Latest news
Auditing the configurations of IT systems, and monitoring changes in those configurations, is a critical step in reducing security risk and achieving compliance. nCircle Configuration Compliance Manager automates configuration auditing, and changes monitoring and configuration compliance processes, providing a clear picture of system configurations and the impact of configuration changes on compliance.
Configuration Compliance Manager utilizes a completely agentless architecture, requiring no software installation on monitored endpoints. Agentless monitoring dramatically reduces deployment costs and makes it possible to profile every device on the network, delivering the most comprehensive coverage and the lowest cost of ownership.
Configuration Compliance Manager includes a rich library of policies based on standards and benchmarks from NIST, Center for Internet Security, DISA and Microsoft, as well as policies for specific regulations, such as PCI, Sarbanes-Oxley, HIPAA, USGCB and NERC.
“With Configuration Compliance Manager 5.13, nCircle extends coverage for two of the most important technologies in the enterprise: databases and web servers,” said Tim Erlin, director of product management and IT risk and security strategist for nCircle. “The addition of MySQL auditing and the corresponding CIS policy allow customers to audit a critical enterprise application. Microsoft IIS 7 coverage, including the DISA STIG policies, extends Configuration Compliance Manager's web server auditing capabilities to help protect the underlying infrastructure behind many of the most critical enterprise applications.”
With over 65,000 downloads per day, MySQL is the one of the most popular open-source databases. MySQL provides a reliable, affordable, easy to use solution for a wide range of database applications. Configuration Compliance Manager 5.13 adds MySQL support and four CIS-certified MySQL policies, enabling customers to audit for a wide range of best practice standards in order to improve security, ensure integrity and meet regulatory compliance requirements.
Web servers are targeted and attacked by cyber criminals more frequently than any other system on an organization’s network. Microsoft IIS runs on over 84 million domains around the world and is used extensively in the enterprise. Configuration Compliance Manager 5.13 allows organizations to scan IIS7 configurations for a wide range of best practice standards to effectively manage security risks and increase compliance on these critical assets.
Spotlight
Review: Logging and Log Management
Posted on 22 May 2013. | Every security practitioner should be aware of the overwhelming advantages of logging and perusing logs for discovering system intrusions. But logging and log management comes with its own set of difficulties.
Experts highlight top data breach vulnerabilities
Posted on 22 May 2013. | Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker.
A closer look at Mega cloud storage
Posted on 21 May 2013. | Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
Cyber espionage campaign uses professionally-made malware
Posted on 20 May 2013. | A massive cyber espionage campaign has been hitting government ministries, IT companies, academic research institutions, and more.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
