News & Events - In The News | Tufin Technologies

January 28, 2012 Network Security 101: Automating for Continuous Compliance
Few will dispute that when it comes to network security, automating best practices to reduce operating costs, reduce complexity and streamline processes is a good thing. However, in what we call the age of Continuous Compliance - brought on by the reality that any point-in-time audit does not deliver security or compliance benefits once that point in time has passed - automation becomes more than just good. It becomes essential.
January 17, 2012 Zappos claims payment processing information "safe" after hack
While larger internet merchant account sites can prove lucrative for cyber hackers, smaller ecommerce sites can be equally tempting. This is especially due to the current economic climate, which Michael Hamelin, chief security architect with Tufin Technologies, claims can lead some businesses to cut back on IT security. “In these IT cost-conscious times, most budgets – yes, even in the IT security department – are always under review, and usually in a downwards direction,” Mr Hamelin warned.
January 16, 2012 Budget constraints and compliance issues "must be overcome"
IT security systems are often under pressure from budget constraints coupled with the demands of internet compliance rules, according to one expert. "This makes the task of a hard-pressed IT security admin or manager all the more difficult, especially given the disparate operating systems and networking environments we all have to deal with," said Michael Hamelin, chief security architect at Tufin Technologies.
January 13, 2012 Security departments are feeling the strain
Data management is coming under increasing strain to improve security amid growing threats. This challenge is made harder by a huge increase in the amount of regulatory and compliance requirements and shrinking budgets. Michael Hamelin, chief security architect with Tufin Technologies, explained that for this reason, IT security admin and management is incredibly difficult at the moment.
January 9, 2012 Firewall managers lack confidence in their security posture
The majority of firewall managers are concerned their change management practices put their companies at risk, according to a recent survey. How does this happen? Firewalls are generally considered the first line of defense for most networks. A firewall is the first decision point that uses a set of rules to determine whether or not outside traffic can enter the network. As time goes on, the rule set, or policies, of a given firewall can grow quite large and complex, making it difficult for the firewall manager to keep track of them all.
January 8, 2012 “2012 KOBİ yılı olacak”
Kadro aynı, yeni ürünler yolda Yaşanan sıkıntılara rağmen yola hızla devam ettiklerini ifade eden Murat Göçe, bu konuda ise şunları söyledi: “Şirketimizdeki 40 kişilik ekibimiz aynı şekilde çalışmayı sürdürüyor. Yeni ürünleri de yine bu ekiple pazara sunacağız. TufIN, USBK ve GFI yeni çalışmaya başladığımız ürünlerimiz. SSL pazarının ABD’deki lideri Comodo’nun Türkiye dağıtıcılığını da aldık. Öte yandan yan kuruluşumuz Hidrojen’in geçtiğimiz dönemde Cisco Security Partner’ı olmasını sağladık. Zira Hidrojen’i Helyum ürünlerini satmayacak şekilde konumlandırdık. O şirket Helyum iş ortaklarının bir rakibi değil kısaca.”
December 12, 2011 Overreliance on Manual Processes Compromises IT Security
A survey of 100 network security professionals conducted by Tufin Technologies reveals that the majority of IT organizations are relying on manual IT labor to change firewall rules. As the volume and complexity of IT security threats continue to increase, it’s pretty clear that manual processes simply can’t keep pace with a rapidly changing threat landscape.
December 10, 2011 Top 10 List of the Top 10 Internet Security Prediction Lists
Tufin: Firewall operations – Next generation firewalls will continue their strong adoption by mid- to large-size organizations. As a result of this trend, I see the operations management challenges of multi-vendor firewall environments as calling for increasing levels of automation of daily change management tasks.
December 8, 2011 2012 Predictions: Compliance and Access Management / Michael Hamelin - Chief Security Architect for Tufin Technologies
2012 will be the year of continuous compliance - in other words, organizations will see the value in implementing the ability to track changes to their compliance posture in real or close to real time, as opposed to referring back to a single point in time based on their last audit (e.g., prove they maintain their compliance posture in between quarterly PCI audits.)
December 8, 2012 Survey Points to Serious Issues with Firewall Management and Compliance
With the furious rise in cybercrime, well maintained and audited network firewalls are a critical line of defense. However, firewalls are apparently spinning out of the control of IT, at least according to a recent survey by Tufin Technologies.
December 8, 2012 Demand high for consultants
With all the attention being placed on regulatory issues, hospitals may be overlooking the critical necessity of IT security, said Ruvi Kitov, CEO of Burlington, Mass.-based Tufin Software Technologies. “There is a lot of work to be done,” he said. “Hospitals are not much different than other organizations – problems exist everywhere.” A lack of sound processes combined with the human element is a recipe for security lapses, Kitov said. Moreover, he said, the active hospital environment makes IT systems more vulnerable to invasion and other breaches.
December 8, 2012 Work Toward Continuous Monitoring
Michael Hamelin, chief security architect for Tufin, predicts that 2012 will be the year of continuous compliance in many auditors' books. In other words, organizations will have to demonstrate that they can track any changes to their compliance posture and audit as needed, as opposed to referring back to a single point in time based on their last audit.
December 8, 2012 Poor Firewall Management Leaves Networks Vulnerable to Attack
Managing changes in firewall rules is a necessary evil for security professionals. Many, however, don’t believe they have the time or resources to undertake the complicated and time-consuming steps necessary to make sure their corporate firewalls are up-to-date and secure. In reality, security professionals sometimes resort to cheating, shortcutting, or the old bubble-gum and duct-tape approach -- wasting both time and money in the long run for a few dollars and minutes saved now.
December 7, 2012 Top 5 Security Predictions For 2012
Although it’s been 23 years since the first worm – the Morris worm – appeared on November 2, 1998, a lot more has happened in the malware arena in the last two years then the first 21 years. This escalating change in the threat landscape is something that drives the need for comprehensive security ever-forward. And it’s for this reason that I’ve come up with my top 5 security tips for 2012, which I sincerely hope will assist IT security professionals in planning their defence strategies for the year ahead, which promises to be a challenging one for all concerned.
November 29, 2011 Ecosystems Are Always in Flux
This is not peculiar to the ecosystem of an aquarium, a fact of which Tufin Technologies recently reminded us when it published the results of a survey focused on change management. The survey found that organizations are acutely aware of the impact of poorly implemented processes and the (often negative) impact of manual processes in the realm of security: 66% of the sample felt their change management processes do or could place the organization at risk of a breach. The main reasons cited were lack of formal processes (56%), followed by manual processes with too many steps or people in the process (29%).
November 28, 2011 Two-thirds of firewall managers lack confidence in their security posture
Warning: If you are a chief information security officer and you want to sleep well tonight, stop reading now. The statistics within this story might give you nightmares. Tufin Technologies just released the results of its annual firewall management survey and they aren't pretty. Tufin surveyed 100 network security professionals directly involved in firewall management and auditing, and three-fourths of those surveyed believe their change management processes might put them at risk of a security breach.
November 20, 2011 Majority of Firewall Rules Are Improperly Configured, Managed, Survey Finds
Tufin Technologies study found that the lack of automation in firewall management is resulting in improper firewall rule configuration and cheating on audits. Organizations are struggling to keep track of changes in their networks and to effectively manage their firewall policies, according to a new study. Nearly 85 percent of network administrators in the 2011 Firewall Management report said half of their firewall rule changes need to be fixed because they were configured incorrectly, Tufin Technologies found in its report released Nov. 16.
November 18, 2011 How To Conduct a Firewall Audit / Michael Hamelin, Chief Security Architect, Tufin Technologies
Firewall audits can help prove how secure a network actually is -- as opposed to how secure your customer thinks it is. Here, Hamelin, chief security architect at Tufin Technologies, provider of network security solutions, discusses the importance of the firewall audit, and how to get one done.
November 17, 2011 Network security pros admit firewall management is a mess
Network security professionals admit their firewall management policies are in a mess, putting their organisations at risk of a security breach. Security lifecycle management firm Tufin Technologies questioned 100 network security professionals from around the world who were directly involved in firewall management and auditing.
November 17, 2011 Umfrage von Tufin Technologies: Manuelle Änderungen an Firewalls schaffen Sicherheitslücken
Viele Unternehmen glauben, dass bei manuellen Änderungen der Sicherheitseinstellungen von Firewalls die Integrität des Netzwerks gefährdet ist. Dies ist eines der zentralen Ergebnisse der jährlichen Firewall-Management-Umfrage von Tufin Technologies. Ein Grund dafür sind die fehlenden formalen Prozesse und der damit verbundene hohe Zeitdruck.
November 17, 2011 Companies are struggling to keep up with security management
Two-thirds of firms are at risk of security breaches because of erroneous changes being made to their security system, according to new research. Keeping firewalls and business software up to date is becoming an increasingly onerous task for the IT department, amid a cascade of patches, new vulnerabilities and changes to business processes.
November 16, 2011 IT managers "waste time searching for needles in haystacks"
Around three-quarters of organisations believe that their current change management processes could put them at risk of a security breach. In a survey by Tufin Technologies of 100 network security professionals, 75 per cent said they are at risk of a breach due to their current change management processes, while 84 per cent said they have no way of knowing when a firewall rule needs to be recertified. A further 41 per cent said they do not know when a firewall needs to be decommissioned.
November 16, 2011 Manual tasks cause some IT staffers to cheat during audits
According to Tufin Technologies, a vendor that focuses on the Security Lifecycle Management (SLM) issues within enterprise operations, says that problems related to firewall management have actually caused some professionals to cheat during an audit.
November 16, 2011 Half Of Firewall Rules Configured Improperly, Survey Says
Most organizations are still struggling to keep tabs on their firewall operations and changes in the network that require writing new firewall rules, a new study released today reveals. Around 85% of the 100 network administrators surveyed in Tufin Technologies' 2011 Firewall Management report say that half of their firewall rule changes eventually need to be fixed because of improper setup. Just 7% say their firewall audit processes are automated, and 40% say they spend a month or more per year on handling firewall audits.
November 15, 2011 Firewall Management Complexities Pushing Security Pros to Cut Corners
new survey shows firewall management is problematic enough for many organizations to cause many network security pros to cut corners and cheat on audits. The survey, prepared by firewall management vendor Tufin Technologies, fielded responses from 100 network security professionals directly involved in firewall management and auditing. According to the results, 22 percent of participants knew of someone who had cheated on an audit. That figure was up from 10 percent in an April 2010 survey. The chief reason for the cheating - the manual processes associated with managing firewalls and the time constraints those processes create.
October 26, 2011 Exploring the Invisible Internet
At Forrester's Security Forum 2011 in Miami, November 9-10, we will be reprising the wildly successful 'Hackers Vs. Executives' track session. There will be two leading security professionals sitting on the panel representing the executive viewpoint, and they will be joined on stage by two noted researchers who will provide a hacker's-eye for this session. Rodney Joffe of Neustar will give us a live guided tour of the “Invisible Internet” – the IRC chat rooms and carder forums where the underground cybercrime economy lives. Michael Hamelin of Tufin Technologies – a noted white hat hacker and multiple winner of the DefCon “Capture the Flag” competition – will do another demo to help us understand how attacks work.
October 20, 2011 Israelsk selskab vil skabe orden i danske firewalls
Et israelsk selskab åbner kontor i Danmark. Få bedre styr på firewalls og netværksenheder, lyder budskabet fra den danske chef. Tufin Technologies etablerer sig nu på det nordiske marked med et kontor i Danmark..
