NNT

Securing you without disrupting user experience. We protect your
business-critical data and applications wherever they live.

SECUREOPS™ - A CRITICAL PIECE TO SOLVING TODAYS FLAWED SECURITY STRATEGIES

IT SECURITY & COMPLIANCE - PROBLEM SOLVED!

Independent research has indicated that 91% of ALL security breaches can be auto-detected by utilizing tools, techniques and detective controls included in Gen7 R2.

Change Tracker Features And Benefits

null

Automates CIS Controls

Spot cyber threats, identify any suspicious changes and adjust the secure baseline for all of your systems in real-time with NNT Change Tracker™ Gen7R2. Approve changes to the authorized baseline with a simple point and click.

null

Breach Prevention

Ensure all IT assets are secure and breach free at all times by leveraging state of the art, recommended security and configuration hardening settings along with real-time system vulnerability and configuration drift management.

null

Breach Detection

Change Tracker™ Gen7 R2 identifies suspicious activity using highly sophisticated contextual change control underpinned by threat intelligence to spot breach activity while reducing change noise.

null

Real-Time Contextual File Integrity Monitoring

Change Tracker™ intelligently analyzes all changes in real-time leveraging the world’s largest repository of independently verified whitelisted files combined with intelligent and automated planned change rules to significantly reduce change noise and deliver a true FIM solution.

null

System Hardening & Vulnerability Management

Minimize your attack surface with continuous and real-time clear configuration guidance and remediation based on CIS and other industry standard benchmarks for system hardening and vulnerability mitigation guidance.

null

Continuous Compliance Monitoring Across all Industries

NNT provides comprehensive tailored or pre-built reports to provide vital evidence to security staff, management and auditors of the ongoing and improving state of your organizations secure and compliant posture.

null

Gen7 R2 has the ability to reduce change noise by more than 90% leaving only changes that are unknown, unwanted, unexpected or malicious in nature.

SECUREOPS™ - A CRITICAL PIECE TO SOLVING TODAYS FLAWED SECURITY STRATEGIES

NNT F.A.S.T. CLOUD THREAT INTELLIGENCE INTEGRATION

Change Tracker Features And Benefits

null

Is the new or changed file detected known to be safe?

The overwhelming majority of file changes in a secure IT estate will be attributed to regular patching, for example, Windows Updates.

Given that your estate is inherently secure and subject to change control and other security best practices, >99.99% changes recorded will be ‘safe’. Not always expected or operationally desirable, but at least files have been provided by the manufacturer and not a hacker.

null

Isn’t this the job of Anti-Virus technology?

Anti-Virus is Signature-based, in other words, AV operates using a blacklist of all known bad files.Millions of new viruses are released into the wild every day, and accordingly, AV vendors add updated signatures as soon as the malware has been identified. It’s simple: blacklisted files are removed before they do harm.

Unfortunately, Zero Day Malware is invisible to AV. Zero Day = Never-Before-Seen, so no signature. Millions of viruses, Trojans and APTs do not exist on the blacklist and are free to do damage until caught.

So how do you spot Zero Day malware if it can’t be identified?

null

If a Blacklist approach is flawed, will a Whitelist work better?

A Whitelist is also signature-based, comprising all known good files. Using a whitelist as a ‘safety-first’ decision basis prioritizes security above all else. Not whitelisted? Assume harmful.

A truly comprehensive whitelist is an ambitious objective, but with zero day malware production rates relentlessly spiralling upwards, it’s a more realistic goal than that of the AV vendors.

By collaborating with a range of security researchers, manufacturers and crowd-sourcing data from the global community, while factoring in other trust indicators such as signing certificates, a reliable and effective whitelist is readily within reach.

null

Can a Whitelist Verification process be automated?

Using the NNT FAST™ Cloud, powered by external Threat Intelligence feeds, Gen 7™ makes this whole process even easier by automating the analysis and approvals process.

