SekChek Local
SekChek security audit and benchmarking toolset dating from 1996.
Initial release | 2006[1] |
---|---|
Type | Computer Security |
License | Proprietary |
Website | sekchek |
As of | November 2018 |
History
SekChek was formed by former auditors from Deloitte and Touche in 1996.[1][2] The toolset was a set of automated processes to analyze the logical security profile of a computer.[3].
On 20 March 2018 SekCheck's website gave notice operations would cease on 31 May 2018. Reasons cited included SekCheks' business model being less relevant to the business environment in 2018, a surge in compliance and regulatory requirements including GDPR and monetary difficulties due to losses with the insolvency of a credit-card processor.[4]
Products
The SekChek Classic product gathered information on a host which would then be sent encrypted to SekChek for report processing and enable checking security policies had been correctly configured.[5][6] This originally worked on AS/400 but the number of platforms were extended in the next two years to encompass ed to Windows, Netware and Unix.[2] Reports anonymously compared machines against the average from similar industry computers.[5][7] The company introduced the Local version of its product in 2008 which avoided the need send data off-site.[2][8] For windows there was a utility to specifically audit the Active Directory (AD) at domain level rather that at server level which was analyzed by the SAM tool.[9][10]
Reception
The product was initially marketed as a security evaluator and was noted for providing comprehensive reports of the security vulnerability of a computer system.[11]
References
- Bosavage, Jennifer (June 7, 2006). "New Service Seeks Out Security Gaps". Dark Reading. United Business Media. TechWeb. Archived from the original on October 25, 2018. Retrieved May 20, 2009.
- "A Brief History". SekChek. Archived from the original on 3 March 2017. Retrieved 6 November 2018.
- "IT Security Review Services - SekChek". Deloitte. Archived from the original on February 4, 2007.
- "Notice of SekChek's closure on 31 May 2018". SekChek. Archived from the original on 5 November 2018. Retrieved 5 November 2018.
- "SekChek Provides Independent Reality Check of OS Security" (Press release). Tippit Inc. 27 June 2006. Archived from the original on 3 March 2016.
Independent, objective, and reliable evaluation of a company's computer security is the key deliverable of SekChek
- "Computer Security Evaluator SekChek Announces Compatibility with Microsoft Windows Vista" (Press release). DABCC. 5 October 2007. Archived from the original on 4 March 2016.
- "SekChek Marks 10-Year Anniversary, Providing Unique Security Assessment Tools" (Press release). SpecialNoise. 26 June 2007. Archived from the original on 3 March 2016.
- "Compare Classic Software" (PDF). SekChek Classic. Archived from the original on 3 March 2017.
- "AD Product Specifications" (PDF). SekChek Local. Archived (PDF) from the original on 3 March 2017.
- "SAM Product Specifications" (PDF). SekChek Local. Archived (PDF) from the original on 3 March 2017.
- Kearns, Dave (10 May 2006). "SekChek evaluates security". Network World. International Data Group. Archived from the original on 2 April 2012. Retrieved 20 May 2009.
- "Audit Programs & ICQs". isaca.org. Archived from the original (Fee required) on 2007-07-11. Retrieved 2018-12-13.
- "Annual Specialist IT Audit Activity Report 2004/5" (PDF). LB Bromley Internal Audit Report. November 2006. Archived from the original (PDF) on 2011-08-27. Retrieved 2009-05-20.
- Carroll, Mariana (November 2006). "An Information Systems Auditor's Profile" (PDF). UNISA Dissertation.
These reports can be used to identify weaknesses as well as risk ratings and suggested corrective actions. These statements are supported by Mookhey (2004) when he asserts that "the use of these tools for security auditing is prevalentand driven mainly by the inherent complexity within information systems.