Breach Detection – Host Intrusion Detection Solutions


Continuous, Real-Time Breach Detection
If you can't Stop the Breach, make sure you can Spot the Breach. Zero-day threats, Trojans, APTs, deployed by Phishing and Insiders are impossible to defend against – make sure you can detect breaches before damage is done.


Forensic-level intrusion detection, self-learning about the good to expose the bad
Hackers don't want to be caught – breach detection has to be hyper-sensitive and lab-grade forensic. But you only need to be told about what you need to know, and when every IT system behaves differently, you need self-learning breach detection technology to understand what's normal and alert you to what isn't.


Say No to Change Noise, No to false alarms and No to high-maintenance
You only get Closed-Loop, Intelligent Change Control with NNT Change Tracker – don't waste hours manually investigating changes just to promote them to the Baseline – do it automatically, do it intelligently.

Breach Detection FAQs
Next Steps

Are you ready to get started in securing your IT environment with
industry-approved foundational controls, intelligent change control and automation?

Let NNT take the strain out of your security and compliance management needs


How does it work?

Using a combination of NNT’s Change Tracker Gen 7™ deployed into the customer environment, coupled with a flexible weekly monitoring service provided by trained security experts, NNT is able to deliver a unique and affordable solution.

NNT Change Tracker Gen 7™ starts with a complete audit of all devices to ensure they are set to a ‘secured & compliant’ state utilizing officially governed standards such as CIS, PCI DSS, SOX & HIPAA. Once we have rendered systems compliant, NNT Change Tracker™ monitors all changes to the otherwise secure state.

These changes are fully profiled with planned versus unplanned alerts combined with information such as who made the change, when, what and whether it has affected the compliant posture.

This is then fully backed up by a thorough weekly analysis by real and qualified support staff. This process is used to refine and improve the intelligence of the system to reduce ‘false positives’ which over time sharpens the automatic capabilities within the solution to better identify exceptional and unusual events that could be the giveaway signs of a security threat.

What sets NNT's security compliance monitoring service apart?

Easy to scale across any organization, NNT’s Security and Compliance Monitoring Service is avaialble as both a pure, hosted cloud solution with no need for any hardware on-site, or an outtasked service where NNT provide expert security consultancy resource to support your NNT-based security solution.

In addition to providing dependable analysis of all security events as outlined, NNT will routinely review and re-calibrate the monitoring system to ensure it remains optimized and current.

Where required, NNT can also offer insight and assistance with the integration of Change Tracker™ and any prevailing Change Management systems.

Not only does this service reduce the amount of information that you might otherwise need to spend time analyzing, it will also give you the reassurance and peace of mind that IT systems are being constantly monitored, and that security is always being improved.

  • 100% Cloud-delivered or out-tasked option where NNT will take care of your deployed NNT solution
  • Any governance, regulatory or security standards can be underpinned for your organization, including PCI DSS
  • Support for all platforms and environments (Windows, Unix/ Linux, Database Systems and all network devices and appliances) >> Quarterly subscription or perpetual license options available

Thank you. You can Click here to download the whitepaper

The Art of Layered Security

Database System Hardening

NNT Change Tracker Enterprise™ Gen7 R2 now protects your database management systems as well. Using the same Change Tracker™ technology trusted by auditors, security professionals and customers around the world, NNT Change Tracker Enterprise™ will audit your database systems for compliance with best practice in security configuration.

Within seconds, you can not only see how secure your database is via a clear percentage score but how you can improve its security – a plain English report is generated showing where the database security settings can be hardened further. Better still, once the initial Change Tracker™ audit has been completed, the database will then be continuously monitored for compliance with your selected hardened build standard. Using active, file integrity monitoring technology, any drift from this ‘trusted and secure’ configuration will be reported, enabling you to maintain security and compliance 24/7.