October 19, 2011 Firewall-Management muss zum Standard werden
Firewalls in Unternehmen überwachen den gesamten Datenverkehr anhand festgelegter Regeln und entscheiden, welche Netzwerkpakete durchgelassen werden. Meist ist die Anzahl der Regeln extrem komplex und kaum noch überschaubar.
October 18, 2011 Tufin Adds Change Management Capabilities To SecureTrack Firewall
Tufin Technologies, the market-leading provider of Security Lifecycle Management solutions, today announced that SecureTrack™, its flagship firewall operations management solution, now includes configuration change management and automation component, called SecureChange™ Basic. SecureChange Basic is based on Tufin SecureChange, a robust security change automation solution designed specifically for network security devices.
October 17, 2011 What Do the Watson Computer and Network Security Have in Common? / Reuven Harrison, Chief Technology Officer, Tufin Technologies
Are you still writing rules for old firewalls? Dealing with ports and protocols is no longer sufficient. Next-generation firewalls drill into traffic to identify the applications traversing the network, and automation can help you build and manage the rules you need to exploit this technology.
October 5, 2011 Why firewall management is good for business
A number of classic scenes in film and literature involved a group approaching a walled city or castle only to be stopped by a gatekeeper and asked, “Halt, who goes there?” Depending on the answer, be it Arthur, son of Uther Pendragon or Dorothy and the Tin Man, the gatekeeper makes the call on whether or not the group can pass or is turned away. Firewalls are the digital correlate of this archetypal gatekeeper: they are the gatekeepers for our corporate network and data center perimeters. Firewalls make the call – packet by packet – on which traffic, which network services are acceptable and can pass by and which are acceptable and can enter the gates.
October 5,2011 Shaul Efraim, VP Marketing and BD Tufin: security teams must have automated solutions in order to assure network access
Global Security Mag : What are you going to present at les Assises ?Shaul Efraim: Tufin will be presenting its Security Lifecycle Management solutions that enable companies to cost-effectively manage their network security policy, comply with regulatory standards, and minimize IT risk. With the award-winning Tufin Security Suite, security teams are successfully managing firewall operations and performing audits and risk assessments – often in half the time.
October 1,2011 Nouvelles fonctionnalités pour Securetrack de Tuffin
Tufin Technologies annonce de nouvelles fonctionnalités à sa solution de gestion des opérations de firewall, SecureTrack™ : la gestion du changement de configuration ainsi qu’un composant d’automatisation appelé SecureChange™ Basic. Cette dernière fonctionnalité est basée sur Tufin SecureChange, une solution d’automatisation des changements de sécurité particulière robuste, conçue spécifiquement pour les systèmes de sécurité réseau. SecureChange gère l’ensemble du cycle de vie d’une demande de changement de configuration, de la proposition à la conception, l’analyse du risque, l’approbation, la mise en œuvre et l’audit.
September 27,2011 Israelsk IT-firma vil sætte sikkerhed i system
Krævende medarbejdere med mobiltelefoner, tavleog bærbare pc’er samt øgede myndighedskrav til documentation af datahåndtering er to væsentlige årsager til, at et israelsk softwarefirma med fokus på risikohåndtering, nu skubber døren op til det nordiske marked. Virksomheden Tufins nordiske satsning bliver styret fra Danmark af Jan Bau, der selv har erfaring med israelsk ITsikkerhed, idet han tidligere har haft posten som direktør for den danske afdeling af den ligeledes israelske IT-sikkerhedsvirksomhed Check Point.
September 16, 2011 Tufin automates policy changes and compliance for next-generation firewalls
TSS now includes the ability to generate large maps of interconnected network devices across multiple zones and segments, making it easier to visually discover the relationships between various devices. The tool can automatically generate configuration reports about networking equipment. This should help administrators visualize and craft effective policies, and enable them to predicatively determine what policy changes result in an efficient path between a given network source and destination.
September 15, 2011 Israeliskt säkerhetsbolag siktar på Sverige
Få vet vilka de är. Men bland deras kunder finns många stora globala bolag. De heter Tufin och kommer nu till Sverige med lösningar inom säkerhetshantering.
September 15, 2011 Tufin Looks To Take Firewall Management To The Next Level
Tufin Technologies has long offered tools for managing firewalls and has even provided capabilities to monitor next-generation, application-aware firewalls.
September 15, 2011 Tufin Updates its Firewall Management Solution
Tufin Technologies has updated its flagship firewall management suite with the ability to set new user and application-level policies for “next-generation” firewalls.
September 14, 2011 Tufin Extends Support for Next-Gen Firewalls
Tufin Technologies provides complementary product that validates the next-gen adoption trend. Tufin is one of a handful of security companies specializing in applications that automate and manage firewall rulesets, and its TSS 6.0 sports support for Palo Alto next-gen firewalls as well as a raft of other improvements.
September 12, 2011 Tufin adds next-generation firewall support
The new version of Tufin's security suite includes enhanced support for next-generation firewalls.
July 7,2011 Changing the Tides of Security Policy; One Opinion at a Time
Earlier this month I penned an open letter to the network security industry for SC Magazine, which also appeared on the Threat Geek blog, calling for a mandate requiring corporations to share information on breaches, disclose each foreign fingerprint found on their networks, and even establish a federal database to house this collective pool of information.This is something that I view as essential to the national security interests of our country, and to the continued viability of our businesses. Therefore, I was very encouraged to read earlier this week a piece in SC Magazine by Shaul Efraim, a vice president with the security firm Tufin, not only backing my call for a national standard, but broadening the scope internationally.
June 27, 2011 In search of a global network security standard / Shaul Efraim, VP Marketing & Business Development, Tufin Technologies
As a company with roughly half of our customers in the United States, and the rest spread out around the globe, I can see the value not just of a national standard but of a worldwide regulation that sets the network security bar for commerce in today's "Global Village:" A standard adopted and enforced by governments worldwide.
June 10, 2011 IBM MSD Standardizes on Tufin SecureTrack to gain full control, management and auditability of firewall, router and switch policy changes
The main objective Of IBM MSD’s Security Lifecycle Management initiative was to gain full control, management and auditability of firewall, router and switch policy changes… SecureTrack has dramatically reduced the time and cost of firewall audits and overall, reduced the time and cost of firewall management by approximately 60%. In addition, Tufin SecureTrack has provided IBM MSD with these additional benefits that, while harder to quantify in terms of time and cost savings, have resulted in much more efficient, secure and complaint operations.
June 08, 2011 Best Practices in Network Security, From a Business Award Winner / Ruvi Kitov, Tufin CEO and Co-Founder
One, always audit everything in your network twice. Every change needs to be verified and audited to insure that it stays within compliance and was designed and executed in the most effective and secure way.
June 7, 2011 To Outsource or Not to Outsource, By Michael Hamelin, Tufin's Chief Security Architect
Security is a business process and one that the company must maintain control over if it’s to remain secure. However, it’s not as black and white as that as there are significant benefits to tapping into an external resource for certain areas. Firewall management is one security area that can be successfully outsourced to deliver substantial benefits to the organization.
June 02, 2011 Consultants have never been in greater demand
With all the attention being placed on regulatory issues, hospitals may be overlooking the critical necessity of IT security, said Ruvi Kitov, CEO of Burlington, Mass.-based Tufin Software Technologies. “There is a lot of work to be done,” he said. “Hospitals are not much different than other organizations – problems exist everywhere.”
June 1, 2011 Product Review - Tufin Technologies Security Suite
The Security Suite from Tufin Technologies provides a two-piece approach to managing network device policy and auditing. The first piece is SecureTrack, which enables administrators to track and audit firewall and network infrastructure policy and to maintain compliance. The second piece is SecureChange Workflow, which helps to automate policy changes throughout the network infrastructure. With these two pieces combined, the Security Suite can provide powerful network security auditing that can be automated for solid accuracy in maintaining network policy
May 16, 2011 Network security blunders - how to recover, By Michael Hamelin, Tufin's Chief Security Architect
Commentary - We’ve all made one in our career - I’m talking about that blunder you thought would cost you your job. My first major blunder was rebooting all the campus router pairs at one time, not one by one, all at once. I had written a script to install a security update on all the routers and reboot them all one by one…. or so I thought. Turns out my script had an error and didn’t wait between routers.
May 3,2011 Infosecurity Europe 2011: Tufin Technologies Wins Customers' Hearts and Minds
The IT world like any other is fraught with charlatans making one claim after another, but customers know how to separate the wheat from the chaff. This truth was demonstrated at the just concluded Infosecurity Europe Exhibition held at Earl’s Court between April 19th and 21st, 2011 with respect Tufin’s SecureTrack Firewall Management and SecureChange Workflow which generated a lot of keen interest amongst customers/prospective customers and visitors at the Exhibition. Michael Hamelin, Tufin’s Chief Security Architect told Vigilance: “It’s been an amazing show for us. Our products are getting the most interest because they are the next generation fire wall providing access to internet users.”
April 25, 2011 Fave raves: 22 IT pros name their favorite products / Sanjay Bhandari, Network Architect for Managed Services Delivery, IBM
Why it's a favorite: “SecureTrack makes my job of managing the operations and auditing a few hundred firewalls much easier. It is very easy and extremely quick to produce evidence for changes made on the managed devices as requested by the auditors. Nothing is hidden - SecureTrack will find all changes. We are able to see and manage any given change that occurs on any device at any time by any administrator.” Years in IT: 25 Upcoming IT project: Optimizing rule bases of firewalls and other networking devices
April 19, 2011 Firewalls, Only 60 Per Cent Effective Against Malware
Firewalls, Unified Threat Management systems, Intrusion Protection Systems and other such devices are only 60% effective out of the box and in some cases as low as 20%. To compound these problems, according to Michael Hamelin, Chief Security Architect of Tufin on average many organisations do not audit their firewalls for years if at all.
March 29 ,2011 Comment: The Lifecycle of a Firewall Rule, Reuven Harrison, Tufin Technologies
Reuven Harrison, CTO of Tufin Technologies, offers some insightful hints and tips on how to go about getting your firewall rules in order to improve their performance, security and manageability.
March 10, 2011 Firewall Expert Tip: The Lifecycle of a Firewall Rule, By Reuven Harrison, Tufin CTO
In the infographic below we’ve summarized the (long and sometimes tortuous) life of a firewall policy rule. Firewall rules are born and modified as a result of access requests from users or IT projects. And over time, they become irrelevant – because applications, services and networks change, and users leave.
March 3, 2011 Recognise any of these common network security blunders? By Michael Hamelin, Tufin's Chief Security Architect
We’ve all made one in our career, I’m talking about that blunder you thought you would be fired for. My first blunder was rebooting all the campus router pairs at one time, not one by one, all at once. I had written a script to install a security update on all the routers and reboot them all one by one, I thought.
Feb 17, 2011 RSA 2011: Day 3 Roundup
Tufin: A company you may not have heard about, but one with a really compelling set of solutions. They’ve tied in their SecureChange workflow to BMC Remedy, and provided permissiveness scoring for firewall rules via SecureTrack. A nice feature for firewall admins is that the product will suggest rules for the firewall to mitigate exposures and identify where in the ruleset that rule should go – if you’ve ever been a firewall admin, you know that a poorly crafted rule in the wrong place can open the system wide up
Feb 14, 2011 Tufin and Palo Alto tighten the knot
Tufin has added enhancements to its SecureTrack firewall product that will help Palo Alto users and resellers as well. Tufin said version 5.3 has an enhanced policy generator that enabled administrators to create rules through analysis of firewall traffic logs; the ability to review security policies for firewalls, routers or other network devices; and a permissive rule optimisation that recommended how to optimise overly permissive rules.