By integrating the FAST™ Cloud File Reputation repository into Gen 7™, file changes can be automatically and instantly verified as ‘known safe’ as they are detected. But it doesn’t stop there – other changes associated with patching can also be queried and automatically approved using the NNT FAST™ Cloud. For example, Software/Update changes, Windows registry changes, or even new services/processes being created can all be reviewed and, where pre-selected as ‘known safe’, automatically reviewed and approved for you.

null

So a Whitelist and Blacklist combined in a Real-Time FIM scenario guarantees Security?

The challenge for security professionals is that you need to know when changes are made to systems, but sorting the ‘everyday/ok’ from the ‘unusual/suspicious’ changes always required a time-consuming, manual review.

IMPORTANT: the whitelist knowledge is being combined with the blacklist of your AV system, not replacing it. If a file is known-harmful, the AV will still quarantine it. Likewise, if a file is known-safe, the whitelist will confirm this. All that is left for you to manually review and approve is the tiny minority of ‘not-yet whitelisted’ files – for example, bespoke in-house developed applications.

BUT – if you are unfortunate enough to be breached, files related to this cyberattack will also be exposed in this ‘no man’s land’ of neither blacklisted, nor whitelisted files.

NNT LOG TRACKER ENTERPRISE™

Comprehensive and easy-to-use Security Information and Event Management (SIEM) solution for any compliance mandate providing:

    • Enterprise-Class SIEM Capabilities
    • Compliance Automation
    • User & System Activity Audit Trails
    • Network Anomaly Forensics
    • Proactive Threat Detection

NNT Log Tracker Enterprise has built-in support for all major GRC standards, protecting customer data and customer privacy to auditor-ready levels right out of the box, including:

Compliance Standards Supported

  • PCI DSS V3.2
  • Sarbanes-Oxley
  • NIST 800-53
  • DISA STIG
  • HIPAA

  • NERC CIP and NRC RG
  • DODI Defense Cybersecurity Program
  • FedRAMP
  • COBIT

Platforms and Applications Supported

  • Network Devices, including Cisco, Juniper, Nortel, Avaya, Huawei, Dell
  • All Windows, Unix and Linux servers, including Solaris, RHEL, SUSE, Ubuntu, CentOS, HP/UX, AIX and Non Stop
  • Firewall or IPS and IDS devices, including Checkpoint, Cisco ASA, Palo Alto, Fortinet, WatchGuard and SonicWall
  • Database and Data Warehouses servers including SQL Server, Oracle, DB2, MySQL, PostgreSQL, Hadoop, Netezza, Informix, and Teradata
  • Middleware and Web Servers including JBOSS, Fusion, WebSphere, IIS, Apache, Tomcat, 6. JBoss, HIS, Websphere, SunOne and Weblogic
  • SCADA, HMI, MES and other Industrial Control Systems, including Schneider Electric, GE and Siemens
  • IBM Mainframes and IBM AS/400-iSeries, for user activity and File Integrity Monitoring
  • All other potentially useful sources of log information such as door Entry systems, Environmental sensors, etc

SECUREOPS™ - A CRITICAL PIECE TO SOLVING TODAYS FLAWED SECURITY STRATEGIES

VULNERABILITY TRACKER™

IDENTIFYING KNOWN VULNERABILITIES WITHIN SOFTWARE AND CONFIGURATION SETTINGS

99% of the vulnerabilities exploited by the end of 2020 will continue to be ones known by security and IT professionals at the time of the incident – Gartner

Change Tracker Features And Benefits

null

Countless Tests

Over 72,000 automated NNT-VT vulnerability tests, continuously expanded in real-time.

null

Real-Time Intelligence

Over 130,000 CVEs updated every minute
via live cloud-feed.

null

Versatile

Blended credentialed and non-credentialed tests to give flexibility to your scanning program.

null

Distributed Architecture

Fully distributed architecture provides centrally controlled, scanning mesh even for the largest global enterprise networks.

null

CIS Control

Directly addresses CIS Controls for Inventory, Secure Configurations, Control of Ports and Services and Continuous Vulnerability Assessments.

null

Rapid Scanning

Hyper-fast scanning technology means you can assess over 50,000 endpoints per 24 hours.

Supersecure your data with NNT

Request Demo