How Does Tripwire Map to the NIST SI-07 control?
Keeping sensitive data and assets safe is the goal of regulatory cybersecurity frameworks like NIST (National Institute of Standards and Technology). But for government agency security professionals, staying compliant can feel like a Sisyphean task due to the complexity of applying the controls themselves. It’s especially difficult to attempt to apply these controls without the right cybersecurity tools in place.
System Information and Integrity
The NIST 800-53 SI-7 control focuses on system information and integrity. As of 2017’s executive order on cybersecurity states, “Effective immediately, each agency head shall use The Framework for Improving Critical Infrastructure Cybersecurity (the Framework) developed by the National Institute of Standards and Technology, or any successor document, to manage the agency’s cybersecurity risk.” Let’s take a look at the components of the SI-7 control and the ways Tripwire solutions map to each part.
- Perform Integrity Checks as Required
Tripwire directly provides SI-07(1) controls for software and hardware with real-time agent-based file integrity management and critical change control. Tripwire® Enterprise™ uses monitoring rules and hardening policies that cover all aspects of the file system—including services, ports, firmware and command-based configurations to keep your systems secure.
- Automated Notification Upon Discovery of Discrepancy
In support of SI-07(2), Tripwire Enterprise and Tripwire Log Center™ offer a full suite of alerting and actionable event workflows should integrity violations occur.
- Centrally-Managed Integrity Tools
Tripwire Enterprise and Tripwire Log Center support the enforcement of customer-defined requirements for SI-07(3) by providing centrally managed consoles which can be deployed to support on-premise, cloud-based and hybrid infrastructure models.
- Automated Action Upon Discovery of Discrepancy
In support of SI-07(5), Tripwire Enterprise and Tripwire Log Center give you a full suite of alerting and actionable event workflows should integrity violations occur. Actionable workflows can be set to isolate or shut systems (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Henderson. Read the original post at: https://www.tripwire.com/state-of-security/government/tripwire-map-nist-si-07/