February 11, 2011 Tufin Firewall Management Suite Supports Palo Alto Networks' Application-Identity Capabilities
Tufin Technologies has extended its firewall audit and change management capabilities to "next generation" firewalls with support for Palo Alto Networks products. In addition to standard network-based firewall capabilities, Palo Alto enables organizations to create fine-grained policies and rules based on application and user identity using deep packet inspection (DPI) technology.
February 11, 2011 Tufin Technologies to Support Next-Generation Firewalls
Tufin Technologies, a provider of security lifecycle management solutions, announced it offers support for next-generation firewalls.According to a release, the latest update of SecureTrack, Tufin's firewall operations, auditing and compliance product, introduces a solution that provides network security teams with management and auditing capabilities for both next-generation and network-layer firewalls. Tufin's support of Palo Alto Networks firewalls will be jointly demonstrated at the RSA Conference 2011 in San Francisco.
February 10, 2011 Tufin announces firewall enhancements and support for next-generation products
Tufin has added enhancements to its SecureTrack firewall product. According to the company, version 5.3 now includes: an enhanced automatic policy generator (APG) that enables administrators to create a firewall rule base through analysis of firewall traffic logs; the ability to review security policies for firewalls, routers or other network devices; and a permissive rule optimisation that provides specific recommendations on how to optimise overly permissive rules. Other additions include a Zone Manager, which provides a central interface for defining and managing network zones, and support for PCI DSS version 2.0.
February 7, 2011 Products of the Week - Tufin Security Suite 5.3
The first solution that provides seamless, comprehensive operations management and auditing for next-generation and network-layer firewalls - including delivering a wide variety of views, policy analysis queries, and compliance audit.
February 3, 2011 What security technology will be hot at RSA 2011?
Other product demonstrations will include a joint demonstration of how the Tufin SecureTrack firewall-management audit and compliance product for the first time will support a next-generation firewall, in this case the NGFW line from Palo Alto Networks. Palo Alto and Tufin will be demonstrating how this works at both their booths at the show.
January 28th,2011 The lifecycle of a firewall rule
In the infographic below I’ve summarized the (long and sometimes tortuous) life of a firewall policy rule. Firewall rules are born and modified as a result of access requests from users or IT projects. And over time, they become irrelevant – because applications, services and networks change, and users leave. These unused or “stale” rules are a hidden menace to your firewall policy rulebase. First of all, they slow down performance – since the firewall has to scan all of the rules from the top for every traffic request. Second, they are a threat to security – they may leave access open to an unwanted visitor
January 24, 2011 The Ten Golden Rules of Change Management
Change happens, it’s a fact of life, but it needs to be handled competently if the desired benefits are to be realized. When it comes to reflecting these changes in IT systems, complexity and a lack of process has trumped best practices.
January 17, 2011 Spot the rot: what will the biggest infosecurity headaches be this year?
In 2011, network security teams will find themselves managing more firewalls from multiple vendors. Those firewalls will be serving multiple purposes, ranging from traditional perimeter security to the segmentation of internal networks.
Decmember 31,2010 Future perfect? What 2011 holds for business technology / Ruvi Kitov, Tufin CEO
"One thing that I see changing, and it's actually been taking place for several years now, is outsourcing, so more and more IT security managers outsourcing out to managed security service providers (MSSPs) - network providers that manage hundreds of thousands of firewalls. There's also a large trend that has to do with cloud-computing and virtualisation. A lot of them have their services in the cloud and their firewalls are in the cloud, and their firewalls are often virtualised."
December 15, 2010 Firewall management vendor will plough more resource into demand generation in the UK
Israel-based Tufin was recently ranked as Europe's tenth fastest-growing tech firm by Deloitte, after its sales shot up by over 5,000 per cent over the last five years. Key UK partners include AT&T, Verizon, BT, Integralis and Vistorm.
Decmeber 13, 2010 Anonymous group's DDoS attacks lead to a fresh interest in how to secure against an invasion
In a recent conversation with SC Magazine about dealing with heightened levels of traffic during busy shopping periods, Tufin CEO Ruvi Kitov said that these sorts of challenges can be overcome with the proper preparation. "You do not want a DoS to get into your connections and to kill your firewall, you can set the configuration to how many connections to allow and you can tweak and tune it so it is not too low or too high," he said.
December 7, 2010 The 10 Golden Rules To Successful Change Management
We all know that nothing stays the same – no matter how much we might wish it did. In business there will be new services introduced and unpopular ones discontinued in response to business requirements. Technology is no different and new applications will need to be incorporated and others dissolved. Equally the workforce ebbs and flows with new employees to allow access and leavers to be removed, even internally bringing people in and out of project teams. Change happens, it’s a fact of life, but it needs to be handled competently if the desired benefits are to be realised.
December 6, 2010 How To Bootstrap Your Software Company: 15 Smart Tips from Tufin Founder Ruvi Kitov
With 2010 revenues in the eight-figure range, security lifecycle management developer Tufin can now relax a bit - but things weren't always so easy, says CEO and co-founder Ruvi Kitov.
November 26, 2010 How best to deal with the online shopping frenzy as Black Friday and Cyber Monday arrive
There is a need to prepare for a potential network overload situation particularly for sites hosting online shopping. According to Rueven Harrison, CTO of the security lifecycle management specialist Tufin, as workers use their company IT resources for everything from multimedia greetings to videoconferencing connections to distant colleagues, they should prepare ahead of, and react during, busy periods
Novmeber 17,2010 How to Conduct a Firewall Audit
Firewall audits are getting a lot of coverage these days thanks to standards like SOX, PCI DSS, and HIPAA. Even if you don't need to comply with any of those standards - yet - business relationships with partners or customers may require you to show that your network is secure.
November 16, 2010 Fast 500 confirms UK's status as tech pioneer
Other names familiar to the channel include Israeli network security outfit Tufin in tenth place, and UK email security vendor Mimecast in fifth
November 4, 2010 Boosting Your Time & Project Management Skills
Michael Hamelin, chief security architect for Tufin Technologies, says it's too easy to turn email into an instant messaging client that is checked every three to five minutes. Hamelin schedules four email sessions per day and tries to stick to those. Also, he adds, because the BlackBerry is an extension of email that is essential for staying in contact but can take over a person's life, its use must also be managed. Hamelin recommends using filters on the BlackBerry so only messages from key personnel are received.
October 25, 2010 Cyber security: an opportunity to plug leaks without waiting for a "digital Pearl Harbor"
The results of a survey carried out by Tufin Technologies at the DEF CON 18 conference only a few months ago make sobering reading - according this survey 73 per cent of IT security professionals said that they came across a misconfigured network on a regular basis and 76 per cent of the same sample saw a misconfigured network as the easiest IT resource to exploit.
October 24,2010 Ruvi Kitov Tufin Technologies
"Ruvi Kitov is the Founder and CEO of Tufin Technologies. His educational background is in Computer Science which he studied at The University of Maryland where he graduated cum laude. After graduating he worked at Check Point Software, one of the biggest companies in the computer security industry. Ruvi held positions at Check Point which gave him the responsibility to design some of their core technologies. In 2003, Ruvi left Check Point and started Tufin Technologies."
October 21, 2010 DNS - Tufin Ranked Second Fastest Growing Company in Israel
Tufin Technologies, a provider of security lifecycle management solutions, announced it is positioned No.2 in the 2010 Deloitte (News - Alert) Israel Technology Fast 50, a ranking of the 50 fastest growing technology companies in Israel
October 20, 2010 Products of the Week
Tufin Technologies, the leading provider of Security Lifecycle Management solutions, today announced version 5.2 of its award-winning Tufin Security Suite (TSS) - the combined offering of SecureTrack, its firewall operations, auditing and compliance product and SecureChange Workflow, its security change automation product.
October 20, 2010 Tufin Technologies Expands Enterprise Support
As reported on Market Watch, version 5.2 enables organizations to automate network security policy and change management at a much greater depth and breadth. Tufin also offers a custom solution for Managed Security Service Providers (MSSPs), enabling MSSPs to increase their service offerings and value-add to enterprise customers.
October 19,2010 Tufin goes multi-tenant for the MSSP Market
"One of my favorite companies to follow, Tufin Technologies today announced their latest release. Significant features for the enterprise market are included in this latest release, but what really has me excited is the multi-tenancy and MSSP feature set included."
October 19,2010 Tufin Technologies releases 5.2 for MSSPs
Tufin Technologies announced version 5.2 of Tufin Security Suite (TSS) - the combined offering of SecureTrack, its firewall operations, auditing and compliance product and SecureChange Workflow, its security change automation product
October 14, 2010 Security's Risk And Change Management Tools: Drawing A Picture Of Security Posture
Coordinating these policies and changes across a whole network of firewalls is no simple task, which is why Tufin's products are designed to monitor changes in real time, according to Ruvi Kitov, CEO of Tufin. "We want to be able to tell you right away if a change that was made might affect security or business continuity," he says. "More importantly, we want to tell the approver of a potential change what the effect of that change might be, so that problems can be avoided in the first place."
September 23,2010 One Fifth of UK College Students Have Hacked
Research from Tufin Technologies and the UK's Association of Police Officers has found that more than a fifth of college and university students in the UK have tried hacking."Over one in three students said they hacked for fun, whilst almost a quarter claimed they were just curious," writes IT PRO's Tom Brewster."As for what services the youngsters went for, 37 per cent had hacked Facebook accounts, 26 per cent email accounts and 10 per cent online shopping accounts" Brewster writes.
September 21, 2010 Hacking, Not Partying, At The Frats: 1 In 5 College Students Have Hacked
The report, commissioned by Tufin Technologies and the Association of Chief Police Officers in the U.K., found that 32 percent of college students aged 18 to 21 say hacking is "cool" 28 percent consider it easy to accomplish -and all the while 84 percent consider it the wrong thing to do.
September 17, 2010 When your head's in the cloud, keep your feet on the ground
While some of the technical underpinnings that make up the Cloud's 'secret sauce', are relatively recent innovations, the business case for managing critical IT functions as services - inside or outside the firewall - is not a new concept. At the end of the day, the Cloud is just another way to outsource IT functions, and the same fundamental concerns that exist with more mature outsourcing offerings need to be addressed - such as, how does an organization manage its security and compliance posture when critical systems and data are hosted or managed by a third party
September 16,2010 Considering Security on Murphy's Network
Murphy's Law is a tough one to break, but misconfigurations have to be found and corrected if you don't want to give hackers an easy ride into your organization. As Reuven Harrison, Tufin's co-founder puts it, "network managers need to sit up and smell the coffee on the fact that network misconfiguration is now a primary security issue for their IT staff."
September 7, 2010 What do hackers want? Survey reveals their favorite targets
What do cybercriminals love to see when they try to break into an organizations network? A recent survey reveals what vulnerabilities they look to exploit first. The top security hole hackers look for: poorly configured networks. That's the conclusion of a recent survey conducted by Tufin Technologies at Def Con 18, the annual hacker' convention held last month in Las Vegas
September 3,2010 Tufin appoints MTech as Australian Distributor
As the market-leading provider of security lifecycle management solutions, Tufin has gained international acclaim for its ability to help companies to manage their network security policy cost-effectively, comply with regulatory standards, and minimise IT risk.
