Breach Detection – Host Intrusion Detection Solutions

icon

Continuous, Real-Time Breach Detection
If you can't Stop the Breach, make sure you can Spot the Breach. Zero-day threats, Trojans, APTs, deployed by Phishing and Insiders are impossible to defend against – make sure you can detect breaches before damage is done.

icon

Forensic-level intrusion detection, self-learning about the good to expose the bad
Hackers don't want to be caught – breach detection has to be hyper-sensitive and lab-grade forensic. But you only need to be told about what you need to know, and when every IT system behaves differently, you need self-learning breach detection technology to understand what's normal and alert you to what isn't.

icon

Say No to Change Noise, No to false alarms and No to high-maintenance
You only get Closed-Loop, Intelligent Change Control with NNT Change Tracker – don't waste hours manually investigating changes just to promote them to the Baseline – do it automatically, do it intelligently.

Breach Detection FAQs

Contact us for a no-strings, no-sales pressure trial and see the coolest FIM solution in action for yourself

Need more information? Compliance – System Hardening - Change Control – Breach Detection

Latest Resources

CIS

Access CIS Resources
Access a broad range of CIS Benchmark reports to audit your enterprise and continuously monitor for any drift from your hardened state.
Download Reports »

Server Hardening

Server Hardening Resources
Download Hardened Services checklists, derived by NNT in conjunction with Microsoft, to manually audit your servers for compliance.
Download Checklists »

Audit Policy

Audit Policy Template Resources
Gain access to audit policies derived from the Center for Internet Security to generate audit logs on all relevant security levels.
Download Audit Policies »

Let NNT take the strain out of your security and compliance management needs

icon

How does it work?

Using a combination of NNT’s Change Tracker Gen 7™ deployed into the customer environment, coupled with a flexible weekly monitoring service provided by trained security experts, NNT is able to deliver a unique and affordable solution.

NNT Change Tracker Gen 7™ starts with a complete audit of all devices to ensure they are set to a ‘secured & compliant’ state utilizing officially governed standards such as CIS, PCI DSS, SOX & HIPAA. Once we have rendered systems compliant, NNT Change Tracker™ monitors all changes to the otherwise secure state.

These changes are fully profiled with planned versus unplanned alerts combined with information such as who made the change, when, what and whether it has affected the compliant posture.

This is then fully backed up by a thorough weekly analysis by real and qualified support staff. This process is used to refine and improve the intelligence of the system to reduce ‘false positives’ which over time sharpens the automatic capabilities within the solution to better identify exceptional and unusual events that could be the giveaway signs of a security threat.

What sets NNT's security compliance monitoring service apart?

Easy to scale across any organization, NNT’s Security and Compliance Monitoring Service is avaialble as both a pure, hosted cloud solution with no need for any hardware on-site, or an outtasked service where NNT provide expert security consultancy resource to support your NNT-based security solution.

In addition to providing dependable analysis of all security events as outlined, NNT will routinely review and re-calibrate the monitoring system to ensure it remains optimized and current.

Where required, NNT can also offer insight and assistance with the integration of Change Tracker™ and any prevailing Change Management systems.

Not only does this service reduce the amount of information that you might otherwise need to spend time analyzing, it will also give you the reassurance and peace of mind that IT systems are being constantly monitored, and that security is always being improved.

  • 100% Cloud-delivered or out-tasked option where NNT will take care of your deployed NNT solution
  • Any governance, regulatory or security standards can be underpinned for your organization, including PCI DSS
  • Support for all platforms and environments (Windows, Unix/ Linux, Database Systems and all network devices and appliances) >> Quarterly subscription or perpetual license options available

Thank you. You can Click here to download the whitepaper

The Art of Layered Security

Database System Hardening

NNT Change Tracker Enterprise™ Gen7 R2 now protects your database management systems as well. Using the same Change Tracker™ technology trusted by auditors, security professionals and customers around the world, NNT Change Tracker Enterprise™ will audit your database systems for compliance with best practice in security configuration.

