Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


02:35 PM
Dark Reading
Dark Reading
Products and Releases

NitroSecurity Opens APIs

Ecosystem for Security program gives partners access to NitroSecurity's data management engine, which collects, analyzes and retrieves security events in real-time

Portsmouth, NH " September 22, 2009 " NitroSecurity, Inc, today launched the Ecosystem for Security, or "EcoSec", to drive new innovations in information security through collaboration between NitroSecurity and other pioneering security vendors. EcoSec gives partners access to NitroSecurity's NitroEDB " an extremely high-performance data management engine that collects, analyzes and retrieves security events in real-time. The program is designed to immediately improve the scalability and performance of partner products, making newer security technologies easier to deploy by creating a seamless ecosystem between all security systems and solutions running on the network.

The EcoSec program works by exposing NitroSecurity Application Programmer Interfaces (APIs) to EcoSec partners, allowing direct access to core areas of NitroEDB and NitroView ESM (Enterprise Security Manager), recognized as the market's fastest Security Information and Event Management (SIEM) system with the ability to collect events at over 40 million per second and report at a rate of over 1 billion per second. The result is faster information collection, normalization, analysis and data retrieval all with minimal development efforts. These core technologies are abstracted through the APIs, so they can be used solely as a performance engine or as a highly integrated solution built on cross-vendor, collaborative technology.

The EcoSec program provides the industry with a highly-tuned, custom built database, but without the need for vendors to completely re-architect their technology. NitroEDB is made available within as an easily deployed appliance, providing a fully functional implementation with a broad schema that supports most security requirements out of the box, but which is also highly customizable to support new data types or values that might be required within a partner's proprietary systems.

"NitroEDB's scalability and performance allows us to do some unique things within our SIEM," stated NitroSecurity CTO Michael Leland, who spearheaded development of the EcoSec program. "Other vendors can benefit from that performance as well. We feel that we can greatly contribute to other key areas of information security by opening up access to our core technologies." By utilizing NitroEDB within their products, EcoSec partners are also ensuring a strong level of interoperation with NitroSecurity's award-winning SIEM, NitroView Enterprise Security Manager, providing added value to those companies choosing to deploy products from EcoSec companies.

Initial responses to the program have been positive. RazorThreat, a Michigan-based developer of advanced cyber-defense threat detection solutions, is one of the first companies to join the new EcoSec program. The company's own patents allow threat and risk patterns to be detected without requiring a database of signature criteria, thereby detecting the targeted, zero-day threats that other systems miss.

"Through the NitroSecurity EcoSec program, we are able to deliver even more value to our clients," said RazorThreat CEO Greg Guidice. "It is a win-win situation for our clients. By combining Nitro's underlying engine, which can collect and analyze large amounts of data faster than anything we have seen, with RazorThreat's advanced threat detection we can very quickly analyze and detect a breach before it causes catastrophic damage. At the same time, we gain a strong integration with a leading SIEM provider, which we see as a highly complimentary solution to our own."

Additional companies currently in negotiations to join the EcoSec program include threat data visualizations, vulnerability assessment and business risk assessment companies. For more information, visit http://www.nitrosecurity.com/ecosec

About RazorThreat RazorThreat, based in Pontiac, Michigan, provides leading edge threat intelligence and risk management software that protects intellectual capital and personal information from all known and yet to be discovered threats that get through existing firewalls, intrusion detection and intrusion prevention and other security software. The software allows organizations to easily detect, review and remediate network-based security threats and vulnerabilities regardless of their source, identifying 'true risk" to the enterprise. The primary benefit of RazorThreat's software is it finds the threats other security systems miss increasing the ROI of existing security solutions freeing up existing personnel to focus on other initiatives. RazorThreat finds the threats and omissions that your current security solutions miss. For more information, please visit http://www.razorthreat.com

About NitroSecurity NitroSecurity develops security information and compliance management solutions that protect business information and infrastructure. NitroSecurity solutions reduce business risk exposure and increase network and information availability by removing the scalability and performance limitations of security information management. Utilizing the industry's fastest analytical tools, NitroSecurity identifies correlates and remediates threats in minutes instead of hours, allowing organizations to quickly mitigate risks to the organization's information and infrastructure.

NitroSecurity serves more than 500 enterprises across many vertical markets, including healthcare, education, financial services, government, retail, hospitality and managed services. For more information, please visit http://www.nitrosecurity.com

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-02-27
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
PUBLISHED: 2021-02-27
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...