September 1,2010 How to create a secure DMZ
One core tenet of demilitarized zone (DMZ) design is to segregate network devices, systems, services and applications based on risk. Because of this, it's crucial to carefully plan and design a DMZ because it may not be easy to fix major flaws in the DMZ's design once it's live. Here, Knowledge Center contributor Michael Hamelin explains how to design a secure DMZ for your enterprise.
September 1,2010 SecureChange Workflow
Few change management solutions are really geared up to apply to network security. Businesses with a large collection of firewalls etc need to have them updated, but it can be a nightmare keeping track of all these changes. Tufin's SecureChange Workflow (SCW) aims to apply standard change-management practices to network security.
August 31,2010 Hackers focus on misconfigured networks
"Ever wonder what IT resource is the easiest for hackers to exploit? According to a survey of attendees of the annual Defcon security conference, the answer is misconfigured networks. The survey was conducted by Tufin Technologies, which polled 101 attendees of Defcon 18 in July. Seventy-six percent named misconfigured networks as the easiest IT resource to attack."
August 31,2010 M.Tech toughens firewalls with Tufin
Tufin's focus is on firewall management. With an ever-increasing number of firewalls on the market, many organisations have multiple vendors deployed within the one environment. Tufin's value is in consolidating the reporting and management of the multiple firewalls into one instance
August 31,2010 Tufin appoints M.Tech as Australian distributor
M.Tech Business Manager, Paul Lim, said: "In order to maintain tight security and compliance controls as their networks become increasingly complex, our customers are asking us to help them streamline their network security operations - particularly within heavily regulated sectors such as the telecommunications, financial services, energy, transportation, technology pharmaceutical and healthcare industries."
August 31,2010 Tufin signs M-Tech as Australia distie
Security lifecycle management vendor, Tufin Technologies, has appointed M.Tech Australia as its Australian distributor
August 30,2010 Tufin signs M.Tech as Australia Distie
Lawrence Loh, Tufin Technologies regional sales manager for the Asia Pacific, said M.Tech has demonstrated "excellent results in bringing new technology and products to market and developing the reseller channel for its other portfolio partners."
August 26,2010 MBA's are for wusses
"Teenagers conscripted into high-tech units gain experience akin to a bachelor's degree in computer science", says Ruvi Kitov, co-founder and chief executive of Tufin Technologies, an Israeli software firm. Almost all of Tufin's employees in the country are, like Mr Kitov himself, veterans of the Israel Defence Forces (IDF).
August 26,2010 The rise of virtualized IT
"Hamelin says some vendors are implementing multiple virtual firewalls within a single chassis, allowing customers to consolidate their physical environment and reduce both administrative overhead and physical cabling. Another trend, he adds, is the complete virtualization of the network or security device by running it on a hypervisor."
August 6,2010 NSO Quant: manage Firewall - Define/Update Processes
"Given the number of policies and possible rules, some organizations use a firewall policy manager such as…Tufin… to help define the rules -- and more importantly to make sure the rules don't conflict with each other."
July 30, 2010 Best Practices for Cleaning Up your Firewall Rule Base
Custom firewall audits were created with the SecureTr ack Audit wizard for detailed answers on compliance policies. An impressive list of predefined audit templates can be selected with a wizard, thereby saving time. There is also a predefined PCI DSS audit analysis feature used to create repo rts for audit policy with a summary detailing the compliance verification
July 27, 2010 Tufin SecureTrack review
Custom firewall audits were created with the SecureTr ack Audit wizard for detailed answers on compliance policies. An impressive list of predefined audit templates can be selected with a wizard, thereby saving time. There is also a predefined PCI DSS audit analysis feature used to create repo rts for audit policy with a summary detailing the compliance verification
July 15, 2010 Death of a Firewall Aftermath
Over the last year, at various events, we've been privileged to meet with and interview a variety of vendors with regard to their firewall/ips/ids systems including Watchguard, TippingPoint, Tufin, Optenet and Palo Alto Networks. Not all the interviews have been easy with some vendors either choosing not to answer the question or to go off at a tangent (snake oil as one CISO commented).
July 14, 2010 Death of a Firewall 4 of 4
Michael Hamelin, Chief Security Architect of Tufin Technologies, looks at the innovations, pros and cons of the various vendor firewall offerings. This videocast was recorded at Infosec Europe 2010.
July 13, 2010 Death of a Firewall 3 of 4
Michael Hamelin, Chief Security Architect of Tufin Technologies, examines the challenges of black and white listing in firewalls and the reasons why blacklisting is rapidly becoming extinct in corporations today. This videocast was recorded at Infosec Europe 2010.
July 12, 2010 Death of a Firewall 2 of 4
Michael Hamelin, Chief Security Architect of Tufin Technologies, looks at the areas where corporations are tearing down their firewalls and where a firewall is a necessary evil. Hamelin also shares some of his insights on the challenges of firewall configuration and management, why and how these challenges evolved and some thoughts on how to resolve these. This videocast was recorded at Infosec Europe 2010
July 12, 2010 Review: Firewall operations management
Anyone running multiple firewalls in a complex, enterprise environment knows how difficult it can be to catch misconfigurations, avoid conflicting rules, identify vulnerabilities and meet auditing and compliance mandates. In this test, we look at five firewall operations management products: AlgoSec's Firewall Analyzer, RedSeal's Network Advisor and Vulnerability Advisor, Secure Passage's FireMon, Skybox's View Assure and View Secure and Tufin's SecureTrack. (See how we conducted our test.)
July 1, 2010 Tufin network security
Tufin offers two systems for managing network security. SecureTrack manages and audits firewalls, routers and switches. SecureChange Workflow automates the process of a security policy change request, from beginning to end.
June 23, 2010 87 per cent would work rather than watch the World Cup final
A survey performed by Tufin Technologies polled more than 241 UK professionals based in the UK and discovered that 87 per cent would work rather than watch the World Cup final if a major problem occurred during the match.
June 22, 2010 Superbowl or FIFA World Cup, Job Comes First For IT Men in USA And UK
"Have you ever felt insecure mulling over the consequences of IT personnel forgetting their job amidst all the frenzy about world's biggest tournaments? Well, Tufin Technologies definitely did and went to the extent of conducting a survey in connection to its concern that the onset of the World Cup would cause the pace of global business to slow down to a crawl"
June 15, 2010 Tech savvy kids hack into school computers
"According to a survey of 1,000 New York City teenagers by the Burlington, Mass.-based cyber-security company Tufin Technologies, half the students reported having had their Facebook or e-mail accounts hacked, and 16 percent admitted to trying their own hand at hacking."
June 14, 2010 The Perils of Firewall Security (slide show)
A recent survey conducted by Tufin Technologies, a provider of firewall management software, finds that of the 242 IT professionals working at companies with over 1,000 employees, 30 percent said they audited their firewall security only once in every five plus years.
June 10, 2010 1 in 10 IT Pros cheat on audits
Tufin Technologies recently published the results [PDF file] of a firewall management survey, which found that 10 percent of IT professionals admitted that they or a colleague had cheated to get an audit passed. Fully 30 percent of respondents only audit their firewalls once every five years, and 7 percent never do so.
June 10, 2010 If IT is Down the Heat is Up
"Simply stated firewall rules allow computers to send traffic to, or receive traffic from, programs, system services, computers, or users securely. Whether you have five or 500 firewalls, you need to understand the risk in real time if you want to stay ahead of the game. But with complex rule configurations, routers, etc. to continuously monitor and maintain, it can be hard to identify which are running smoothly, which are smoldering and which are seconds away from meltdown. By focusing your efforts on the right firewall at the right time you can mitigate every risk before it becomes a problem. So, how do you know which one that is? Intelligent network security metrics hold the secret."
June 9, 2010 Tufin data out on the webs
"Well, now. What have we here? According to a recent survey released by Tufin*, a surprising number of IT professionals cheat on firewall rule audits (8%). Interesting, though not unexpected. I do recommend checking out the published data if you get a chance; there are some interesting tid bits to be had in there,"
June 8, 2010 1 in 10 IT Pros cheat on audits, survey says
"If you have had a firewall in place for 10 years, it is more likely than not that you have been adding rules on a regular basis but not deleting them out of fear the one rule they delete will cause a business continuity issue," Efraim said. "As a result, rule bases become bloated with hundreds to thousands of rules…(auditing) can be a real needle-in-a-haystack endeavor that can be virtually impossible to pinpoint without automation."
June 1, 2010 Preventing firewall meltdowns
"Whether you have five or 500 firewalls, you need to understand the risks in real time if you want to stay ahead of the game. But with complex rule configurations, routers and other devices to continuously monitor and maintain, it can be hard to identify which are running smoothly, which are smouldering and which are seconds away from meltdown."
June 1, 2010 SecureTrack 5.1 review
"...we find it to be a good value for the money given what it can do. This offering - while only focusing on network infrastructure - can help streamline and audit to manage compliance seamlessly and easily."
May 20, 2010 Security Process Automation: Create Order From Chaos
"As a boy I loved Lego. I'd use the red and green and white bricks that in those days came in just a few shapes, to construct houses, ships, cars and stairways that lead nowhere. It was all about fun and imagination."
May 10, 2010 Firewall audit dos and don't, Real-world advice on choosing and implementing firewall audit products
Firewall audit products are maturing, but the product class is still a relatively young, small market, defined by compliance requirements. You have a fairly limited choice of vendors, including Tufin Software Technologies… Take the time to define your requirements, narrow down your choices and put candidates to the test.
May 10, 2010 Firewall audit tools - features and functions
Firewall audit tools automate the otherwise all-but-impossible task of analyzing complex and bloated rule sets to verify and demonstrate enterprise access controls and configuration change-management processes. Although the market has been driven by compliance-it was essentially created by PCI DSS-these tools can also allow organizations to improve network performance, reduce downtime, improve security and reassign staff from shooting down firewall issues and analyzing configurations to taking on tasks that help grow the business.
April 18, 2010 One in six teens hack -- and rarely get caught
Security vendor Tufin Technologies has announced survey results that reveal the hacking habits of 1000 New York City teenagers. Exactly half (50%) of US kids sampled revealed they'd had their Facebook or email account hacked, which may explain why 75% feel hacking is wrong and 70% think it should be considered a criminal offense.
April 16, 2010 1 in 6 city teens: E-snooping? Hack, yeah!
"It is very interesting for us to learn more about what our kids are doing," said Reuven Harrison, chief technology officer for Tufin Technologies, a computer-security firm that surveyed 1,000 city teens. "I don't think parents are aware of how computer savvy their kids are."
April 14, 2010 Do teens hack? Survey says 1 in 6 do
Do U.S teens hack more than U.K teens? What's the most valuable hacking target from a teen's perspective? Do girls hack more than boys? What drives them to engage in such activities from a psychological perspective? Here are the details from Tufin's survey:
April 14, 2010 One in Six New York City Teens Have Tried Hacking, Brian Prince
But a survey of teenagers in New York City by Tufin Technologies indicates that hacking is far from dead among young people. Roughly 39 percent of the New York City teens said they think hacking is "cool", and about 16 percent admitted to trying it. Seven percent reported they hacked for money, and 6 percent said they viewed it as a viable career.
