Product Name: vSentry
Why we are watching: Led by a team of security and virtualization experts who had worked at Citrix, Bromium developed an approach to desktop security that virtualizes end-user activities when they pose a threat of bringing in outside agents or malware. VSentry is built on a "microvisor," a security-focused hypervisor that automatically, instantly and invisibly hardware-isolates each vulnerable Windows task in a micro-VM that cannot modify Windows or gain access to enterprise data or network infrastructure.
Company name: Catbird
Product Name: vSecurity
Why we are watching: The recently released vSecurity 5.0 product provides access control, intrusion detection, secure auditing, automated protection, visibility, and efficiency for all virtualized machine because it taps into the hypervisor. It can enforce FISMA, NIST, HIPAA standards so that users can virtualize more assets, more quickly.
The problems of keeping up with the gobs of data generated by security focused equipment under your control only gets compounded when you bring a public cloud service into the enterprise mix. The leaders in this space - as determined by the 2012 Gartner Magic Quadrant -- are all the big traditional network and security management guys (HP, IBM and McAfee) who all purchased niche players (ArcSight, Q1Labs and NitroSecurity, respectively).
Company name: HP
Product Name: ArcSight
Why we are watching: HP placed ArcSight (which always seems to score very well in public, competitive tests of SIEM products) in the Enterprise Security Product group, sharing office space with HP TippingPoint (an IPS) and HP Fortify and has been working to build close reporting ties between those products to make them collectively easier to use in large companies.
Company name: Q1 Labs, an IBM company
Product Name: QRadar
Why we are watching: IBM bought Q1Labs in 2011 and threw it into a newly formed security systems division, which kind of marked the end of IBM's own Tivoli SIEM. IBM has since added indexing and query improvements to support keyword search; improvements in event storage scalability; integration with IBM DAM and support for endpoint management, IPS firewall, and governance, risk and compliance technologies. IBM has announced a co-managed service option for QRadar for customers that want to combine an SIEM technology deployment with monitoring services from IBM.
Company name: McAfee