Within seconds, you can not only see how secure your database is via a clear percentage score but how you can improve its security – a plain English report is generated showing where the database security settings can be hardened further. Better still, once the initial Change Tracker™ audit has been completed, the database will then be continuously monitored for compliance with your selected hardened build standard. Using active, file integrity monitoring technology, any drift from this ‘trusted and secure’ configuration will be reported, enabling you to maintain security and compliance 24/7.

cis

NNT are now a CIS Certified Software Vendor
Change Tracker Enterprise™ Gen7 R2 has been awarded CIS Security Software Certification for CIS Security Benchmarks

Hardening your database system is vital for protecting your organizations’ most vital assets –information. Regardless of whether your concern is with securing,

Database Hardening

  • Payment Cardholder data
  • Patient medical records
  • Personal Identity Information
  • Intellectual Property
  • Financial and Accounting records
  • Enforcing compliance with security standards such as NIST 800-53, NERC CIP, SOX, PCI DSS, HIPAA, DISA STIGs

Remediation of vulnerabilities by hardening IT systems within your estate is the most effective way to render them secure, protecting the information being processed and stored.
The foundation of any Information System is the database. It is therefore essential that, not only are the host operating systems and network infrastructure components securely configured, but also that the database systems are built and maintained in a hardened state too. Protection from malware, hackers and even rogue insiders with admin rights requires tighter governance of system security than ever before. Change Tracker not only provides detailed compliance reporting and non-stop, continuous monitoring of security settings, but also provides a vital host intrusion detection function so that, if a breach does occur, you get notified immediately before damage is done.
Whether you use Oracle, SQL Server, DB2 or any other platform, a contemporary database systems are at least as complex to configure securely as any server operation system. The database system will comprise a whole range of configuration parameters, each offering potential vulnerabilities if not set correctly.

Database Attributes Audited and Tracked

  • User accounts and password settings
  • Roles and assigned privileges
  • File/object permissions
  • Schema structure
  • Tables
  • Views
  • Triggers
  • Stored Procedures
  • Auditing functions
  • Networking capabilities

Supported Database Systems
Change Tracker will audit, monitor and report on any of the following database systems

  • Oracle, all versions including 8i, 9i, 10g and 11g
  • Microsoft SQL Server, all versions including 2005, 2008, 2008R2 and 2012
  • DB2, all versions including IBM DB2 Express-C, Workgroup Server Edition, and Enterprise Server Edition
  • PostgreSQL, all versions including Versions 8 and 9
  • MySQL, all versions including Standard and Enterprise Editions

Via Change Tracker’s Universal Database Adapter, other database management systems can be audited and tracked too – contact us to discuss your database hardening requirements.

In common with Change Tracker’s monitoring of operating systems and devices Change Tracker™ Gen7 R2’s ‘Closed Loop Change Management’ system allows planned, authorized changes to your databases be clearly identified and recorded against the RFC (Request For Change). As a consequence, any unplanned and unexpected changes – which could potentially lead to a security breach - are then easy to identify. See more on NNT Change Tracker’s ‘Closed Loop Change Management’ function here

Hardened Services Guide »
Understand the recommended hardened services settings for various compliance standards and requirements.

The Art of Layered Security

Data security is important for the health of your business and its reputation and as sophisticated attacks increase from both external sources such as Trojans, worms and modern malware, as well as internal threats from ‘Insiders’ knowing ‘how to operate within the rules’ to avoid detection, IT security is facing its most testing time.

By working with NNT you will be able to adopt a ‘layered and integrated approach’ to security that incorporates the right process, methodology and set of tools in order to guard your environment against this new threat landscape.

You will be able to:-

  • Continuously monitor and quantify all system activity in real-time pinpointing genuine security threats
  • 'Lock down' IT systems using expert-sourced, consensus-based system hardening best practices from The Center for Internet Security: CIS Benchmark Tool
  • Protect your IT infrastructure against both internal and external threats, including ‘zero-day’ threats and Advanced Persistent Threats where Anti-Virus and Intrusion Protection technologies are ineffective
  • Maintain your compliance obligations, such as PCI DSS, NIST SP 800-53, DISA STIG, HIPAA, NERC CIP, ISO 27001 or SOX
  • Provide host intrusion detection systems (HIDS) contingency so that if a breach is effective, you will still be alerted in real-time and know who was responsible

The Art of Layered Security

You can Click here to download the whitepaper.

Combining SIEM, CCM and FIM in one easy to use solution, NNT enables organizations to see which events take place, automatically honing in on those of concern - it will identify what changed, who made the change and which changes were planned vs unplanned, all in real-time.

The solution will reduce manual effort by automating the CCM process, removing the need to firefight whilst identifying the root cause of issues and preventing recurrence of the incident. It will eliminate the breach to detection time gap, alerting on unauthorized changes that introduce security risk or non-compliance and will enable you to make continual improvements to your compliant state by ‘learning with each alert’ to refine process and policy.

Security Monitoring - Change Detection

NNT Security Information and Event Log Management (SIEM)
NNT’s multi-platform security correlation enables you to securely gather and review daily logs from all devices, including network devices, UNIX and Window servers, applications and databases.
It will show:

  • Who has accessed what device
  • Is there an on-going security vulnerability
  • Whether confidential data is impacted

CIS Security Benchmark Certificate

NNT Change & Configuration Management (CCM)
The NNT solution starts with a compliance or device hardening audit option to ensure the devices are set up securely from the outset. On-going forensic detection of changes to this compliant state will be tracked in real-time or as part of a scheduled report, controlling and minimizing configuration drift and ensuring system configurations don’t deviate away from established standards and policies.
It will confirm:

  • Which devices were affected
  • Who made the change
  • Whether the change was approved
  • Whether it has affected your compliant state

NNT File Integrity Monitoring (FIM)
A vital stance in the bid to protect systems from breaches is to monitor unusual or unapproved changes to the Application file systems. NNT FIM verifies program and operating system files have not been compromised, with host intrusion prevention (HIP) pinpointing anything malicious installed on the in scope device.
It will identify:

  • Unusual changes
  • Which specific attributes changed and who made the change
  • Adds, moves or deletes
  • Checksum/hash based changes

NNT - The Better Solution

Looking for a Tripwire® alternative?
Whether you’re considering a new deployment or replacing an existing implementation, NNT’s software platform is a modern framework built to meet the needs and requirements of the largest and most demanding environments. Just ask any one of the hundreds that have become NNT customers!

why settle for tripwire

The differences between Tripwire® and NNT are quite stark. NNT has a much better reputation, product, cost, flexibility, and ease of scalability. We've achieved more in three months with NNT than we achieved with Tripwire® in over three years. There's simply no comparison.

Project Manager Global Fortune 500 Organization

The differences between Tripwire® and NNT were extremely clear to see. NNT was very responsive from the outset & committed to everything we needed to go live with the solution immediately. Their support is brilliant and they've always had a fantastic response time to any of our queries.

IT Manager UK Based Call Center

Based on a recommendation from our Sister Company, JetBlue, we decided to look at NNT as a possible alternative to Tripwire®. As a result, we now have a solution that ticks all the boxes, is much easier to use, and way less expensive.

Julian Cortez Live TV

NNT offered us a solution and price that was hard to ignore. The combination of excellent software and their super support has allowed us to implement a solution that saves us thousands of dollars in annual running costs compared to Tripwire®.

Chief Security Architect US Based Retail Provider

Competitive Differentiators

Noise Reduction

Noise Reduction
Why tolerate change noise. NNT’s unique intelligent change control technology is proven to significantly reduce change noise by as much as 90%.

Operational Cost

Operational Cost
Paying too much? On average customers that switch to NNT significantly reduced their cost of ownership. We can show you examples of savings that amount to a 70% reduction over a three year period.

Scalability

Scalability
NNT’s modern, componentized architecture creates a uniquely scalable solution, capable of handling literally an unlimited number of monitored devices.

Manageability

Manageability
NNT’s management console is developed in-house. Unlike other similar solutions, this does not require a third-party product to orchestrate and manage multiple installations or consoles.

Integrations

Integrations
NNT has integrated into the workflows of leading ITSM vendors to create a closed-loop intelligent change control process that highlights planned vs unplanned change.

Digital DNA Referencing

Digital DNA Referencing
NNT has a white-list database service called FAST Cloud that can validate and verify the integrity and authenticity of files as changes are being detected in real-time.