April 14, 2010 One Sixth of NYC Teenagers Have Tried Hacking
"Whether they target a company's intellectual property, a person's bank account or their Facebook page, our job as IT security professionals is to stop hackers in their tracks," says Tufin CEO Ruvi Kitov. "We need to ingrain in our children that no matter how harmless your intent, to gain unauthorized access into another person or company's online assets is both wrong and illegal. This is important not just to combat hacking in the future, but also to educate children about online safety and increase their awareness of common threats."
April 14, 2010 It's 10 p.m. Do You Know What Your Kids Are Hacking?
Half of New York's teens have fallen victim to hackers, a survey says. Out of 1,000 kids questioned by Tufin Technologies, 500 of them claimed to have had the passwords of their Facebook or email accounts cracked but, unlike their British counterparts in a similar survey last month, 75% of the respondents thought that it was morally wrong. Seven in 10 even went as far to say that it should be a criminal offense
March 30, 2010 Perimeter security: leveraging innovation to expedite convergence
While physical and IT security convergence has been more of a subtle shift than many experts predicted, high performing security groups understand that today's business environment requires an integrated approach to managing security.
March 20, 2010 Most Brit teens hack 'for fun'!
A new survey has found that one-fourth of British teens try to access their pals' Facebook accounts.
March 19, 2010 One In Four Children Have Tried Hacking, Study Says
Getting into friends' Facebook accounts is first on the list, survey reports. One in four children has attempted hacking into friends' Facebook accounts using their targets' passwords, according to a study released yesterday. According to the study, conducted by security company Tufin Technologies in conjunction with the U.K.'s Cumbria Constabulary, 18 percent of respondents said they had tried to access a friend's email. Six percent admitted trying to access their parents' email accounts.
March 18, 2010 Hacking 'fun' for British teens
E-mail accounts and websites were also targeted by young hackers. One in four young Britons attempts to access the Facebook accounts of their friends, a survey claims. The most common route of access was by working out - or "cracking" - each other's passwords. The poll of 1,150 under-19s found that nearly half of those who accessed other accounts did so from either their own computer or one at school.
March 18, 2010 Quarter of UK kids have tried hacking, survey finds
"One of the most worrying statistics from this survey is the staggering numbers of kids that are successful and the ages involved," said Reuven Harrison, co-founder of Tufin Technologies. "Hacking has changed a lot in the past few years from the curiosity or fun factor to now making serious money or causing havoc in the corporate environment."
March 11, 2010 Firewall Management Today and Tomorrow
Firewall vendors currently fall short in terms of firewall management functionality and the upcoming trends in firewall management. What features are real game changers when it comes to firewall management, and how far along is the market in the development cycle?
February 12, 2010 How to Optimize your Firewalls for Maximum Performance
Are your firewalls overloaded? Symptoms of overloaded firewalls include high CPU, low throughput and slow applications. Before upgrading your hardware, it is worth checking whether or not your firewall configuration can be optimized. Here, Knowledge Center contributor Reuven Harrison gives firewall administrators some best practices for optimizing firewalls for maximum performance and throughput.
February 12, 2010 Security: Moving Beyond Firewall Configuration Management
For over 20 years, the firewall has been the cornerstone of TCP/IP (Internet) security. In fact, the firewall has crossed-over from the geek to the chic as it has appeared or starred in print, television, and movies. While the battle between hackers and security vendors rages on, firewalls have become more sophisticated and complicated to operate and manage. Further adding to the complexity is the increasing trend to build firewalls into routers, switches, unified chassis, and more.
February 11, 2010 Technologies come and go, but managing networks is still about problem-solving
Technologies come and go, but managing networks is still about problem-solving in a changing world, as these IT executives can attest. The main problem that faced Colin Miles, IT manager at entertainment and communications company Virgin Media last year in the United Kingdom, was that business mergers had burdened the organization with "multiple sets of firewalls" and "some were managed well, and some not managed at all," he notes. Among the 100 pairs of firewalls that found a home at Virgin Media, just less than 70% were Check Point, with the remainder mostly Cisco PIX, which were being migrated over to Cisco Adaptive Security Appliance (ASA) since PIX was headed to its official end of life.
February 1, 2010 Top 10 reasons the firewall guys hair is on fire
Firewalls are a mature technology, right? Most companies have at least one, if not several. And since an established knowledge base exists to tap for issues and Payment Card Industry's Data Security Standards (PCI DSS) are pretty clear-cut, firewall management shouldn't be much of an issue, right? No one is going to suffer the brunt of managing the significant infrastructure change these regulations are bound to bring more than the security operations team, correct?
January 26, 2010 Tufin Rolls Out New Version of Firewall Management Tool
TSS 5.1 features the Tufin Security Score, a risk scoring engine that provides visibility into the security and compliance posture of firewalls, enhanced workflow automation, and updated PCI DSS reporting
January 21, 2010 Tufin announces version 5.1 of Tufin Security Suite
Israeli-based Tufin Technologies, which makes Security Lifecycle Management solutions, has announced version 5.1 of its award-winning Tufin Security Suite (TSS). TSS is the combined offering of Tufin's flagship firewall operations product, SecureTrack, and SecureChange Workflow, its innovative change management solution. Version 5.1 features the Tufin Security Score, a risk scoring engine that provides all stakeholders with instant visibility into the security and compliance posture of their firewalls, enhanced workflow automation, and updated PCI DSS reporting.
January 19, 2010 Tufin upgrades security suite
Tufin Technologies, the leading provider of Security Lifecycle Management solutions, today announced version 5.1 of its award-winning Tufin Security Suite (TSS). TSS is the combined offering of Tufin's flagship firewall operations product, SecureTrack, and SecureChange Workflow, its innovative change management solution. Version 5.1 features the Tufin Security Score, a risk scoring engine that provides all stakeholders with instant visibility into the security and compliance posture of their firewalls, enhanced workflow automation, and updated PCI DSS reporting.
December 2, 2009 Partner match-making requires commitment and loyalty
Calum Macleod asks how you find the ideal partner when resellers and vendors alike are so easily swayed by superficial look. Wse've all heard often enough that quality is more important than quantity, and I think this applies in the IT security business. Almost daily, new vendors appear with a supposed panacea for all ills, or an existing vendor suddenly creates a product that is actually useful - which makes you wonder about all their other products.
December 2, 2009 'Tis the Season for Hacking
This is the time of year when thoughts turn to staying home with the family, so IT organizations go with skeletal crews as employees take time off. But while the IT staff is at home getting some well-deserved rest and relaxation, this could be the prime time for hacking. At least that's what a survey by Tufin Technologies predicted last August when the company surveyed 79 hackers during the Defcon 17 event in Las Vegas. Eighty-one percent of them viewed the holiday season as an ideal time to hack corporate systems. After all, the hacker is probably at home, too, enjoying the holiday. So why not engage in his favorite pastime?
November 30, 2009 Firewalls Need to Be Managed in Context of an Overall ROI Framework
Firewalls have come a long way in the past 20 years, driven in part by the rising uptake of IP communications, itself driven by the IT phenomenon that is the Internet. When the first firewalls were introduced in the late 1980s, few people foresaw that rule sets would become so large and complex, often containing hundreds of rules.
November 26, 2009 Lost Phones And Good Samaritans
It happens in a moment - playing with my mobile before going into a meeting. I put it down for a moment and suddenly my host is standing in front of me. Two hours later I'm desperately searching for my phone. Rush back to reception but it's not there. Here I am in Dubai and my phone is gone.
November 25, 2009 Online Security Tips for Black Friday, Cyber Monday
While the holidays may be a busy time of year for consumers and retailers, it is also a busy time for attackers. According to Consumer Reports, cyber-criminals have stolen about $8 billion from consumers in the past two years. In a survey by Tufin Technologies released at the Defcon conference held July 30 to Aug. 2 in Las Vegas, 81 percent of the hackers surveyed said they were "far more active" during the winter holidays than during the summer.
November 23, 2009 Tufin Releases New Plug-ins to Extend Lifecycle Management Solution's Reach
Tufin Technologies, a provider of security lifecycle management products, announced that it has released a new set of plug-ins to extend the reach of its "lifecycle Management" solution to a wider range of network devices. The new plug-ins are designed to help the company's customers to integrate security management into their operations processes.
November 17, 2009 Tufin Expands from Security into Network Management
Firewall management firm Tufin Technologies recently announced that it plans on expanding into the field of general network management through a clutch of 12 new plug-ins to expand its open extensible architecture.
November 13, 2009 Tufin Adds Network Device Support to Security Lifecycle Manager
Tufin leverages its open architecture to automate policy management across network and security devices. Tufin Technologies has released a set of 12 plug-ins, extending support of its solution set to a wider set of network devices. Showcasing the value and utility of Tufin's open extensible architecture, the Tufin Open Platform (TOP), Tufin has released plug-ins for switches and routers from industry leaders including Cisco, Juniper, and HP.
November 10, 2009 Press Quote: Tufin extends security lifecycle management
Tufin has a nice vision for helping IT manage network access policies - coordinating rules between firewalls, routers, and switches for consistency and security. It is worth checking out, especially if your network has sensitive data (and what network doesn't).
November 9, 2009 Products of the Week
Our round-up of intriguing new products from CA, McAfee, HP among others. Tufin has released a set of 12 plug-ins, extending support of its firewall management solution across an extensive set of network and security devices from Cisco, Juniper, HP, Dell and others.
November 6, 2009 Firewall Auditing Tools
Automated Tools Help Keep Up The Primary Defense Against Network Security Threats. The convoluted maze known as spaghetti code isn't an affliction restricted to application programmers; network security admins have their own strain known as the firewall rulebase. Although firewalls have been a standard feature of enterprise network security for years, ever-changing and morphing threats mean that one's database of firewall filtering rules continues to get more complex, convoluted, and incomprehensible.
November 5, 2009 Is security outsourcing up or down? Survey says: down
I am not Richard Dawson and this ain't the Family Feud. But I don't quite get the results as reported by Bill Brenner on CSO online and his podcast. According to Bill the economic downturn has led to companies spending less on outsourced security and doing more in house. This seems to be counter-intuitive and against all of the evidence I have seen. In fact most analysis I have seen says that the economic turmoil has led to a greater use of security outsourcing. Companies cannot afford the resources in house, full time and instead are saving costs outsourcing security.
October 29, 2009 Enterprise Security: Cheating on Your IT Security Audits
An audit isn't worth much if the people doing it are cutting corners. Unfortunately, a survey by the folks at Tufin Technologies suggests many IT pros may be doing exactly that. The survey, which was conducted at the InfoSecurity Europe 2009 Conference in April, took opinions from 151 IT security pros. The aim was to determine companies' approach to firewall auditing and management. What Tufin turned up was that 20 percent of the respondents admitted they or a colleague had cheated on an audit to get it passed.
October 16, 2009 Tufin Technologies Adds Salt River Project to Customer Roster
Tufin Technologies, a provider of security lifecycle management solutions, has added Salt River Project to their customer list. SRP will be gaining the capability to halve the time it spends on firewall operations by making use of Tufin's SecureTrack for managing firewall changes and thereby cost-effectively and efficiently maintain highly available, redundant, secure access to the core systems fundamental to its success, company officials said.
