SecurityExpressions 3.0 from Pedestal Software Inc. adds a Web Console to the security policy management system, which enables the creation of roles to complement the duties of the security administrator.

For example, auditors without administrator privileges using the new software are able to scan machines for policy compliance.

SecurityExpressions works by incorporating security policies predefined by institutions including SANS (Systems and Network Security), NSA (National Security Agency), CIS (Center for Internet Security), Microsoft, the Department of the Navy and others.

The product, which is agentless, gives its users the option of using a template based on one or more of these security best practices, or the option of creating a security policy from scratch. Once in place, the software monitors the company's systems for compliance with the policy, and issues alerts or automatically fix security settings when any variations are discovered.

"We show you where you are in line with the security policy, where you are not and how you can fix it if not," says Bill Andrews, vice president of marketing with Pedestal. "We help people implement best practice security guidelines."

The 3.0 release also adds a distributed proxy, which enables the product to work across a firewall and the Internet, to allow scans on machines outside the enterprise's local network. The Distributed Proxy resides on a remote machine and communicates with SecurityExpressions using SSL.

ODBC reporting was also added to the 3.0 release, so that results and reports can be stored in any ODBC-compliant database.

Pricing for SecurityExpressions 3.0 start at $495 for servers and $30 for workstations and desktops. Deal sizes range from $5,000 to $10,000 on the low end to hundreds of thousands of dollars for larger companies. Web Console is priced at an additional 10% per seat. Maintenance is 20% annually, including phone and email support.