Ernst & Young to sell vulnerability management tool

ESsecurityOnline LLC, a security software company owned by Ernst & Young LLP, is wading into the security management market with a new vulnerability management appliance.

The product, called eSO Advisor, will use a database of information collected by Ernst & Young experts to help organizations track and manage security vulnerabilities on their networks and will sell for US$32,495, according to Ernst & Young.

The product allows companies to automatically generate and maintain informational profiles of assets such as hardware devices, operating systems and installed applications. That asset information is compared against a database of 4,800 remote and host-based security vulnerabilities compiled by Ernst & Young, generating a prioritized list of security vulnerabilities that is correlated to an organization’s specific devices and software.

“We found that our customers were apprehensive about putting asset profile information into Ernst & Young’s systems,” said Ken Hammond, vice-president of business development at eSecurityOnline. “To drive consensus, we made the push towards a compartmentalized solution,” he said.

The eSO Advisor is a rack-mounted, one-CPU appliance based on a Dell Computer Corp. PowerEdge 1650 server running the eSecurityOnline software and the Windows 2000 operating system, according to Hammond.

Each appliance can manage up to six non-contiguous “Class C” IP (Internet Protocol) ranges and a total of 254 unique IP addresses, Ernst & Young said. Customers with large networks can deploy multiple eSO Advisor units. A companion appliance, the eSO Director management console, is available to coordinate the activities of the various appliances. The eSO Director is sold separately for the same price as the eSO Advisor, according to Ernst & Young.

According to Hammond, the eSO Advisor draws from knowledge eSecurityOnline gained through the development of its eSO Framework risk management product. That tool also targets critical IT infrastructure, creating configuration standards, identifying vulnerabilities and software fixes, and helping companies to create and maintain security policies.

Unlike eSO Framework, eSO Advisor jettisons the security policy management features, a move that will make it more attractive to mid-market companies that are not currently using Ernst & Young for security-related services, according to Hammond.

For chief information officers and chief security officers with limited staff, eSO Advisor enables departments to streamline and coordinate their security efforts while also securing their network down to the operating system and applications level, according to Hammond.

As for the future, Hammond said eSecurityOnline has no intention of becoming a security asset management software company.

“We try to gear our products around our strength, which is aggregation of knowledge,” Hammond said. “We feel we have a jump, having spent tens of millions of dollars in customer management, to aggregate that knowledge from around the world,” he said.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now