Easily Compare & Contrast Compliance Reports with Gen7

In this Educational Moment we discuss Comparing and Contrasting Compliance Reports to provide ongoing real time compliance intelligence. Learn how to leverage the information provided for enhanced security and compliance management as well as comparing results from different devices to ascertain any configuration or compliance drift.

We will also provide a sneak peek at the all new Threat Intelligence Engine that will allow you to fully automate change approvals without the need for constant manual review.

This 30 minute educational session works to enhance your understanding of our solutions and unearth features you may not even know exist. Whether you're interested in partner training, customer training, or simply on the market for compliance solutions, we encourage everyone to watch!

Video Transcript

Agenda

Educational Moment – 20 Minute Update
Compliance – Some of the time? All of the time?
Live Demo of Compliance Report Comparer
Q & A

Continuous Compliance – Myth?

How often should you be in compliance of your standard?

When the Audit is due?
Within 6 months of the ROC (Report on Compliance)
Always, but if not in compliance, never for more than 7 days

Should you always show a 100% score for any scans/reports?

Not at the outset but within 6 months you should
Never, it doesn’t matter if you miss a few, that’s our choice
24/7/365 – any time you aren’t 100% you are more vulnerable to attack

Why does partial compliance, some of the time, matter?

What do the Security Standards say?

Compliance? Continuous and Real-Time!

General Security and Compliance is based on the adoption of Security Best Practices:

System Hardening
Vulnerability Management
System Integrity Monitoring
Malware Mitigation
Change Control
Audit Trails
Breach Detection

NNT Change Tracker Gen 7™ underpins any enterprise compliance initiative with CIS-based Audit reports…and now with Compliance Remediation Kits for Group Policy, Puppet and other deployment tools

Live Demo of Compliance Report Comparer

Threat Intelligence Integration – A Mute button for FIM Change Noise

The File Whitelist Concept – The Opposite of Anti-Virus

Anti-Virus is Signature-based – a blacklist of all bad files

As malware is identified, signatures are added to the AV system
If signatures are identified as present on a system, the files can be quarantined
Zero Day Malware is invisible to AV, Zero Day = Never-Before-Seen, so no signature
So how do you spot Zero Day malware if it can’t be identified?

Whitelist is also signature-based - a whitelist of all good files

We also need knowledge of all known-good files, then any files not on EITHER the whitelist OR the blacklist list should be treated as suspicious

NNT F.A.S.T. Cloud

NNT now provide a cloud-based Threat Intelligence service, continuously updated with file reputation intel sourced directly from Manufacturers (can be cached locally for isolated estates)…

…this is powered by leading File Whitelisting and File Reputation providers and then enhanced with NNT Patch Correlating Intelligent Planned Change rules…

…as file changes are detected in real-time the NNT Threat Intelligence cloud is queried for the file reputation data and either classified as Planned or Unplanned if needing investigation…

Summary

By Default, the service is cloud-delivered but can use a localized repository instead
The NNT FAST Cloud is powered by Kaspersky Whitelist, which contains 100M’s of files pre-analysed with around a million new files added/updated every day
Crucially, NNT FAST Cloud is both dynamic and bespoke –
- Intelligence from YOUR environment is added every day via Intelligent Planned Change feedback
- Bespoke, because even in-house, unique applications to you will be added to the FAST Cloud

Change Tracker Generation 7 logo