Deployments

Deployments
NNT leverages automation by applying relevant templates based on the OS type, device type or risk profile. This means that installation and operation are extremely intuitive and can be deployed at a fraction of the time and cost.

Console and Database

Console and Database
NNT’s console is included at no additional cost and can be installed on a free operating system such as CentOS with a MongoDB included. A MySQL Professional/Enterprise or Oracle database is NOT required.

 

System Resources

System Resources
NNT Change Tracker requires approximately half of the system resource requirements for comparable installations.

Code Peril

Hassles of Java
NNT does not use Java. With other solutions, the frequent updates to Java mean that customers are left with the headaches and hassles of managing countless patches and updates.

 

Learn More about NNT Change Tracker™ Gen7 R2

Solution Brief:
icon

Additional Tripwire Alternative Resources
 

Without integrity, you don’t have security and without security, you don’t have trusted computing – Ron Ross, NIST

 
Latest Resources

CIS

Access CIS Resources
Access a broad range of CIS Benchmark reports to audit your enterprise and continuously monitor for any drift from your hardened state.
Download Reports »

Server Hardening

Server Hardening Resources
Download Hardened Services checklists, derived by NNT in conjunction with Microsoft, to manually audit your servers for compliance.
Download Checklists »

Audit Policy

Audit Policy Template Resources
Gain access to audit policies derived from the Center for Internet Security to generate audit logs on all relevant security levels.
Download Audit Policies »

NNT is Trusted by Thousands of Organizations across the Globe
ingbank.jpghermanmiller.jpglivenation.jpgvisa.jpgbnpparibas.jpgthales-logo.jpgdeluxecorp.jpghp.jpgdupont.jpgconduent.jpg

Secure, Fast, Simple to Deploy and the lowest Cost of Ownership of any Enterprise-Class Wireless Networking Solution available!

100% PCI DSS Compliant Wireless Networking:

MerakiMeraki includes wireless Intrusion Detection features (IDS) - also known as rogue AP detection - and the strongest encryption standards - not just WPA2-PSK but WPA2-Enterprise 802.11i with AES encryption - all as standard.

Add built-in LAN Segmentation firewalling technology and Identity Policy management and you have the perfect solution for Wireless Networking with total security included as standard.

Cost-Slashing Hosted Architecture – no wireless controller needed!

Traditional controllers are often the most costly component of a wireless network - even before factoring in maintenance, support, and the value of your time. Merakiʼs hosted controller architecture eliminates the cost and complexity of on-site controllers, providing highly-available, scalable centralized management at a fraction of the cost.

Full Enterprise Feature Set

Meraki networks are easy to use, yet fully featured for enterprises, with capabilities like RADIUS integration and intrusion detection.

Even advanced functionality like policy firewalls and guest management are easy to configure with intuitive web-based management. With all-inclusive pricing, there are no per-feature licenses, upgrade fees, or other hidden costs

Top of the Line 802.11n Access Points

With enterprise-class chipsets, hardware-accelerated encryption, and Priority Voice QoS, Meraki's 802.11n APs deliver Ethernet speed without the wires.

Each AP is constantly monitored and optimized from the cloud, so the network automatically adapts to changing interference conditions.

Multi-radio, multi-channel mesh routing and automatic mesh failover offer fault tolerance, and provide fast coverage in hard-to-wire areas.

Subcategories

Continuous Compliance - Cyber Security Controls

All security standards and Governance, Risk Management, and Compliance policies (GRC) such as PCI DSS Version 3, SOX (Sarbanes Oxley), NERC CIP Version 5, HIPAA/HITECH, FedRAMP, DISA STIG, ISO27000 and FISMA require IT systems to be secure and configured properly in order to protect and secure confidential data.

Cybersecurity controls with respect to Corporate Governance Compliance are typically focused on guaranteeing data security and integrity and there are common themes applied across all policies, advocating the operation of security best practices to achieve:

System Integrity – to protect systems from insider tampering and cyber attack, ensuring software, firmware and information integrity.

