Easily Compare & Contrast Compliance Reports with Gen7
In this Educational Moment we discuss Comparing and Contrasting Compliance Reports to provide ongoing real time compliance intelligence. Learn how to leverage the information provided for enhanced security and compliance management as well as comparing results from different devices to ascertain any configuration or compliance drift.
We will also provide a sneak peek at the all new Threat Intelligence Engine that will allow you to fully automate change approvals without the need for constant manual review.
This 30 minute educational session works to enhance your understanding of our solutions and unearth features you may not even know exist. Whether you're interested in partner training, customer training, or simply on the market for compliance solutions, we encourage everyone to watch!
- Educational Moment – 20 Minute Update
- Compliance – Some of the time? All of the time?
- Live Demo of Compliance Report Comparer
- Q & A
Continuous Compliance – Myth?
How often should you be in compliance of your standard?
- When the Audit is due?
- Within 6 months of the ROC (Report on Compliance)
- Always, but if not in compliance, never for more than 7 days
Should you always show a 100% score for any scans/reports?
- Not at the outset but within 6 months you should
- Never, it doesn’t matter if you miss a few, that’s our choice
- 24/7/365 – any time you aren’t 100% you are more vulnerable to attack
Why does partial compliance, some of the time, matter?
- Remember Target?
- In less than 3 weeks they had lost payment card and personal information relating to 70M customers
When do Cyber-Attacks happen?
- Weekends when it is quieter?
- Nights when nobody is on duty?
What do the Security Standards say?
PCI, NIST and all other standards set the bar pretty low
- File Integrity Checks once a week
- Vulnerability Scans every 6 months (at best, 30 days)
- This says more about the limitations of technology available e.g. standard scanners than the need for 24/7 security
Compliance? Continuous and Real-Time!
General Security and Compliance is based on the adoption of Security Best Practices:
- System Hardening
- Vulnerability Management
- System Integrity Monitoring
- Malware Mitigation
- Change Control
- Audit Trails
- Breach Detection
NNT Change Tracker Gen 7™ underpins any enterprise compliance initiative with CIS-based Audit reports…and now with Compliance Remediation Kits for Group Policy, Puppet and other deployment tools
Live Demo of Compliance Report Comparer
See video opposite for demo
The File Whitelist Concept – The Opposite of Anti-Virus
Anti-Virus is Signature-based – a blacklist of all bad files
- As malware is identified, signatures are added to the AV system
- If signatures are identified as present on a system, the files can be quarantined
- Zero Day Malware is invisible to AV, Zero Day = Never-Before-Seen, so no signature
- So how do you spot Zero Day malware if it can’t be identified?
Whitelist is also signature-based - a whitelist of all good files
- We also need knowledge of all known-good files, then any files not on EITHER the whitelist OR the blacklist list should be treated as suspicious
NNT F.A.S.T. Cloud
NNT now provide a cloud-based Threat Intelligence service, continuously updated with file reputation intel sourced directly from Manufacturers (can be cached locally for isolated estates)…
…this is powered by leading File Whitelisting and File Reputation providers and then enhanced with NNT Patch Correlating Intelligent Planned Change rules…
…as file changes are detected in real-time the NNT Threat Intelligence cloud is queried for the file reputation data and either classified as Planned or Unplanned if needing investigation…
- By Default, the service is cloud-delivered but can use a localized repository instead
- The NNT FAST Cloud is powered by Kaspersky Whitelist, which contains 100M’s of files pre-analysed with around a million new files added/updated every day
- Crucially, NNT FAST Cloud is both dynamic and bespoke –
- Intelligence from YOUR environment is added every day via Intelligent Planned Change feedback
- Bespoke, because even in-house, unique applications to you will be added to the FAST Cloud