Q&A roundup: BPMN Tools, Rising Firewall Products, and the Twitter 2020 Hack

| |

Members of the IT Central Station community are always happy to take a few minutes to help other users by answering questions posted on our site.

This past week, users weighed in on who they see becoming market leaders in the firewall market, how Twitter could have prevented their recent hack, and gave advice on selecting reasonably priced and user-friendly Business Process Management Notation tools.

Here are some highlights of the answers that our IT Central Station members shared:

Which lesser known firewall product has the best chance at unseating the market leaders?

Users gave their opinion of which firewall products are moving up in the ranks, and will be spoken about in the next few years. Users pointed to ZScaler, NetSkope, Sophos, and Checkpoint as companies to watch. Israel Diaz Dominguez noted, “Those firewalls that allow [to] extend the perimeter… In my opinion, solutions like Netskope are offering this extended perimeter functionality and they could lead the market.” Regarding data center firewalls, Lipaz Hessel observed that he doesn’t see any new players emerging “unless it will come with a new surprising feature” as there are already so many good vendors. 

Stuart Berman offered another perspective, noting that he does not envisage seeing new firewall vendors leading the market, but that “we will see new architectures that leverage the advanced capabilities of NGFW delivery through ISPs, think of it as a clean pipe for Internet access. The ISPs will use firewalls (virtualized and segmented by customers) to do the filtering before it hits your networks, just like we see with spam filtering.” 

Looking for a BPMN tool that is easy to use and reasonably priced

Kasinee Boonyanant wanted feedback on reasonably priced, user-friendly BPMN tools. Users suggested some tools to consider that are more reasonably priced or free, including Bizagi, Camunda, Flowable, Alfresco Activiti and jBPM.

A few users offered some detailed advice about selecting an appropriate tool, emphasizing that choosing a BPMN tool depends on what one’s specific needs are, and should not be determined solely by price. 

Antony Craven advised, “All in all it depends on your requirements – if you simply want good modelling tools the cheaper end are good. But if you want sophistication and to be able to move to orchestration then you need to apply rigorous criteria to both the modelling and orchestration tools. If you want enterprise level with the adoption of BPMN across an organisation then there are no shortcuts and only the enterprise level tools are appropriate, examples being ARIS (SAP), Oracle, TIBCO, IBM.” 

Mark McGregor shared these sentiments and said, “There is not a simple answer to your question. There are many free BPMN tools out in the market, people like Bizagi have offered one for years. But the key question is around what the purpose of having a tool is.” and further noted, “I suggest being cautious of FREE, it may seem attractive at first, but the cost of switching…can be worse than taking the time to invest in the right tool in the first place. Often people forget that all tools are cheap when compared to the time and effort that goes into creating useful results.”

How was the 2020 Twitter Hack carried out? How could it have been prevented?

Users offered their thoughts on what Twitter could have done to prevent the major cyberattack that took place on July 15, 2020. In this hack, several verified Twitter accounts with millions of followers were compromised even though many of the accounts were using two-factor authentication.

Paresh Makwana stated, “For me the takeaway of this event is to protect privilege ID and a good PAM PIM tool with two factor and UBA included.” Ken Shaurette suggested Cynet360, which he has just recently implemented in his organization. He noted that “It seems so far to have about the highest level of transparency into the endpoint with a 24x7x365 backing of monitoring.”

Shaurette commented that there are “a lot of questions about the Twitter breach but not so many answers.” and that “similar cryptocurrency fraud campaigns are on-going on different social media platforms and on a different scale.” It seems that this is just one example of a much broader issue. 

Thanks, as always, to all the users who are taking the time to ask and answer questions on IT Central Station! 

IT Central Station is here for you, to learn and help your peers. In a market full of vendor hype, we enable you to get real, unbiased information from people like you. 

Do you have a question that you’d like to ask our IT Central Station Community? Ask now!


Q&A roundup: Using a single vulnerability assessment tool, how AI has improved cybersecurity, and how businesses can improve their security posture

Q&A roundup: Top questions about RPA