October 15, 2009 Lingerie and IT
So we're into a presentation and demo of automatic policy generation for firewalls and I'm thinking "I wish I was next door" but then I'm slowly being seduced by what I'm seeing. Maybe it's an age thing but I found myself thinking less about the demos next door and started to be drawn into a description about how the firewall administrator was able in a few minutes to carry out forensics on their firewalls. Suddenly instead of spending weeks or months pouring over firewall logs to find out what was going on he was talking about how they could spot unknown mail servers in the organization, outbound access through non-standard ports, who was accessing which HTTPS and HTTP servers on the internet, and even access to non-corporate mail servers!
October 14, 2009 How to... get ready for the festive season
If your office is unattended during the Christmas break, make sure that your security is up to scratch. This includes IT security. At the Defcon conference for computer hackers, held this year in Las Vegas, a survey by Tufin Technologies, an IT security company, found that 89 per cent of hackers regarded Christmas as their most active period.
September 16, 2009 Firewall management today and tomorrow
What features are real game changers when it comes to firewall management, and how far along is the market in the development cycle? Firewall eulogies are premature. Firewalls have been at the cornerstone of network security for almost 20 years and will probably remain so until a paradigm shift occurs.
September 11, 2009 Top 5 best practices for firewall administrators
At the recent Defcon 17 conference in Las Vegas, Tufin Technologies conducted a survey among 79 hackers, asking about their hacking habits. According to the survey results, the hacking business is just coming off its summer break and gearing up for the busy Christmas holiday season, so you'd better get ready.
September 9, 2009 As summer ends, phishing season is on the horizon
Tufin Technologies, an Israel-based security company, found similar results in a survey of hackers attending last month's DefCon conference in Las Vegas. Hackers, like the rest of us, apparently take it easy during the summer. "The survey reveals that the Christmas and New Year holidays are popular with hackers targeting western countries," said Tufin's chief security architect, Michael Hamelin. "Hackers know this is when people relax and let their hair down, and many organizations run on a skeleton staff over the holiday period."
September 9, 2009 Technical certification for Tufin channel partners
Tufin Technologies, the award-winning provider of Security Lifecycle Management solutions, has announced strategic enhancements to its channel partner program to keep up and reflect the spike in demand from customers and partners alike. The launch of the Tufin Certified Security Expert (TCSE) world-wide training and certification program coupled with the introduction of a new two-tiered channel structure increase the ability of Tufin's channel partners to capitalize on the lucrative market opportunity for Security Lifecycle Management solutions while positioning the company to maintain its growth and enable partners to more proactively and independently sell and support Tufin products.
September 9, 2009 Tufin Technologies Revamps Partner Program
Tripling profits over past three years, the Israeli firewall management company looks to expand its solution provider ranks and bolster incentives for top partners. Tufin Technologies beefed up its channel partner program this week with a three-pronged upgrade that it hopes will jumpstart indirect sales and benefit resellers and integrators that focus strongly on security.
September 9, 2009 Tufin Enhances Partner Program to Capitalize on Company Growth
Tufin Technologies, the award-winning provider of Security Lifecycle Management solutions, today announced strategic enhancements to its channel partner program to keep up and reflect the spike in demand from customers and partners alike. The launch of the Tufin Certified Security Expert (TCSE) world-wide training and certification program coupled with the introduction of a new two-tiered channel structure increase the ability of Tufin's channel partners to capitalize on the lucrative market opportunity for Security Lifecycle Management solutions while positioning the company to maintain its growth and enable partners to more proactively and independently sell and support Tufin products.
September 8, 2009 Tufin resellers are moved to tiers
Firewall management vendor Tufin Technologies has moved to a tiered channel model and has created a new training programme. Resellers will now be classified as Gold and Silver, determining their level of incentives, sales enablement and technical training. The vendor has also launched the Tufin Certified Security Expert (TCSE) programme to help resellers support customers on the full breadth of its product range.
September 8, 2009 Tufin enhances partner program
Tufin Technologies announced strategic enhancements to its channel partner program to keep up and reflect the spike in demand from customers and partners alike. The launch of the Tufin Certified Security Expert (TCSE) world-wide training and certification program coupled with the introduction of a new two-tiered channel structure increase the ability of Tufin's channel partners to capitalize on the lucrative market opportunity for Security Lifecycle Management solutions while positioning the company to maintain its growth and enable partners to more proactively and independently sell and support Tufin products.
September 8, 2009 Tufin Enhances Firewall Management Channel Program
Tufin Certified Security Expert (TCSE) training and certification program is coupled with the introduction of a new two-tiered channel structure.
September 2, 2009 Hacker Habits: When to be On Guard
Michael Hamelin, Tufin's chief security architect, said in an interview, "this may be obvious, but poorly configured firewalls remain a significant risk for many organizations. It's not the technology that's at fault, but rather the configuration and change control processes that are neglected or missing altogether."
September 1, 2009 Data Security Podcast Episode 68
Ira talks with Michael Hamelin, Chief Security Architect, with Tufin Technologies, about the survey of hackers he crafted for DEFCON 2009. We cover: Hackers Take a Break This Summer Before Winter Hacking Spike, and importantly, counter-measures to get prepared.
Audust 26, 2009 Hacking, Like The Weather, Is Seasonal
Hackers, malicious and otherwise, are just people -- that's easy to forget, but it also means their hacks are subject to human habits too. A recent survey by Tufin Technologies suggests that the summer and weekends are low hacking periods. A survey of the hackers attending this month's DEFCON 17 conference turned up these rather interesting results: Only 25% of the hacker community is thought to be the malicious Black Hat type, according to the majority of the DEFCON 17 hackers themselves. And when these dodgy coders are doing their worst, most often their hacks happen in the Winter holidays. About 81% of the hackers say they're more active during this period. 6% of hackers say Christmas is in fact the ideal time to tackle a corporate network, while 25% think New Year's Eve is best.
Audust 26, 2009 Survey: Hackers on Vacation Before Q4 Saturation
Malware and spam rates may not be on the decline, but a survey of hackers attending the DEFCON 17 conference in Las Vegas earlier this month found that many members of the underground cyber-economy work less during Q3 before ramping up their efforts again during Q4 ahead of the holiday season.
August 25, 2009 DEFCON survey suggests hacker community on vacation
Companies and individuals are less likely to be targeted in late summer by spammers, phishers and malware pushers, according to the Tufin Technologies survey of 79 hackers attending DEFCON 17 in Las Vegas earlier this month. Tufin said 81% of those surveyed revealed they are far more active during the winter holidays.
August 25, 2009 Hackers Like Christmas Best of All
Most people may be busy with year-end gift buying and holiday parties at the end of December, but security professionals have an added obligation: keeping the hackers off their corporate networks. Most security pros know that spammers and online criminals like to launch their campaigns when they think nobody will be minding the store, and according to a survey of attendees at the DEFCON hacking conference earlier this month, Christmas is the best time of year for hackers to strike.
August 25, 2009 Hackers Tend to Take the Summers Off
Even hackers need to take a breather when the weather gets warm. According to the Hacker Habits survey by Ramat Gan, Israel-based security management company Tufin Technologies, 79 hackers attending the DEFCON 17 conference in Las Vegas said they are less likely to ply their "craft" in the summer months than they are during Christmas and New Years.
August 25, 2009 Message From Hackers: Enjoy The Summer Break Because Winter Attacks Will Be Harsh
Around 81 percent of hackers say they are more active around the winter holidays - 56 percent say Christmas is the ideal time for corporate hacking, and 25 percent say New Year's Eve. Weekday nights are when they do most of their hacking, according to 52 percent of the respondents. More than 30 percent do so during business hours, and only 15 percent on weekends. More than 85 percent say they can hack into a corporate network via the firewall: One-fourth say they could accomplish that within minutes, and 14 percent within a few hours. Another 16 percent say they won't bother hacking a firewall at all, even if they could get in that way.
August 25, 2009 Hackers rest over Summer Vacation, Chuck Miller
The summer season could end up with fewer cyberattacks because companies are less likely to be targeted now than other vacation periods, a new survey shows. In another area of concern, the survey found that Payment Card Industry Data Security Standard (PCI DSS) compliance is not necessarily a huge hacker deterrent. Some 70 percent said that PCI compliance makes no difference; 15 percent said that it actually made corporate hacking easier.
August 25, 2009 Really quite hacked off with the hackers
Encouraging news. A company called Tufin Technologies has revealed that computer hackers take the summer off - so you are unlikely to get your bank details nicked at the moment.
August 25, 2009 Ian Grant Hackers take summer breaks, and work mostly on weeknights
Hackers take summer breaks and reserve the winter holiday season for most of their exploits, but fewer than a quarter are motivated by money or malicious intent, according to a study of hacker behaviour. A survey of 79 hackers' habits conducted by Tufin Technologies at last month's DEFCON hacker convention in Las Vegas showed that 81% were more active during the winter holidays. Christmas was the best time to engage in corporate hacking for 56%, and 25% preferred New Year's Eve.
August 25, 2009 Security laws have not made businesses safe, say hackers
Government attempts to improve information security through regulation have had no impact on the ability of hackers to break into corporate networks, according to 70% of self-identified hackers polled at the DEFCON conference in Las Vegas earlier this month.
August 25, 2009 Richard Steinnon, Can the clock aid attribution?
A survey reported by Tufin Technologies reminded me of a possible way to address the issues around attribution. Tufin surveyed a bunch (79) of "hackers" at DEFCON this year. They report that hackers take the summer months off and view major holidays as a good time to hack corporate networks. Of course, the population of hackers who attend DEFCON are not representative of the 16 and 18 year olds that still live with their parents and cause a lot of the havoc we witness. It is still an interesting survey because it highlights that amateur hacking is not a 9-5 job.
August 25, 2009 Alan Shimel, Now I know why hackers don't need a union
I have always thought of hackers as not putting in the long hours and hard work that many of us do in our jobs and careers. Lets face it most hackers are looking for short cuts, holes and angles to accomplish their goals, whether that is getting rich or just putting another notch on their belt. Now a survey from Tufin Technologies confirms it. It seems most hackers take the summer off. The only other job I know of that gives you summers off is school teacher. According to the survey the Christmas/New Years holiday time is the busiest time of year for hackers. They don't work very much on weekends, but do favor evenings over work days. Now I wonder if there is any health insurance plans that come with that hacker thing?
August 3, 2009 Compliance Pressures Fuel Adoption Of Firewall Auditing Tools - PCI, staffing cuts are driving organizations to rein in their firewall policies and change processes with automation tools
Misconfigured firewalls are more common than you'd think: With the massive number of firewall rules that accrue in a large network and the typically manual process, mistakes happen, and often.
July 20, 2009 McAfee expands SIA program; adds new compatible solutions
McAfee has announced that it has added 11 new partners across the United States and Europe to its McAfee Security Innovation Alliance (SIA) program. Its SIA is a technology partnering program that accelerates the development of inter-operable security products and simplifies the integration of those products within complex customer environments.
July 16, 2009 McAfee and Tufin team up on firewall management
Streamlining processes for speed and better compliance. Tufin is teaming up with McAfee to reduce the time and cost of running firewalls and make it easier for users to draw on data needed to meet regulatory audits.
July 15, 2009 McAfee teams with Tufin to streamline firewall management
McAfee alliance blends firewall with optimization and analysis tools. Tufin is teaming with McAfee to integrate their security products to reduce the time and cost of running firewalls and make it easier to draw on data needed to meet regulatory audits. With the agreement, Tufin Security Suite (TSS) will be integrated with McAfee Firewall Enterprise and the McAfee ePolicy Orchestrator (ePO), bringing management, optimization, change automation and auditing tools to McAfee's products, the companies say.