NNT are now a CIS Certified Software Vendor
Change Tracker Enterprise™ Gen7 R2 has been awarded CIS Security Software Certification for CIS Security Benchmarks

Hardening your database system is vital for protecting your organizations’ most vital assets –information. Regardless of whether your concern is with securing,

Database Hardening

  • Payment Cardholder data
  • Patient medical records
  • Personal Identity Information
  • Intellectual Property
  • Financial and Accounting records
  • Enforcing compliance with security standards such as NIST 800-53, NERC CIP, SOX, PCI DSS, HIPAA, DISA STIGs

Remediation of vulnerabilities by hardening IT systems within your estate is the most effective way to render them secure, protecting the information being processed and stored.
The foundation of any Information System is the database. It is therefore essential that, not only are the host operating systems and network infrastructure components securely configured, but also that the database systems are built and maintained in a hardened state too. Protection from malware, hackers and even rogue insiders with admin rights requires tighter governance of system security than ever before. Change Tracker not only provides detailed compliance reporting and non-stop, continuous monitoring of security settings, but also provides a vital host intrusion detection function so that, if a breach does occur, you get notified immediately before damage is done.
Whether you use Oracle, SQL Server, DB2 or any other platform, a contemporary database systems are at least as complex to configure securely as any server operation system. The database system will comprise a whole range of configuration parameters, each offering potential vulnerabilities if not set correctly.

Database Attributes Audited and Tracked

  • User accounts and password settings
  • Roles and assigned privileges
  • File/object permissions
  • Schema structure
  • Tables
  • Views
  • Triggers
  • Stored Procedures
  • Auditing functions
  • Networking capabilities

Supported Database Systems
Change Tracker will audit, monitor and report on any of the following database systems

  • Oracle, all versions including 8i, 9i, 10g and 11g
  • Microsoft SQL Server, all versions including 2005, 2008, 2008R2 and 2012
  • DB2, all versions including IBM DB2 Express-C, Workgroup Server Edition, and Enterprise Server Edition
  • PostgreSQL, all versions including Versions 8 and 9
  • MySQL, all versions including Standard and Enterprise Editions

Via Change Tracker’s Universal Database Adapter, other database management systems can be audited and tracked too – contact us to discuss your database hardening requirements.

In common with Change Tracker’s monitoring of operating systems and devices Change Tracker™ Gen7 R2’s ‘Closed Loop Change Management’ system allows planned, authorized changes to your databases be clearly identified and recorded against the RFC (Request For Change). As a consequence, any unplanned and unexpected changes – which could potentially lead to a security breach - are then easy to identify. See more on NNT Change Tracker’s ‘Closed Loop Change Management’ function here

Hardened Services Guide »
Understand the recommended hardened services settings for various compliance standards and requirements.

The Art of Layered Security

Data security is important for the health of your business and its reputation and as sophisticated attacks increase from both external sources such as Trojans, worms and modern malware, as well as internal threats from ‘Insiders’ knowing ‘how to operate within the rules’ to avoid detection, IT security is facing its most testing time.

By working with NNT you will be able to adopt a ‘layered and integrated approach’ to security that incorporates the right process, methodology and set of tools in order to guard your environment against this new threat landscape.

You will be able to:-

  • Continuously monitor and quantify all system activity in real-time pinpointing genuine security threats
  • 'Lock down' IT systems using expert-sourced, consensus-based system hardening best practices from The Center for Internet Security: CIS Benchmark Tool
  • Protect your IT infrastructure against both internal and external threats, including ‘zero-day’ threats and Advanced Persistent Threats where Anti-Virus and Intrusion Protection technologies are ineffective
  • Maintain your compliance obligations, such as PCI DSS, NIST SP 800-53, DISA STIG, HIPAA, NERC CIP, ISO 27001 or SOX
  • Provide host intrusion detection systems (HIDS) contingency so that if a breach is effective, you will still be alerted in real-time and know who was responsible

The Art of Layered Security

You can Click here to download the whitepaper.

Combining SIEM, CCM and FIM in one easy to use solution, NNT enables organizations to see which events take place, automatically honing in on those of concern - it will identify what changed, who made the change and which changes were planned vs unplanned, all in real-time.

