NitroSecurity Enhances NitroView Security Information and Event Management (SIEM) with Asset, Configuration and Change Management Capabilities

Share Article

Company leverages NitroView's real-time data management engine to provide fast and easy access to--and analysis of--asset and configuration details

Configuration change activity is directly integrated into the NitroView SIEM, for one-stop Compliance Management

NitroView already provides unrivaled visibility into what's happening in your network, from network activity to layer-7 application content analysis

NitroSecurity today announced the integration of Configuration and Change Management features into its NitroView award winning information security management platform. Tracking changes is an important requirement of many security compliance regulations, including the North American Electric Reliability Corporation's Critical Infrastructure Protection (NERC CIP), which relies on change management to ensure that extremely sensitive control networks and processes remain in compliance.

The ability to manage network assets and track configuration changes is a natural enhancement to NitroView, which already provides full network topology management, including network device discovery, end-user discovery, device availability, and the ability to map information security events and other activity to network location.

"NitroView already provides unrivaled visibility into what's happening in your network, from network activity to layer-7 application content analysis," said Salo Fajer, the chief strategy officer for NitroSecurity. "We've been able to provide broader threat detection because of this advantage in both scale and granularity of information that we can collect. By also correlating everything against configuration changes in the network, we have another layer of evidence with which to detect policy violations, which might indicate larger threats, or even fraud."

NitroView's new ability to monitor configurations includes:

  • Automatic collection of configuration data to establish baselines.
  • Automatic comparison of configuration states to those baselines to detect configuration changes
  • Immediate notification of change activity.
  • Analysis of changes in real-time, with full contextual awareness of the network, applications, and associated user identities.
  • Tracks unauthorized changes with full visibility into the responsible user, their identity, and their location within the network.
  • Provides highly detailed change records for improved compliance reporting.
  • Provides real-time access to change records for more efficient forensic investigations.

While extremely valuable for compliance reporting under the requirements of PCI, NERC, HIPAA and other regulations, NitroSecurity is quick to point out that this level of context provides a more tangible security benefit as well: improved threat detection, and more efficient remediation. "It's a logical step for NitroView," added Fajer. "We now have full access to asset and vulnerability information from VA scans, full topology and state awareness, identity awareness, and now full visibility to configuration changes. It all adds context and capability to what a SIEM is ultimately about: the detection, mitigation, and remediation of threats."

Configuration and Change Management features are available now in NitroView version 8.3.1 and greater. For more information on how NitroView ESM can assist with your security and compliance needs, or to learn how to upgrade existing NitroView ESM deployments to take advantage of Configuration and Change Management, please visit nitrosecurity.com or contact NitroSecurity at 1-888-LOG-SIEM.

About NitroSecurity
NitroSecurity develops security information and compliance management solutions that protect business information and infrastructure. NitroSecurity solutions reduce business risk exposure and increase network and information availability by removing the scalability and performance limitations of security information management. Utilizing the industry's fastest analytical tools, NitroSecurity identifies correlates and remediates threats in minutes instead of hours, allowing organizations to quickly mitigate risks to the organization's information and infrastructure.

NitroSecurity serves more than 500 enterprises across many vertical markets, including healthcare, education, financial services, government, retail, hospitality and managed services. For more information, please visit nitrosecurity.com.

###

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Eric D Knapp
Visit website