traps.
April 2, 2009 Saving pennies and spending pounds, the real cost of poor risk assessment
Calum Macleod of Tufin Technologies draws an interesting analogy between fixing the brakes on your teenage son’s car and managing your firewalls correctly.
March 24, 2009 Tufin adds white lists to firewall management platform. Software upgrade checks new firewall rules against essential traffic
Tufin Technologies is upgrading its firewall-management software to include white listing as a way to determine what types of traffic are allowed through corporate firewalls and as a means of safeguarding essential business functions.
March 23, 2009 Selling security without using scare tactics
Using fear, uncertainty and doubt (FUD) is easy for security vendors, as well as IT managers pitching security purchases to the business team. But other approaches may work better, argues Ruvi Kitov, CEO of Tufin Technologies. Kitov speaks with Keith Shaw about four other arguments that security vendors and IT managers should have in their arsenal.
March 22, 2009 Take the complexity out of firewall configuration changes. Managing the Mergers & Acquisitions IT Nightmare in the Firewall Team
Your boss steps into your office and announces: "I’ve got good news and bad news... The good news is that we’ve just acquired our largest competitor. The bad news is that we now need to manage all of their firewalls." An increasing number of security managers are faced with the challenge of absorbing and integrating an external organization’s IT staff, their existing firewall infrastructure, and whatever data, rules and policies they had in place prior to the merger or acquisition. In some cases, security architects are asked to quickly audit an organization’s existing firewall estate, and find the potential risks contained in it as part of a due-diligence process. Once the due diligence is done and the deal is signed, IT organizations usually face a very tight schedule for the integration of the combined infrastructure.
March 2009 My Wife is Not For Sale
Monday mornings are bad enough but when another letter arrives from the local law enforcement asking me for another contribution to help them improve the accuracy of their speed traps it doesn’t make for a good start to the week. Fortunately I live in a pragmatic country where minor indiscretions are solved with a reasonable contribution and not with the full force of the legal system coming down on your head. But in any case in these times of recession, every little bit hurts!
March 12, 2009 Losing that excess weight. Network administrators, firewalls and a trip to the gym
Talk with any firewall administrator and suggest that they clean up their rule base and you will get the familiar groan of someone who knows they need to do it but just don’t know where to start.
March 9, 2009 Take the complexity out of firewall configuration changes. Tools from Tufin Technologies reduce the human error factor that leads to potentially harmful omissions and misconfigurations
Tools from Tufin Technologies reduce the human error factor that leads to potentially harmful omissions and misconfigurations. In its 2008 Data Breach Investigations Report, the Verizon Business RISK Team cites omissions and misconfigurations as two of the top network problems that lead to significant data breaches.
February 27, 2009 SecureChange Workflow. Change Management for Security Policies
Building on (and requiring) the vendor’s SecureTrack product, SecureChange Workflow adds automated workflow tracking and auditing features specifically for organizational security policy requests. The product is deployed on a Red Hat Enterprise or CentOS box (a pre-loaded appliance from the vendor, as well as a VMware virtual appliance are also available), with SecureTrack either installed locally on the same machine or on a remotely accessible station.
February 26, 2009 Firewall management can ensure that they run with an optimum performance
Companies have been encouraged to tidy up their firewalls in order to achieve optimum performance. Calum Macleod, regional director at Tufin Technologies, claimed that there is a belief that a firewall can be installed and set up, and then left alone, a process that leaves it without up-to-date configurations. McLeod said: "In most organisations the firewall configurations are changing on a daily basis with continuous requests for services to be added, removed, and modified. And this is not only a complex procedure but also very risky for an organisation."
February 25, 2009 Back to Basics
Calum M. MacLeod, Regional Manager, Tufin Technologies. Today we’re getting back to basics, which can summed up in the three Rs - Reduce, Rationalize, Return. Everyone in 2009 is reducing; reducing staff, investment, and trying to trim operational costs. At the same time risk control and business continuity has taken on more urgency.
February 18, 2009 Back to basics - or true love, the market and security. What relationships and the three Rs - Reduce, Rationalise, Return - can tell you about your security operations
Calum M. MacLeod, Regional Manager, Tufin Technologies. Utilizing Firewall Policy Management, or FPM as Gartner calls it, will realize major cost savings in areas such as Policy Analysis, Rule Usage Analysis, Rule Cleanup and Optimization. It will provide improved business continuity and add years to the life of your existing infrastructure.
February 19, 2009 Tufin-ough to Manage Complex Firewalls
Tufin was featured in Channel Web’s latest blog on Emerging Vendors - Tufin Software addresses a huge problem for enterprise perimeter security: managing and securing complex and multivendor firewall configurations. With the copious number of enterprise-class firewall products on the market, IT administrators have wondered how to manage and control the multitude of complex and multivendor firewall systems on their networks. That’s where Tufin Software Technologies comes in.
January 29, 2009 Is having a security policy in place nine-tenths of the law?
Ruvi Kitov, CEO and co-founder of Tufin Technologies. Most large organizations maintain a detailed corporate security policy document that spells out the "dos and don’ts" of information security. Once the policy is in place, the feeling is of having achieved "nine-tenths of the law", that is, that the organization is in effect "covered". This is a dangerous misconception. Because much like in the world of law and order, while creation of law is fundamental, implementation and enforcement of law is what prevents chaos.
January 2009 Managing the Mergers & Acquisitions IT Nightmare in the Firewall Team
