How do you deploy your Windows Server images? If you are anything like the majority of IT teams out there, you download the latest ISO from the Microsoft website, maybe even use one you have downloaded in the past. Then post install you spend a couple of hours applying all the patches which have been released since.
Heavy is the head that wears the crown, is the old saying which comes to mind when I think of Tripwire Enterprise. A solution which has sat at the top of its game for so long that there is only conceivable one direction left.
Have you ever met an IT manager, administrator, CISO or compliance officer who had a lot of time on their hands? No, me neither. If they exist, then they are certainly a rare breed!
If you or your organisation uses the very popular ServiceNow solution for change management, how do you accurately ensure that intended changes were delivered as requested and approved? Do you assume changes have been made successfully and correctly, if there was no post-change feedback, whether it be negative or not?
How many of you use AWS or another cloud hosting provider such as Microsoft Azure or Google Cloud? The question is of course rhetorical due to the limited medium that is the blog, but in any case my experience tells me that a vast majority of readers do.
I have no doubt that like most readers, system administrators, heads of IT and CISOs, that you probably have an unending list of desired solutions and tools which you would like to deploy in your networks. Writing business cases and securing the budget for everything would be in reality, impossible; and so instead, prioritisation based on need is a critical factor in deciding what to invest in.
When it comes to FIM (File Integrity Monitoring) and secure configuration management. there are two main solution vendors worth considering. Tripwire Enterprise and NNT Change Tracker. Both have impressive existing customer rosters and reputations; are multi-million pound businesses and have an international presence. But which solution is better?
FIM or File Integrity Monitoring, is without a doubt a highly important layer of defence in any network worth protecting. Required by data security standards such as PCI-DSS and recommended by auditors and security practitioners globally. FIM monitors critical system files, operating system components and even network devices for unauthorised changes.
Has there ever been a more confusing data security standard than the PCI-DSS? Even now, thirteen years on from its initial release, a clear understanding of what you need to achieve to be compliant may still be a challenge.
For some, a FIM (File Integrity Monitoring) solution is a compliance necessity, for others it features as a core component of their change management process. In either case, file integrity monitoring provides a mechanism for alerting when applications, system files or configurations change unexpectedly.