The solution will reduce manual effort by automating the CCM process, removing the need to firefight whilst identifying the root cause of issues and preventing recurrence of the incident. It will eliminate the breach to detection time gap, alerting on unauthorized changes that introduce security risk or non-compliance and will enable you to make continual improvements to your compliant state by ‘learning with each alert’ to refine process and policy.

Security Monitoring - Change Detection

NNT Security Information and Event Log Management (SIEM)
NNT’s multi-platform security correlation enables you to securely gather and review daily logs from all devices, including network devices, UNIX and Window servers, applications and databases.
It will show:

  • Who has accessed what device
  • Is there an on-going security vulnerability
  • Whether confidential data is impacted

CIS Security Benchmark Certificate

NNT Change & Configuration Management (CCM)
The NNT solution starts with a compliance or device hardening audit option to ensure the devices are set up securely from the outset. On-going forensic detection of changes to this compliant state will be tracked in real-time or as part of a scheduled report, controlling and minimizing configuration drift and ensuring system configurations don’t deviate away from established standards and policies.
It will confirm:

  • Which devices were affected
  • Who made the change
  • Whether the change was approved
  • Whether it has affected your compliant state

NNT File Integrity Monitoring (FIM)
A vital stance in the bid to protect systems from breaches is to monitor unusual or unapproved changes to the Application file systems. NNT FIM verifies program and operating system files have not been compromised, with host intrusion prevention (HIP) pinpointing anything malicious installed on the in scope device.
It will identify:

  • Unusual changes
  • Which specific attributes changed and who made the change
  • Adds, moves or deletes
  • Checksum/hash based changes

Tripwire® Alternative


Choosing the right cybersecurity and continuous change control platform is critical.
We want you to have the best information possible to do so.


I really like Change Tracker and the support I have received to date. It’s a great tool and easy to use. NNT keep updating it, so I don’t feel like its stagnant which is also really important. It’s doing a better job of keeping track of devices for PCI compliance than Tripwire® used to. And operationally, that’s difficult here at Allina Health.

Rob Riggins, IT Security Manager at Allina Health

We decided that NNT offered us the best all-round solution. NNT are the revolutionary approach to change control and the product’s features far outweigh those offered by the competition. I did my due diligence and was confident that NNT could deliver what I needed – in the end, it was an easy decision to make.

Dave Smithers, CIO at IDB

Read what our customers are saying
Gartner logo
G2 Crowd logo
NNT’s Change Tracker Gen 7 R2

NNT Change Tracker Gen 7 R2 provides critical and fundamental cyber security prevention and detection. It does this by leveraging the required security best practice disciplines of system configuration and integrity assurance combined with the most comprehensive and intelligent change control solution available. Change Tracker from NNT will ensure that your IT systems remain in a known, secure and compliant state at all times.

NNT Change Tracker includes context-based File Integrity Monitoring and File Whitelisting to assure all change activity is automatically analyzed and validated. Complete and certified CIS and DISA STIG configuration hardening ensures all systems remain securely configured at all times and, coupled with the most intelligent change control technology, provides unparalleled change noise reduction along with the ultimate reassurance that the changes occurring within your production environment are consistent, safe and as required.

NNT's Intelligent Change Control


  • Extensive reputation/whitelist database
  • 8 Billion+ signatures
  • Includes all platforms: Windows, Unix, Linux
  • Servers, desktops, network & mobile devices
  • Extended coverage for Cloud and Container technologies
  • Database integrity monitoring for Oracle, SQL, DB2 and more


  • Extensive bundled compliance tests (PCI, HIPAA, etc.)
  • Tests for security hardening standards (DISA STIGs, CIS, etc.)
  • Easily create custom benchmarks and track config drift
  • Ensure a secure, healthy & compliant state
  • ICS (Industrial Control systems) and any other OT (Operational Technology) are covered


  • Certified ServiceNow, Remedy and Cherwell Integrations
  • ITSM Integration Module provides change reconciliation with all major Service Desks and Change Management Systems
  • Comprehensive Self-Learning Change Rules to enable automated Change Control
Change Noise Reduction

NNT’s Closed Loop Intelligent Change Control Technology reduces change noise by upwards of 90% in a typical deployment. All changes are analyzed and validated using a variety of trusted knowledge sources.

