Organisations today face an ever-increasing number of security threats from internal privileged users and external attackers, including APTs. SIEMs are only part of the solution available to Security teams that require true actionable intelligence – the right information at the right time to the right stakeholder – to help identify and mitigate security threats and protect corporate assets.
NetIQ today announced that Change Guardian™ 4.0 now detects and responds to potential threats in real time through intelligent alerting of unauthorised access and changes to critical files, systems, and applications.
Most organizations employ SIEM technology as a critical piece of the security infrastructure. However, SIEM alone is no longer enough to achieve sufficient layers of data protection and risk mitigation. Change Guardian complements and extends SIEM by delivering the deeper actionable intelligence on changes to systems and actions of privileged users to more quickly identify and remediate attacks before considerable damage is done.
Providing security teams with details to identify threats and record change – specifics such as who performed the action, what action was performed, when the action was taken, and where the action was taken – and information as to whether or not actions are authorised, Change Guardian 4.0 closes the gap for all SIEM solutions with:
· Rich “before and after” detail for changes to critical files and settings to enable IT to act quickly with minimal expertise.
· Policy based monitoring that provides the ability to simply specify monitoring policies required for various regulations, mandates, best practices or internal policies.
· Additional platform support for UNIX and Linux to complement existing Windows and Active Directory capabilities.
“Unauthorised change and user activity are a leading cause of security breaches and early indicators of a targeted attack,” said Geoff Webb, director, Solution Strategy at NetIQ. “Security teams need actionable information that can extend their ability to manage risk and avoid business disruptions. Our expectations are that as organisations increasingly adopt BYOD, Mobility and Cloud, they will face even greater risks and demands, making solutions like Change Guardian a fundamental requirement to simplify and centralize response.”