Adding Change Control To Your Change Management Process
NNT and Cherwell have teamed up to provide a comprehensive out-of-the-box integration that links the changes requested and approved with those that are actually taking place within your IT environment. This combined solution set hugely improves security, availability and compliance by implementing a closed-loop intelligent change control solution that will correlate all changes occurring throughout your IT environment with an approved change ticket and or manifest from your Cherwell solution.
IT changes are the number one source of service outages and security breaches. Integrating NNT’s award-winning change control solution with Cherwell’s change management platform dramatically improves IT service delivery as well as significantly improving your security and compliance initiatives.
By Integrating Change Tracker™ with Cherwell your Capability for Change Control is Transformed
Approved changes are validated automatically, with a full audit trail of what actually changed provided and reconciled with your Change Requests. By leveraging Change Tracker Intelligent Change Control™, repeated or recurring change patterns can be modeled and re-used to segregate pre-approved changes from the unexpected and genuinely suspicious changes. This reduction of change noise revolutionizes breach detection, clearly exposing insider and zero-day malware activity.
Change Tracker™ Puts a Spotlight on All Changes Made
Changes made during a prescribed planned change window get validated against the expected change profile - any exceptions, such as misconfigurations or additional non-scoped changes are exposed for review and remediation where required. All Unplanned Changes are also recorded in full – including who made the change, with before and after exposure of changes clearly reported. These are prioritized as Cherwell incidents – changes will be automatically analyzed using continuously updated Threat Intelligence – NNT F.A.S.T. Cloud™.
Validate approved changes automatically with a full audit trail of what actually changed provided.
Significantly reduce overwhelming change noise to clearly expose insider & zero-day malware activity.
Re-use recurring change patterns to isolate pre-approved changes from the unexpected & genuinely suspicious changes.
Investigate unplanned changes in full, with who made the change and before & after exposure of changes clearly reported.
Automatically analyze changes using continuously updated Threat Intelligence- NNT F.A.S.T Cloud™.
What does a Closed-Loop Intelligent Change Control process look like?
- Request for proposed changes are submitted to a CAB (change advisory board). The CAB either approves or rejects the request for change.
- If approved, a Release, Build, Test, Schedule and Deployment plan is created to take effect within a prescribed Change Management & Maintenance Window.
- Change Tracker is incorporated into a pre-production test environment of the ITSM tool(s). Observed changes by NNT Change Tracker are used as a mechanism to auto-build a policy to identify and suppress noise of expected changes in post-deployment environments. (NNT Change Tracker Builds New Planned Change Schedule).
- NNT will operate (inside and outside the Change Mgmt & Maintenance Window) to detect all changes.
- NNT observed changes are reconciled against approved change requests from the ITSM platform.
- By understanding the authorized and approved changes, NNT will highlight all the unknown, unwanted, unexpected and potentially malicious changes (additions, modifications and deletions). These are the changes needing to be reviewed and investigated immediately.
Access CIS Resources
Access a broad range of CIS Benchmark reports to audit your enterprise and continuously monitor for any drift from your hardened state.
Download Reports »
Server Hardening Resources
Download Hardened Services checklists, derived by NNT in conjunction with Microsoft, to manually audit your servers for compliance.
Download Checklists »
Audit Policy Template Resources
Gain access to audit policies derived from the Center for Internet Security to generate audit logs on all relevant security levels.
Download Audit Policies »
Combine industry leading Device Hardening, File Integrity Monitoring, Change Control, Configuration Management & Compliance Management into one easy to use solution that can scale to the most demanding environments!
Automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology) Integrity Assurance.
Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds.