eIQcast Episode 21: The Role of File Integrity Monitoring

October 20, 2009

"integrity" originally uploaded by glsims99In this episode of the eIQcast, Mike Rothman dives into the nuances of file integrity monitoring and why it’s an important aspect of both security and compliance. One of the first things an attacker is going to do is mess around with system files, so having some mechanism to ensure that system files, registry values and the like aren’t tampered with is a big part of “reacting faster” to potential security issues.Mike also discusses how eIQ’s SecureVue security and compliance management platform provides this capability through it’s newly updated agent technology, continuing to show technical innovation beyond simple security information and event management (SIEM) and log management solutions.

Running time: 10:41

Direct Link: http://eiqcast.podOmatic.com/entry/2009-10-20T13_58_46-07_00

Don’t be like Dick and check out eIQ’s video at logdataisnotenough.com

Posted by Mike Rothman
Filed in Security, eIQcast
Tags: ,
Comments Off

Press Release: ComplianceVue Packages for PCI, NERC and HIPAA

September 9, 2009

Today eIQ announced new ComplianceVue Packages, a turnkey offering to address compliance reporting requirements based on its SecureVue® security and compliance management platform. The ComplianceVueTM packages (PCIVueTM, NERCVueTM, and HIPAAVueTM) provide detailed compliance reporting across more than just log data, greatly surpassing the capabilities of competitive products. ComplianceVue packages are available immediately to address PCI-DSS, NERC CIP and HIPAA regulatory requirements.

“eIQnetworks already correlates data from more data sources than any other solution on the market, and for that reason SecureVue is uniquely positioned to identify sophisticated in-progress attacks or vulnerabilities that log-only solutions will miss,” said Vijay Basani, eIQnetworks’ CEO. “With the ComplianceVue packages, eIQ now offers a turnkey solution for comprehensive compliance reporting across a broad range of security data including events, configuration data, vulnerabilities, and network flows, proving again that ‘log data is not enough’ to properly prove adherence to regulatory rules.”

The new ComplianceVue packages include a SecureVue Central Server, and the associated compliance reporting modules and dashboards required to provide necessary documentation for regulatory-driven audits. Reporting is effortless, and section-specific compliance reports are directly linked to appropriate rules and requirements of each supported regulation, best practice, or standard. Interactive dashboards provide real-time views into key compliance metrics, and provide drill-down into underlying data to support comprehensive internal and external auditing needs.

For more details and benefits on the new ComplianceVue package, check out the full press release on the eIQ site: “eIQnetworks Introduces ComplianceVue Packages for PCI, NERC and HIPAA to Streamline Regulatory Compliance Reporting

Posted by eiqbeth
Filed in Announcements, Compliance, Product
Tags: , , , , , ,
Comments Off

Press Release: SecureVue 3.1

October 6, 2008

Actually, the official title of the release is “eIQnetworks Enhances Enterprise Class Security and Compliance Management Solution.”

It goes into a number of the cool new features in SecureVue 3.1, like:

  • Totally overhauled interface and user experience
  • Integrated workflow management
  • Tighter integration with vulnerability management offerings like Nessus and Qualys
  • Upgraded agent to monitor devices

Plus a bunch more. You can check out the entire release on eIQ’s website.

- Mike

Posted by Mike Rothman
Filed in Product
Tags: ,
Comments Off