Risk assessment – minimizing risk by determining vulnerabilities and applying system hardening and other countermeasures to threats where identified

Continuous Monitoring – Change control, security impact analysis and configuration management, build audit trails of user and system activity.

learn more try it get a quote request a demo ask a question

LEARN MORE ABOUT COMPLIANCE STANDARDS AND GRC (GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE) REGULATORY CONTROLS

SIEM / Log Analysis and Compliance

As well as being a fantastic aid to general IT troubleshooting and management, Log Analysis or SIEM, is a key weapon in the fight against any cyberthreats. By gathering logs from all devices including network devices, Unix and Windows servers, applications and databases, user and system activity patterns can be correlated and used to pre-empt an attack or at least understand the scope and nature of a breach if successful.

SIEM technology (Security Incident and Event Management) enables preventative measures to be continually improved, breach detection capabilities enhanced and forensic investigation audit trails to be assembled when required.

This is why all security and GRC policies place log retention at their core and and daily log reviews are a standard security best practice.

SIEM technology automates this review and analysis to provide a real-time threat detection capability as well as a means of correlating multiple threat and vulnerability intelligence sources. This has revolutionized the use of log analysis as a means of identifying the clues and pointers indicating hacker activity, providing a powerful cyber defense system.

NNT LOG TRACKER ENTERPRISE PROVIDES A SCALABLE, EASY-TO-USE AND COST-EFFECTIVE SIEM SOLUTION FOR ANY COMPLIANCE REQUIREMENT - FULL PRODUCT DETAILS HERE

learn more try it get a quote request a demo ask a question

 

In accordance with DOD directives regarding IA-enabled IT devices, DISA and the NSA via the Defense IA program provide security configuration guidelines, represented in SCAP format as Security Technical Implementation Guides or STIGs.

The Critical Infrastructure Protection initiative of the North America Electric Reliability Corporation has helped protect Bulk Electric Systems and keep the lights on since its initial introduction in 2008.

The Federal Risk and Authorization Management Program (FedRAMP) provides a standardized benchmark for secure cloud services. As the name suggests, this was originally derived for government departments and agencies but is seeing wider interest and adoption by cloud service providers beyond the Federal Government customer requirements.

The PCI DSS is a set of data security best practice guidelines designed to protect payment card data from fraudulent use. The DSS was formulated by the PCI Security Standards Council, a body formed by the major Payment Card brands, and is a global standard applied to all merchants, payment processors and banks, in essence, anyone who handles card data must be accountable for its governance.

Electronic Personal Health Information (PHI) records are at risk of theft or exposure just like any other data stored in computer systems. HIPAA and the subsequent HITECH act mandate the responsibility to protect the confidentiality of health information.

In the wake of a number of corporate accounting scandals, including Enron, Peregrine Systems and WorldCom, the Sarbanes-Oxley Act was introduced 'To protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws, and for other purposes' The intent of the Act was to ensure that similar cases of accounting fraud and the misleading of investors would be prevented in the future for all publicly held companies, management and public accounting firms.

The USGCB supersedes the original FDCC and provides recommended configuration build-standards primarily to safeguard security. The security checklists formulated are published in the National Vulnerability Database (see http://web.nvd.nist.gov/view/ncp/repository)

The COBIT framework is published by the IT Governance Institute and the Information Systems Audit and Control Association (ISACA) and provides a framework of Information Technology Service Delivery best practices for governance and management. The main domains for the framework comprise:

And the number one solution that delivers all the
key security and compliance benefits of file integrity monitoring is NNT Change Tracker™

Easiest To Use – Most Fully Featured – Most Affordable
Learn more about NNT Change Tracker here

Contact Us

USA Offices

New Net Technologies LLC
Suite #10115, 9128 Strada Place
Naples, Florida, 34108

New Net Technologies LLC
1175 Peachtree St NE
Atlanta, Georgia, 30361.

Tel: (844) 898-8358
[email protected]

 

UK Office

New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire
AL5 2JD

Tel: 01582 287310
 [email protected]

SC Magazine Cybersecurity 500 Infosec Security Winners 2018 CIS benchmarking SEWP Sans Institute Now Certified IBM Security
Copyright 2020, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.