Authorized changes issued by ITSM tools are validated automatically, with a full audit trail of what actually changed reconciled with the Change Request. Recurring change patterns can be grouped as ‘Change Manifest’ then re-used to isolate pre-approved changes from the unexpected & genuinely suspicious changes

We have a lot more confidence in NNT as a product than what we did with their main competitor which is largely because of all the issues we experienced. We did a bit of a deep dive and found that one of our in-house products was making changes without authorization. Our staff were not following the change process and our previous solution wasn’t reporting on any of it.

Simon Green, Head of Infrastructure at PayPoint (read the case study)

Learn why NNT is the Right Tripwire® Alternative for You


FIM BuyerDownload our new FIM Buyers Guide to learn 8 things to consider when selecting the right FIM solution for your organization.


Change Tracker Gen7 R2 Solution Brief

Gen7 Solution BriefLearn how Change Tracker Gen7 R2 provides fundamental cybersecurity protection by combining security best practice disciplines for system configuration and integrity assurance with closed-loop intelligent change control.


Video: SecureOps Demo On-Demand

On Demand Video

Watch the SecureOps on-demand demo to learn about NNT’s revolutionary approach to solving the problems of cybersecurity by combining the essential prescribed security controls with advanced threat prevention, detection and intelligent change control technology.

Watch Now

Vulnerability Management Buyers Guide

VM BuyersDownload this Guide to understand the real differences between all the VM solutions available and 8 critical considerations when selecting the right solution for your organization.


NNT is Trusted by Thousands of Organizations across the Globe
Next Steps

Are you ready to get started in securing your IT environment with
industry-approved foundational controls, intelligent change control and automation?

Secure, Fast, Simple to Deploy and the lowest Cost of Ownership of any Enterprise-Class Wireless Networking Solution available!

100% PCI DSS Compliant Wireless Networking:

MerakiMeraki includes wireless Intrusion Detection features (IDS) - also known as rogue AP detection - and the strongest encryption standards - not just WPA2-PSK but WPA2-Enterprise 802.11i with AES encryption - all as standard.

Add built-in LAN Segmentation firewalling technology and Identity Policy management and you have the perfect solution for Wireless Networking with total security included as standard.

Cost-Slashing Hosted Architecture – no wireless controller needed!

Traditional controllers are often the most costly component of a wireless network - even before factoring in maintenance, support, and the value of your time. Merakiʼs hosted controller architecture eliminates the cost and complexity of on-site controllers, providing highly-available, scalable centralized management at a fraction of the cost.

Full Enterprise Feature Set

Meraki networks are easy to use, yet fully featured for enterprises, with capabilities like RADIUS integration and intrusion detection.

Even advanced functionality like policy firewalls and guest management are easy to configure with intuitive web-based management. With all-inclusive pricing, there are no per-feature licenses, upgrade fees, or other hidden costs

Top of the Line 802.11n Access Points

With enterprise-class chipsets, hardware-accelerated encryption, and Priority Voice QoS, Meraki's 802.11n APs deliver Ethernet speed without the wires.

Each AP is constantly monitored and optimized from the cloud, so the network automatically adapts to changing interference conditions.

Multi-radio, multi-channel mesh routing and automatic mesh failover offer fault tolerance, and provide fast coverage in hard-to-wire areas.


Continuous Compliance - Cyber Security Controls

All security standards and Governance, Risk Management, and Compliance policies (GRC) such as PCI DSS Version 3, SOX (Sarbanes Oxley), NERC CIP Version 5, HIPAA/HITECH, FedRAMP, DISA STIG, ISO27000 and FISMA require IT systems to be secure and configured properly in order to protect and secure confidential data.

