Adding Change Control To Your Change Management Process
NNT and Cherwell have teamed up to provide a comprehensive out-of-the-box integration that links the changes requested and approved with those that are actually taking place within your IT environment. This combined solution set hugely improves security, availability and compliance by implementing a closed-loop intelligent change control solution that will correlate all changes occurring throughout your IT environment with an approved change ticket and or manifest from your Cherwell solution.
IT changes are the number one source of service outages and security breaches. Integrating NNT’s award-winning change control solution with Cherwell’s change management platform dramatically improves IT service delivery as well as significantly improving your security and compliance initiatives.
By Integrating Change Tracker™ with Cherwell your Capability for Change Control is Transformed
Approved changes are validated automatically, with a full audit trail of what actually changed provided and reconciled with your Change Requests. By leveraging Change Tracker Intelligent Change Control™, repeated or recurring change patterns can be modeled and re-used to segregate pre-approved changes from the unexpected and genuinely suspicious changes. This reduction of change noise revolutionizes breach detection, clearly exposing insider and zero-day malware activity.
Change Tracker™ Puts a Spotlight on All Changes Made
Changes made during a prescribed planned change window get validated against the expected change profile - any exceptions, such as misconfigurations or additional non-scoped changes are exposed for review and remediation where required. All Unplanned Changes are also recorded in full – including who made the change, with before and after exposure of changes clearly reported. These are prioritized as Cherwell incidents – changes will be automatically analyzed using continuously updated Threat Intelligence – NNT F.A.S.T. Cloud™.
Validate approved changes automatically with a full audit trail of what actually changed provided.
Significantly reduce overwhelming change noise to clearly expose insider & zero-day malware activity.
Re-use recurring change patterns to isolate pre-approved changes from the unexpected & genuinely suspicious changes.
Investigate unplanned changes in full, with who made the change and before & after exposure of changes clearly reported.
Automatically analyze changes using continuously updated Threat Intelligence- NNT F.A.S.T Cloud™.
What does a Closed-Loop Intelligent Change Control process look like?
- Request for proposed changes are submitted to a CAB (change advisory board). The CAB either approves or rejects the request for change.
- If approved, a Release, Build, Test, Schedule and Deployment plan is created to take effect within a prescribed Change Management & Maintenance Window.
- Change Tracker is incorporated into a pre-production test environment of the ITSM tool(s). Observed changes by NNT Change Tracker are used as a mechanism to auto-build a policy to identify and suppress noise of expected changes in post-deployment environments. (NNT Change Tracker Builds New Planned Change Schedule).
- NNT will operate (inside and outside the Change Mgmt & Maintenance Window) to detect all changes.
- NNT observed changes are reconciled against approved change requests from the ITSM platform.
- By understanding the authorized and approved changes, NNT will highlight all the unknown, unwanted, unexpected and potentially malicious changes (additions, modifications and deletions). These are the changes needing to be reviewed and investigated immediately.
Speak to a consultant to help you find a solution that fits your security needs Contact Us
Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.
Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.