Enabling the seamless integration of NNT’s comprehensive real-time FIM, System Hardening and Change & Configuration Management technology with log management platforms.
NNT, a leading provider of PCI DSS and IT security and compliance software solutions, today announces that it is providing open access to its NNT Change Tracker Enterprise product suite to enable existing Log Management vendors to enhance their Security Information and Event Management functionality with vital additional features for improved security and control.
NNT Change Tracker Enterprise provides a full suite of change & configuration management, real-time and historical file integrity monitoring (FIM), along with policy management features, all in one easy to use software product. The software enables organizations to audit IT systems for vulnerabilities and then set a baseline to monitor changes to configurations, file systems, registries and settings, identifying whether the change was ‘planned’ or ‘unplanned’, ‘who made the change’, and the impact on the organization’s security posture.
By providing open access to Change Tracker, NNT is paving the way for SIEM vendors to augment their existing capabilities. For example, Change Tracker gives an immediate snapshot of the overall state of system security, which SIEM systems typically do not provide. Equally, SIEM platforms are ideally suited to handling a huge volume of events from appliances such as firewalls, but in order to understand whether these events have in any way affected the firewall’s security status, a product like Change Tracker is needed. Ultimately the end-user customer will benefit by having vital context added to the log data, exposing details of configuration changes that weaken system security and fail compliance.
Mark Kedgley, Chief Technical Officer at NNT commented on the product development strategy: “It’s a question of needing the right combination of tools for the job, which all SIEM vendors already recognize as an issue. Change Tracker provides a different perspective on system security to that delivered by SIEM technology, adding colour and depth to security intelligence. This integration removes the well-known blind spots that exist with pure-play SIEM solutions and we are excited by the opportunity that now exists for us to complete the security capabilities of a number of leading SIEM solutions.”