Cybersecurity controls with respect to Corporate Governance Compliance are typically focused on guaranteeing data security and integrity and there are common themes applied across all policies, advocating the operation of security best practices to achieve:

System Integrity – to protect systems from insider tampering and cyber attack, ensuring software, firmware and information integrity.

Risk assessment – minimizing risk by determining vulnerabilities and applying system hardening and other countermeasures to threats where identified

Continuous Monitoring – Change control, security impact analysis and configuration management, build audit trails of user and system activity.

learn more try it get a quote request a demo ask a question


SIEM / Log Analysis and Compliance

As well as being a fantastic aid to general IT troubleshooting and management, Log Analysis or SIEM, is a key weapon in the fight against any cyberthreats. By gathering logs from all devices including network devices, Unix and Windows servers, applications and databases, user and system activity patterns can be correlated and used to pre-empt an attack or at least understand the scope and nature of a breach if successful.

SIEM technology (Security Incident and Event Management) enables preventative measures to be continually improved, breach detection capabilities enhanced and forensic investigation audit trails to be assembled when required.

This is why all security and GRC policies place log retention at their core and and daily log reviews are a standard security best practice.

SIEM technology automates this review and analysis to provide a real-time threat detection capability as well as a means of correlating multiple threat and vulnerability intelligence sources. This has revolutionized the use of log analysis as a means of identifying the clues and pointers indicating hacker activity, providing a powerful cyber defense system.


learn more try it get a quote request a demo ask a question


In accordance with DOD directives regarding IA-enabled IT devices, DISA and the NSA via the Defense IA program provide security configuration guidelines, represented in SCAP format as Security Technical Implementation Guides or STIGs.

The Critical Infrastructure Protection initiative of the North America Electric Reliability Corporation has helped protect Bulk Electric Systems and keep the lights on since its initial introduction in 2008.

The Federal Risk and Authorization Management Program (FedRAMP) provides a standardized benchmark for secure cloud services. As the name suggests, this was originally derived for government departments and agencies but is seeing wider interest and adoption by cloud service providers beyond the Federal Government customer requirements.

The PCI DSS is a set of data security best practice guidelines designed to protect payment card data from fraudulent use. The DSS was formulated by the PCI Security Standards Council, a body formed by the major Payment Card brands, and is a global standard applied to all merchants, payment processors and banks, in essence, anyone who handles card data must be accountable for its governance.

Electronic Personal Health Information (PHI) records are at risk of theft or exposure just like any other data stored in computer systems. HIPAA and the subsequent HITECH act mandate the responsibility to protect the confidentiality of health information.

In the wake of a number of corporate accounting scandals, including Enron, Peregrine Systems and WorldCom, the Sarbanes-Oxley Act was introduced 'To protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws, and for other purposes' The intent of the Act was to ensure that similar cases of accounting fraud and the misleading of investors would be prevented in the future for all publicly held companies, management and public accounting firms.

The USGCB supersedes the original FDCC and provides recommended configuration build-standards primarily to safeguard security. The security checklists formulated are published in the National Vulnerability Database (see

The COBIT framework is published by the IT Governance Institute and the Information Systems Audit and Control Association (ISACA) and provides a framework of Information Technology Service Delivery best practices for governance and management. The main domains for the framework comprise:

And the number one solution that delivers all the
key security and compliance benefits of file integrity monitoring is NNT Change Tracker™

Easiest To Use – Most Fully Featured – Most Affordable
Learn more about NNT Change Tracker here

Contact Us

USA Offices

New Net Technologies LLC
Suite #10115, 9128 Strada Place
Naples, Florida, 34108

New Net Technologies LLC
1175 Peachtree St NE
Atlanta, Georgia, 30361.

Tel: (844) 898-8358
[email protected]


UK Office

New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire

Tel: 020 3917 4995
 [email protected]

SC Magazine Cybersecurity 500 Infosec Security Winners 2018 CIS benchmarking SEWP Sans Institute Now Certified IBM Security
Copyright 2021, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.