New version of NNT’s PCI DSS software provides protection against network security threats and data breaches via an enterprise feature set at an affordable price
NNT Ltd, a leading provider of PCI DSS and general security and compliance solutions, today announced the launch of Version 5 of its NNT Change Tracker and NNT Log Tracker Enterprise software suite. The software is specifically designed to improve payment security and protect against network threats and data breaches in-line with the PCI Data Security Standard (PCI DSS), which requires organisations that store, process or transmit customer payment card data to adhere to information security controls and processes that ensure data protection.
NNT Change Tracker manages the file integrity monitoring (FIM), system hardening and configuration change monitoring aspects of the PCI DSS, enabling organisations to audit IT systems for vulnerabilities and then set a baseline to monitor changes to configurations, file systems, registries and settings, with an easy to use and secure dashboard that ensures systems are, and remain, compliant.
The core strength of NNT Change Tracker version 5 is its analytical capabilities, which are designed to cater for both real-time and historic summary reporting including:-
- Real-time alerting on any file integrity changes. FIM is driven by precisely targeted templates designed for mixed application environments, these templates hone in on only the file changes pertinent to PCI DSS, cutting out the ‘background noise’ that makes other FIM solutions difficult to use.
- File and configuration changes are delivered to the users Inbox with ‘at a glance’ summarised reports, to easily and effectively identify device compliance. Detailed drill-down and high-level reporting is also available for specific aspects of PCI DSS compliance such as File Integrity or Configuration Vulnerabilities.
NNT Log Tracker deals with event log management for Requirement 10 of the regulations, by providing real-time Security Information and Event Log Management (SIEM) that will immediately flag any compliance breach. NNT’s multi-platform security correlation enables organisations to safely gather and review logs daily from all devices, including network devices, Unix and windows servers, as well as applications and databases.
A key feature of NNT Log Tracker version 5 is the pre-defined audit trails for PCI Requirement 10, which NNT provide for all common device-types. These pre-defined audit trails are used in conjunction with intelligent ‘self-learning’ technology to identify and automate alert thresholds, meaning that PCI Compliance can be achieved in just hours.
“Version 5 should put an end to overpriced market alternatives.” comments Mark Kerrison, CEO at NNT, Kerrison continues: “Our strategy has been to build a software solution set that is a match to our customers’ needs, one that is more agile, better featured and straightforward to use, but which costs around one third of the purchase price and cost of ownership of our major competitors. We believe, and our customers attest to the fact, that the days of needing to spend hundreds of thousands of pounds on this type of solution are over. Software development techniques have moved on and the days of PCI DSS knowledge being at a premium have gone. We are now able to innovate at a much lower cost base, which allows us to provide world class solutions at a fraction of the cost”.
Features of the NNT’s PCI DSS solution include:
- File integrity monitoring - verifies programme and operating system files have not been compromised, with an easy to use and secure dashboard to ensure systems are, and remain, compliant.
- Centralised security information and event log management - securely gathers and reviews daily logs from all devices, including network devices, Unix and window servers, applications and databases, with any compliance breach immediately flagged.
- Vulnerability Scanning - continuous, automated vulnerability scanning of all devices including workstations, POS, servers, firewalls, switches and routers to ensure confidential data is protected and secure with vulnerabilities eliminated.
- Change and configuration management - verifies that devices are configured properly and securely, whilst tracking any changes, defining whether they were planned or unplanned and applying configurable remedial actions.
- Device policy management - creates a baseline for the configuration, health, performance and settings for all devices, providing alerts to any unexpected changes from policy, even if the device in question isn’t connected to the network.