July 2, 2009 Profile: Tufin Technologies. What they do for device management is insane, in a good way
SecureTrack centers on policy management and auditing. It does this by tracking changes to devices, without needing to open a console or other interface. Most companies are far from a single-vendor shop, so it's no surprise to see Cisco sitting in the same rack as Check Point or Juniper. However, Tufin cares little for your vendor; it simply allows you to get a visual of what's happening on what devices and, if there was a change, what it affected and who initiated it.
July 1, 2009 Tufin takes an operational view on firewall rules management
Tufin is one of the promising companies in the firewall rules management market. While security and managing compliance is of primary importance, Tufin also appreciates the operational cost savings benefits of controlling and automating firewall rules administration.
June 29, 2009 Q & A with Ruvi Kitov, CEO of Tufin Technologies
Topic: Security Lifecycle Management.
June 29, 2009 Gartner IT Security Summit: Tufin APG announced
The first vendor announcement worth thinking about is Tufin's Automatic Policy Generation tool that is part of their complete firewall policy management solution. The problem that APG addresses is that of deploying a new firewall to a network segment that has gone unprotected in the past. Certainly universities and research institutes have lots of these! Many enterprises may also find that an audit or tightening security controls identifies the need for a new deployment. Perhaps in front of HR or between the core and the transaction processing systems. The question is: how does one determine the rule set for the new device?
June 26, 2009 Top 10 Reasons the Firewall Guy's Hair is on Fire
Firewalls are a mature technology, right? Most companies have at least one, if not several. And since an established knowledge base exists to tap for issues and PCI DSS 1.1 and 1.2 are pretty clear cut, firewall management shouldn't be much of an issue, right? No one is going to suffer the brunt of managing the significant infrastructure change these regulations are bound to bring more than the security operations team, correct? Well, not really. If your friendly neighborhood firewall guy (or gal) rolls into work late on a Monday morning sleep deprived and grouchy, cut him some slack. Here are some of the most common-yet-nerve-sizzling firewall snafus that have kept many an admin on a Friday-to-Sunday diet of fast food and Red Bull.
June 19, 2009 Market for Network Firewall Auditing Tools on the Upswing
Forrester Research expects the market for tools to help enterprises manage and audit their firewall policies to jump 25 percent this year due to the requirements of PCI DSS. Third-party vendors are competing to take advantage of interest in the space by attempting to surpass the capabilities offered by companies such as Cisco and Juniper Networks.
June 18, 2009 20% of IT managers don't emphasize IT security
IT managers survey has revealed that 20pc cheat in order to pass security audits. The survey "Reality Bytes" was conducted by Tufin Technologies among 151 IT security professionals. It discovered that 63% of them check their firewalls between 3 months to a year. 9% never check them at all. 51% of companies labeled their firewall rules as "a mess".
June 17, 2009 First Look: SecureTrack Firewall Operations Management from Tufin / Stephen Northcutt
Firewalls, they are boring, right? We have them dialed in. Sorry, no. A while back I got some of my friends to run the free AthenaSecurity firewall rule base tool and several mentioned they found issues with their rules. These are guys that know what they are doing and they still had problems. Based on this I am guessing there are more than a few misconfigured firewalls out there.
June 17, 2009 [Product Review] Tufin's SecureTrack 4.5 - Simplifying Chaos
Do you work for a large company or an extremely large enterprise? If you answered yes then I know what your biggest problem is... without even talking to you - you have too many network devices to manage. Period, end of story.
June 17, 2009 20% of IT managers cheat to pass security audits
A survey of IT managers and technical staff has revealed that 20% admit to cheating on a security audit to get it passed. The survey by security lifecycle management company Tufin Technologies was conducted amongst 151 IT security professionals, many of whom were from multinational organisations and government departments, employing 1,000 to 5,000-plus employees.
June 15, 2009 Security pros find corporate firewall rules tough to navigate
It is near impossible for a human to manually audit firewall rules across the enterprise to reduce risk, optimize firewall device performance, and streamline data paths through routers, switches and firewalls. Security teams are turning to firewall management tools to perform security audits of the infrastructure and automate operational control of the firewalls.
June 4, 2009 IT failures will have to wait - LogisticsIT.com
That's according to a survey conducted at Infosecurity Europe, by Tufin Technologies, the leading provider of Security Lifecycle Management Solutions who interviewed 151 IT professionals.
June 2, 2009 Know Thy MSSP: Maintaining Control in a World of Shifting Accountability
Ask 10 IT professionals if outsourcing security operations to a Managed Security Services Provider (MSSP) is a good idea and you're likely to get 10 different answers ranging from "absolutely yes!" to "are you crazy?" What to outsource and why is a function of a large set of variables ranging from the nature, size and location of your business to the size, makeup and skill set of your IT team, current and planned IT initiatives, who and where your business partners are, what your security budget is... and the list goes on.
May 28, 2009 Security Challenges Italian Style | SOA World Magazine
David Aminzade is the Regional Director of Tufin Technologies. Tufin specializes in Security Lifecycle Management, a category of software solutions that enable organizations to effectively implement their security objectives.
May 28, 2009 IT managers 'lying on security audits'
One-fifth of IT managers have admitted that they or their colleagues have cheated security audits. That's the main finding of a new survey, conducted by Tufin Technologies at the InfoSecurity Europe Conference 2009, which also revealed that 63 per cent of firms only check their firewalls every three months.
May 28, 2009 Cost-Cutting Leads to Compliance Issues among IT Organizations: Survey
A new "Reality Bytes" survey from security lifecycle management solution provider Tufin Technologies reveals that recession and related cost-cutting have yielded compliance issues for many organizations. The survey, conducted at the InfoSecurity Europe 2009 Conference last month, sampled 151 IT security professionals, most of them from multinational organizations and government departments. The survey was conducted to understand larger social, economic and cultural context in which Tufin's customers and potential customers operate, officials said.
May 27, 2009 Cheating on Your Security Audits
An audit isn't worth much of the people doing it are cutting corners. Unfortunately, a survey by the folks at Tufin Technologies suggests many IT pros may be doing exactly that.
May 27, 2009 Study finds IT security pros cheat on audits - SC Magazine US
IT security professionals might think of auditing as a pain, but some are actually cheating to get audits passed, according to a study release today by security vendor Tufin Technologies.
May 27, 2009 Champions League final bad news for tech support
A survey has revealed that 39% of IT professionals will not be disturbed during the last five minutes of tonight's Champions League final, even to fix a major IT failure. The findings appeared in a frank study gauging the attitudes of 151 IT security professionals, conducted by firewall experts Tufin Technologies.
May 27, 2009 Most IT professionals believe their corporate firewall base rules are in a mess
According to a survey conducted by Tufin Technologies, if you are unlucky enough to suffer a major security failure during the last 5 minutes of a major football match like tonight's UEFA champions league, 39% of IT professionals say the problem will have to wait until the footie is over! On the flip side that does leave an incredibly loyal 61% who would right their company's IT problems before watching the footie.
May 27, 2009 Security problems will have to wait till the football is over
If you're unlucky enough to suffer a major security failure during the last five minutes of a major football match, like tonight's UEFA champions league event between Manchester United and Barcelona, 39% of IT professionals say the problem will have to wait. That's according to a survey of 151 IT professionals at Infosecurity Europe by security solutions firm Tufin Technologies. On the flip side that does leave an incredibly loyal 61%, who would right their company's IT problems no matter how nail-biting the final minutes of the match.
May 26, 2009 Reality Bytes: IT teams admit to cheating on audits and more...
In their Reality Bytes survey due out tomorrow, Tufin Technologies, a company that covers the firewall market with automation and management offerings, says that the IT staffers and managers who took their survey held nothing back.
Israel Innovation 2.0

May 10, 2009 Tufin on the rise
Tufin Technologies, which provides Security Lifecycle Management solutions, has really picked up steam since the beginning of the year. The company, which is five years old, has won three awards in recent weeks and recently attended the RSA conference (the largest infosec conference of its kind) in San Francisco.
"...Live in Infamy" Security Blog by Randall Gamby

May 7, 2009 Overlapping shields of security
A few days ago a friend of mine contacted me because they were excited about a new product they found. While I'm not normally into product evaluations without a specific set of requirements to judge them by, I took a look and, while I can't say whether the product is good or bad, the idea certainly deserves mention.
May 2009 Calum Macleod, Tufin Technologies: Is Your Firewall a Fire Hazard
With the economy taking quite a bashing and the housing market looking pretty miserable the question might be: Where is the silver lining? And I think I made have found it for those poor souls who have just seen their plans of moving to a new house dashed - you don't have to tidy up!
April 30, 2009 New Tools Emerge To Ease Enterprise Fear Of Firewall Swapping
Many organizations are loathed to swap out one vendor's firewall for another because the changeover could disrupt the network and open new security holes. It's less risky to stick with a single firewall vendor, so often that's just what they do.
April 29, 2009 Tufin welcomes David Blunkett's opinions on cybercrime awareness at Infosec
The opinions on security from former Home Secretary David Blunkett MP have been met with approval at the Infosecurity exhibition. Tufin CTO Reuven Harrison claimed that Blunkett's observations that there is a woeful lack of awareness of cybercrime issues amongst companies were very welcome.
April 28, 2009 Improper risk assessment can have disastrous consequences. Opinion piece submitted by Calum Macleod, Regional Manager, Tufin Technologies
With all the doom and gloom of the past few months and billions of whatever currency you like being poured into the economy I have to report on a ray of hope. I think my son may have hit on the solution completely inadvertently. He's not a renowned economist, just an honest, hard working car mechanic.
April 28, 2009 RSA: Final Thoughts
SAN FRANCISCO-Attendance was down enough to dull what's usually a loud roar to a low buzz in the cavernous expo hall at the RSA Security Conference last week. Yet, examples of innovation and security maturation were still in abundance. In particular, there was a lot of standards-based innovation around authentication, managing peoples' online identities, encryption and data management. Integration between applications and network security was also announced by security lifecycle management startup, Tufin Technologies, which released TOP (Tufin Open Platform) open APIs for developers. Already it partners with F5 and Blue Coat for policy management, and is deeply integrated with Check Point, Juniper, Cisco and Fortinet.
April 23, 2009 Losing that excess weight. Lame ducks, sitting ducks and the CSO
Although I know the term is generally applied to politicians, I am increasingly convinced that one of the biggest challenges faced by many enterprises today are the number of "lame duck" managers filling key functions within organisations.
April 22, 2009 Tufin tops out network security console
Tufin Software Technologies Ltd, which is developing a unified management station for real-time security and network policy administration, has extended the reach of its system to monitor devices from application security and delivery systems, as well as firewalls from the likes of Check Point, Juniper, Cisco and Fortinet.
April 18, 2009 Tufin on the InformationWeek Startup 50 List: Business Technology Companies To Watch
$601.8 million. That's how much venture capital has been invested in the InformationWeek Startup 50, a group of up-and-coming technology vendors chosen through a three-step process of nomination, online voting, and editorial vetting.
April 16, 2009 Gateway policies: the long and the short of it.
Today, many organizations have thousands of rules in their firewalls. On top of that they have identity based access controls, IPS, and URL blocking devices. Security policies have gotten out of hand. If you have ever tried to get a new application to work through a firewall you are probably familiar with the technique of first opening everything up and then adding rules until you break the application, then backing off a bit. Crude, but effective.