David Aminzade, Director Northern Europe, Tufin Technologies. An increasing number of security managers are faced with the challenge of absorbing and integrating an external organization’s IT staff, their existing firewall infrastructure, and whatever data, rules and policies they had in place prior to the merger or acquisition. In some cases, security architects are asked to quickly audit an organization’s existing firewall estate, and find the potential risks contained in it as part of a due-diligence process. Once the due diligence is done and the deal is signed, IT organizations usually face a very tight schedule for the integration of the combined infrastructure.
December 16, 2008 How to Merge Securely
In this eWeek podcast hosted by Mike Vizard, Tufin Technologies CEO Ruvi Kitov talks about all the challenges that IT security people face when two organizations attempt to merge, which is a more frequent occurrence in these uncertain economic times.
December 12, 2008 Interview: How Tufin Technologies Is Navigating the Recession
TMCnet recently caught up with Shaul Efraim, vice president of products, marketing and business development at Tufin Technologies, to talk about some of the strategies adopted by the company to deal with the recession.
September 9, 2008 The Converging Worlds of Compliance and Security
In this Changing Channels podcast, Tufin’s CEO Ruvi Kitov explains how the convergence of security and compliance is creating new opportunities around policy management for solution providers.
September 9, 2008 Tufin Technologies offers preview of next-gen IT risk management at DEMOfall 08
Tufin Technologies today is demonstrating at DEMOfall 08 in San Diego, CA its future IT security product - Tufin SecureChange Workflow, which automates the security lifecycle of a change request from a business requirement to the actual configuration change and corrects implementation. The product will be commercially available later this year.
August 15, 2008 Tufin’s Security Change Management Solutions "Pioneering"
Tufin’s SecureTrack and SecureChange got special mentioning in a recent report published by Frost & Sullivan on the need of security management solutions in enterprises. According to the report, the network security market is driven by an increasing need of management solutions to help secure network infrastructure while ensuring compliance with regulatory and corporate policies
August 5, 2008 Tufin Technology’s products win F&S award
Security and network operations are becoming increasingly complex. Large enterprises have multiple firewalls spread across different time zones and business units and are also required to comply with stringent regulatory requirements; Tuffin Technology offers management solutions to help businesses cope.
August 5, 2008 Tufin Adds Router, Switch Auditing
Tufin Technologies moves beyond firewall auditing to support Cisco routers and switches for improved overall network control.
August 5, 2008 Product Spotlight
Tufin Technologies announced a new PCI Compliance solution as part of SecureTrack, Tufin’s security operations management product.
August 1, 2008 Group Test: Policy Management
By no means is implementing technology to help you manage policies a panacea, but some of the features that are creeping into the policy management space can help alleviate some of the pain points associated with these daunting tasks.
April 2008 Tufin Unveils Firewall Op Mgt System
Security In a Box Roundup - when you secure your clients from viruses, spyware, and other malicious threats, sometimes one box rocks. Check out our latest roundup of security appliances.
March 26, 2008 Tufin releases firewall operations management solution
Tufin Technologies, a provider of firewall operations management solutions, has released SecureTrack 4.2, a new version of its flagship product, which helps firewall operations teams control and manage policy changes, analyze risks and ensure business continuity.
March 26, 2008 Tufin announces release of SecureTrack 4.2 firewall solution
The new features in Tufin’s SecureTrack 4.2 solution include business-ownership change reporting. Users can now receive a change report specific to their areas of business responsibility. The report highlights policy changes affecting assigned network resources and allows corrective action when required. The solution also offers enhanced security compliance alerts. The compliance monitoring has been enhanced with a sophisticated alert system that pinpoints any policy change in violation of pre-defined corporate policies. With SecureTrack 4.2, compliance monitoring can be implemented for two types of traffic that affect business critical services and/or introduce new risks, namely business-critical traffic, which refers to traffic that should always be allowed and high security risk traffic, which refers to traffic that should always be blocked
March 25, 2008 Tufin Unveils Firewall Op Mgt System
Tufin Technologies announces release of flagship product, SecureTrack 4.2 firewall operations management solution.
January 16, 2008 Israel-based Tufin Technologies expands sale of firewall operations solutions in U.S.
Israel-based Tufin Technologies launched its first U.S.-based office this week in Boston. Tufin is a provider of Firewall Operations Management solutions. The U.S location will be headed up by Tufin’s new vice president of Sales Americas, Steve Moscarelli, responsible for all sales efforts in North and South America.
December 13, 2007 How to Manage Your Multivendor Firewalls like a pro
Firewall management software can audit, and rules verification can be simplified, automated.
December 5, 2007 Axpo Group buys firewall management solution from Tufin
Swiss-based Axpo Group, a leading energy supplier, has selected firewall operations management solutions from Tufin Technologies. The product will provide security and optimization for Axpo’s firewall operations across Europe, permitting real-time monitoring and reporting of changes.
November 2, 2007 Product Spotlight - New appliance based firewall operations management solution
SecureTrack 4.1 incorporates powerful new Firewall OS Monitoring capabilities and is also available as an appliance-based solution, offering unmatched capabilities and convenience for large enterprises tasked with managing sizeable firewall operations and/or multiple firewall vendors. The product is also offered as a software-based solution.
June 4, 2008 SecureTrack - Configuration Change Monitoring and Reporting for Firewalls
SecureTrack provides configuration change monitoring, reporting, and alerting features specifically for corporate firewalls. Check Point, Cisco PIX, and Juniper/Netscreen firewalls are all supported.
May 3, 2007 Tufin bringing firewall management solution to North America
Firewalls are so complex these days they require the attention and expertise of specialists that know "a little bit about security, a little bit about networking, a lot about the products and how to configure the product," said Ruvi Kitov, the CEO at Tufin Technologies.

More resources

In the News

Resources