From Wikipedia, the free encyclopedia
  (Redirected from Zorp firewall)
Jump to: navigation, search
Balabit SA
Public limited company
Industry Software
Founded Budapest, Hungary (2000)
Key people

Balabit, founded in 2000, in Budapest, Hungary is a Hungarian security firm specializing in the development of IT security systems and related services using machine learning to secure risky privileged accounts.[1]


Balabit was founded in 2000 by six Hungarian individuals, including Zoltán Györkő (CEO) and Balázs Scheidler (Development Director) to develop an advanced, application layer firewall suite called Zorp. After becoming the leading firewall solution in Hungary in 2004 according to IDC, Balabit started to develop additional products (Shell Control Box and syslog-ng) and exhibiting at various international trade shows.[2]

In June 2014, Balabit announced it had successfully raised USD 8 million from London-based C5 Capital. The investment was intended to finance the company's expansion in the US and UK markets. The transaction would also see Balabit be moved under a Luxembourg-based holding company.[3]


Today Balabit is a leading provider of contextual security technologies with the mission of preventing data breaches without constraining business. Balabit operates globally with offices across the United States and Europe, together with its network of reseller partners. Balabit’s Contextual Security Intelligence platform protects organizations in real-time from threats posed by the misuse of high risk and privileged accounts. Solutions include reliable systems and application log management with context enriched data ingestion, privileged user monitoring and user behavior analytics. Together they can identify unusual user activities and provide deep visibility into potential threats. Working in conjunction with existing control-based strategies, Balabit enables a flexible and people-centric approach to improving security without adding additional barriers to business practices. Founded in 2000, Balabit has a proven track record, with twenty-three Fortune 100 customers and more than a million corporate users worldwide.[4] The main development centers are based in Hungary.

The company is widely known[citation needed] for syslog-ng, its open source log management solution, used by more than a million companies worldwide.[citation needed]

Balabit also maintains technology partnerships with best-of-breed security software vendors including Citrix, Lieberman Software, RSA Security, Thycotic, VMware and many more.[citation needed]



Blindspotter is a user behavior analytics tool and it tracks and visualises user activity by collecting and analysing user-related events and user session activity in real-time or near real-time. It then compares every action to the corresponding baseline of users and their peers to spot anomalies in their behaviour – such as an administrator logging in outside of their normal hours. Blindspotter is capable of detecting abnormalities on the level of issued commands with machine learning algorithms that help security teams to quickly identify hijacked accounts or discover forbidden account sharing, thereby avoiding large-scale data breaches or compliance problems. This means that, if a system administrator uses a command that is different from the generally used command set, Blindspotter will alert the security team.[5]

Shell Control Box[edit]

Shell Control Box (SCB) is an administration protocol inspection tool (appliance), which can be used as to control and audit remote system access. It can record and replay the activities of the administrators who manage servers remotely via the SSH, RDP, Telnet, ICA, VNC, HTTP and HTTPS protocols. SCB controls high-risk privileged access to remote IT systems, records activities in searchable, movie-like audit trails, and prevents malicious actions.[6]


syslog-ng is one of the most advanced and most popular syslog servers for various UNIX and UNIX-like systems.[7][8] Balabit provides different editions of syslog-ng: the free OSE edition under the GPL license the commercial Premium Edition (PE) under a proprietary license. syslog-ng store box (SSB) is a logserver appliance based on syslog-ng with features of log collection, relaying, log routing, log tagging and classification or performing Artificial Ignorance.


Balabit got DIN EN ISO 9001:2008 certified in 2005.[citation needed]


In 2009 BalaBit received the Deloitte Fast 500 EMEA,[9] and Technology Fast 50 Central Europe awards.