April 12, 2009 IT Voices - Ruvi Kitov of Tufin Technologies - video
IT Security Forum 2007, Interview with Ruvi Kitov.
April 7, 2009 Firewalls and speed traps
Tufin Technologies' Calum Macleod takes another wry look at firewall policy management through the eyes of a driver trying to avoid being caught by speed traps.
April 2, 2009 Saving pennies and spending pounds, the real cost of poor risk assessment
Calum Macleod of Tufin Technologies draws an interesting analogy between fixing the brakes on your teenage son's car and managing your firewalls correctly.
March 24, 2009 Tufin adds white lists to firewall management platform. Software upgrade checks new firewall rules against essential traffic
Tufin Technologies is upgrading its firewall-management software to include white listing as a way to determine what types of traffic are allowed through corporate firewalls and as a means of safeguarding essential business functions.
March 23, 2009 Selling security without using scare tactics
Using fear, uncertainty and doubt (FUD) is easy for security vendors, as well as IT managers pitching security purchases to the business team. But other approaches may work better, argues Ruvi Kitov, CEO of Tufin Technologies. Kitov speaks with Keith Shaw about four other arguments that security vendors and IT managers should have in their arsenal.
March 22, 2009 Take the complexity out of firewall configuration changes. Managing the Mergers & Acquisitions IT Nightmare in the Firewall Team
Your boss steps into your office and announces: "I've got good news and bad news... The good news is that we've just acquired our largest competitor. The bad news is that we now need to manage all of their firewalls." An increasing number of security managers are faced with the challenge of absorbing and integrating an external organization's IT staff, their existing firewall infrastructure, and whatever data, rules and policies they had in place prior to the merger or acquisition. In some cases, security architects are asked to quickly audit an organization's existing firewall estate, and find the potential risks contained in it as part of a due-diligence process. Once the due diligence is done and the deal is signed, IT organizations usually face a very tight schedule for the integration of the combined infrastructure.
March 2009 My Wife is Not For Sale
Monday mornings are bad enough but when another letter arrives from the local law enforcement asking me for another contribution to help them improve the accuracy of their speed traps it doesn't make for a good start to the week. Fortunately I live in a pragmatic country where minor indiscretions are solved with a reasonable contribution and not with the full force of the legal system coming down on your head. But in any case in these times of recession, every little bit hurts!
March 12, 2009 Losing that excess weight. Network administrators, firewalls and a trip to the gym
Talk with any firewall administrator and suggest that they clean up their rule base and you will get the familiar groan of someone who knows they need to do it but just don't know where to start.
March 9, 2009 Take the complexity out of firewall configuration changes. Tools from Tufin Technologies reduce the human error factor that leads to potentially harmful omissions and misconfigurations
Tools from Tufin Technologies reduce the human error factor that leads to potentially harmful omissions and misconfigurations. In its 2008 Data Breach Investigations Report, the Verizon Business RISK Team cites omissions and misconfigurations as two of the top network problems that lead to significant data breaches.
February 27, 2009 SecureChange Workflow. Change Management for Security Policies
Building on (and requiring) the vendor's SecureTrack product, SecureChange Workflow adds automated workflow tracking and auditing features specifically for organizational security policy requests. The product is deployed on a Red Hat Enterprise or CentOS box (a pre-loaded appliance from the vendor, as well as a VMware virtual appliance are also available), with SecureTrack either installed locally on the same machine or on a remotely accessible station.
February 26, 2009 Firewall management can ensure that they run with an optimum performance
Companies have been encouraged to tidy up their firewalls in order to achieve optimum performance. Calum Macleod, regional director at Tufin Technologies, claimed that there is a belief that a firewall can be installed and set up, and then left alone, a process that leaves it without up-to-date configurations. McLeod said: "In most organisations the firewall configurations are changing on a daily basis with continuous requests for services to be added, removed, and modified. And this is not only a complex procedure but also very risky for an organisation."
February 25, 2009 Back to Basics
Calum M. MacLeod, Regional Manager, Tufin Technologies. Today we're getting back to basics, which can summed up in the three Rs - Reduce, Rationalize, Return. Everyone in 2009 is reducing; reducing staff, investment, and trying to trim operational costs. At the same time risk control and business continuity has taken on more urgency.
February 18, 2009 Back to basics - or true love, the market and security. What relationships and the three Rs - Reduce, Rationalise, Return - can tell you about your security operations
Calum M. MacLeod, Regional Manager, Tufin Technologies. Utilizing Firewall Policy Management, or FPM as Gartner calls it, will realize major cost savings in areas such as Policy Analysis, Rule Usage Analysis, Rule Cleanup and Optimization. It will provide improved business continuity and add years to the life of your existing infrastructure.
February 19, 2009 Tufin-ough to Manage Complex Firewalls
Tufin was featured in Channel Web's latest blog on Emerging Vendors - Tufin Software addresses a huge problem for enterprise perimeter security: managing and securing complex and multivendor firewall configurations. With the copious number of enterprise-class firewall products on the market, IT administrators have wondered how to manage and control the multitude of complex and multivendor firewall systems on their networks. That's where Tufin Software Technologies comes in.
January 29, 2009 Is having a security policy in place nine-tenths of the law?
Ruvi Kitov, CEO and co-founder of Tufin Technologies. Most large organizations maintain a detailed corporate security policy document that spells out the "dos and don'ts" of information security. Once the policy is in place, the feeling is of having achieved "nine-tenths of the law", that is, that the organization is in effect "covered". This is a dangerous misconception. Because much like in the world of law and order, while creation of law is fundamental, implementation and enforcement of law is what prevents chaos.
January 2009 Managing the Mergers & Acquisitions IT Nightmare in the Firewall Team
David Aminzade, Director Northern Europe, Tufin Technologies. An increasing number of security managers are faced with the challenge of absorbing and integrating an external organization's IT staff, their existing firewall infrastructure, and whatever data, rules and policies they had in place prior to the merger or acquisition. In some cases, security architects are asked to quickly audit an organization's existing firewall estate, and find the potential risks contained in it as part of a due-diligence process. Once the due diligence is done and the deal is signed, IT organizations usually face a very tight schedule for the integration of the combined infrastructure.
December 16, 2008 How to Merge Securely
In this eWeek podcast hosted by Mike Vizard, Tufin Technologies CEO Ruvi Kitov talks about all the challenges that IT security people face when two organizations attempt to merge, which is a more frequent occurrence in these uncertain economic times.
December 12, 2008 Interview: How Tufin Technologies Is Navigating the Recession
TMCnet recently caught up with Shaul Efraim, vice president of products, marketing and business development at Tufin Technologies, to talk about some of the strategies adopted by the company to deal with the recession.
September 9, 2008 The Converging Worlds of Compliance and Security
In this Changing Channels podcast, Tufin's CEO Ruvi Kitov explains how the convergence of security and compliance is creating new opportunities around policy management for solution providers.
September 9, 2008 Tufin Technologies offers preview of next-gen IT risk management at DEMOfall 08
Tufin Technologies today is demonstrating at DEMOfall 08 in San Diego, CA its future IT security product - Tufin SecureChange Workflow, which automates the security lifecycle of a change request from a business requirement to the actual configuration change and corrects implementation. The product will be commercially available later this year.
August 15, 2008 Tufin's Security Change Management Solutions "Pioneering"
Tufin's SecureTrack and SecureChange got special mentioning in a recent report published by Frost & Sullivan on the need of security management solutions in enterprises. According to the report, the network security market is driven by an increasing need of management solutions to help secure network infrastructure while ensuring compliance with regulatory and corporate policies
August 5, 2008 Tufin Technology's products win F&S award
Security and network operations are becoming increasingly complex. Large enterprises have multiple firewalls spread across different time zones and business units and are also required to comply with stringent regulatory requirements; Tuffin Technology offers management solutions to help businesses cope.
August 5, 2008 Tufin Adds Router, Switch Auditing
Tufin Technologies moves beyond firewall auditing to support Cisco routers and switches for improved overall network control.
August 5, 2008 Product Spotlight
Tufin Technologies announced a new PCI Compliance solution as part of SecureTrack, Tufin's security operations management product.
August 1, 2008 Group Test: Policy Management
By no means is implementing technology to help you manage policies a panacea, but some of the features that are creeping into the policy management space can help alleviate some of the pain points associated with these daunting tasks.
April 2008 Tufin Unveils Firewall Op Mgt System
Security In a Box Roundup - when you secure your clients from viruses, spyware, and other malicious threats, sometimes one box rocks. Check out our latest roundup of security appliances.
March 26, 2008 Tufin releases firewall operations management solution
Tufin Technologies, a provider of firewall operations management solutions, has released SecureTrack 4.2, a new version of its flagship product, which helps firewall operations teams control and manage policy changes, analyze risks and ensure business continuity.
March 26, 2008 Tufin announces release of SecureTrack 4.2 firewall solution
The new features in Tufin's SecureTrack 4.2 solution include business-ownership change reporting. Users can now receive a change report specific to their areas of business responsibility. The report highlights policy changes affecting assigned network resources and allows corrective action when required. The solution also offers enhanced security compliance alerts. The compliance monitoring has been enhanced with a sophisticated alert system that pinpoints any policy change in violation of pre-defined corporate policies. With SecureTrack 4.2, compliance monitoring can be implemented for two types of traffic that affect business critical services and/or introduce new risks, namely business-critical traffic, which refers to traffic that should always be allowed and high security risk traffic, which refers to traffic that should always be blocked
March 25, 2008 Tufin Unveils Firewall Op Mgt System
Tufin Technologies announces release of flagship product, SecureTrack 4.2 firewall operations management solution.
January 16, 2008 Israel-based Tufin Technologies expands sale of firewall operations solutions in U.S.
Israel-based Tufin Technologies launched its first U.S.-based office this week in Boston. Tufin is a provider of Firewall Operations Management solutions. The U.S location will be headed up by Tufin's new vice president of Sales Americas, Steve Moscarelli, responsible for all sales efforts in North and South America.
December 13, 2007 How to Manage Your Multivendor Firewalls like a pro
Firewall management software can audit, and rules verification can be simplified, automated.
December 5, 2007 Axpo Group buys firewall management solution from Tufin
Swiss-based Axpo Group, a leading energy supplier, has selected firewall operations management solutions from Tufin Technologies. The product will provide security and optimization for Axpo's firewall operations across Europe, permitting real-time monitoring and reporting of changes.
November 2, 2007 Product Spotlight - New appliance based firewall operations management solution
SecureTrack 4.1 incorporates powerful new Firewall OS Monitoring capabilities and is also available as an appliance-based solution, offering unmatched capabilities and convenience for large enterprises tasked with managing sizeable firewall operations and/or multiple firewall vendors. The product is also offered as a software-based solution.
June 4, 2008 SecureTrack - Configuration Change Monitoring and Reporting for Firewalls
SecureTrack provides configuration change monitoring, reporting, and alerting features specifically for corporate firewalls. Check Point, Cisco PIX, and Juniper/Netscreen firewalls are all supported.
May 3, 2007 Tufin bringing firewall management solution to North America
Firewalls are so complex these days they require the attention and expertise of specialists that know "a little bit about security, a little bit about networking, a lot about the products and how to configure the product," said Ruvi Kitov, the CEO at Tufin Technologies.

More resources

In the News

Resources