DATA SHEET VANGUARD CONFIGURATION MANAGER TM KEY FEATURES: VANGUARD TAKES THE TARGET OFF YOUR

Similar documents
VANGUARD INTEGRITY PROFESSIONALS Page 1

DATA SHEET. ez/piv CARD KEY FEATURES:

PROFESSIONAL SERVICES (Solution Brief)

VANGUARD POLICY MANAGERTM

POLICY MANAGER VANGUARD POLICY MANAGER (AUDIT/COMPLIANCE)

Analyzer runs thousands of integrity checks for both RACF and z/os Security Server.

VANGUARD WHITE PAPER VANGUARD INSURANCE INDUSTRY WHITEPAPER

WHITE PAPERS. INSURANCE INDUSTRY (White Paper)

SOLUTIONS BRIEFS. ADMINISTRATION (Solutions Brief) KEY SERVICES:

VANGUARD Policy Manager TM

VANGUARD WHITE PAPER VANGUARD GOVERNMENT INDUSTRY WHITEPAPER

DATA SHEET. VANGUARD ez/tokentm KEY FEATURES:

Insurance Industry - PCI DSS

DATA SHEET VANGUARD AUTHENTICATORTM KEY FEATURES:

NOTE: This process is not to be used for Grouping/ Member Classes. Those will be covered in another White Paper.

Removing ID. The Solution: The Issue: The Problem:

NIST Standards and a VCM Implementation

Is Your z/os System Secure?

VANGUARD Compliance Manager VANGUARD Policy Manager VANGUARD Security Manager VANGUARD Enforcer

Are Your Auditors and NIST Security Configuration Controls Driving You Crazy? Configuration Manager Implementation

Performing a z/os Vulnerability Assessment. Part 2 - Data Analysis. Presented by Vanguard Integrity Professionals

Achieving Java Application Security With Parasoft Jtest

How Vanguard Solves. Your PCI DSS Challenges. Title. Sub-title. Peter Roberts Sr. Consultant 5/27/2016 1

ISACA Arizona May 2016 Chapter Meeting

Data Sheet The PCI DSS

MIS Week 9 Host Hardening

Background FAST FACTS

Cyber Risks in the Boardroom Conference

Ο ρόλος της τεχνολογίας στο ταξίδι της συμμόρφωσης με τον Γενικό Κανονισμό. Αντιγόνη Παπανικολάου & Νίκος Αναστόπουλος

locuz.com SOC Services

Eleven Steps to Make Mainframe Security Audits More Effective and Efficient

Tripwire State of Cyber Hygiene Report

Introducing Cyber Observer

Automated Firewall Change Management Securing change management workflow to ensure continuous compliance and reduce risk

Automating the Top 20 CIS Critical Security Controls

Total Protection for Compliance: Unified IT Policy Auditing

A New Cyber Defense Management Regulation. Ophir Zilbiger, CRISC, CISSP SECOZ CEO

Developing Legacy Platform Security. Philip Young, Information Security Specialist, Visa, Inc. Professional Techniques T21

McAfee Database Security

Skybox Security Vulnerability Management Survey 2012

What is PCI/DSS and What s new Presented by Brian Marshall Vanguard Professional Services

SAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts

Cyber Attacks & Breaches It s not if, it s When

SOLUTION BRIEF Virtual CISO

Introduction to AWS GoldBase

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

INFORMATION ASSURANCE DIRECTORATE

Meeting RMF Requirements around Compliance Monitoring

Cyber Risks, Coverage, and the Board of Directors.

Best Practices for PCI DSS Version 3.2 Network Security Compliance

Fidelis Overview. 15 August 2016 ISC2 Cyber Defense Forum

Simplify PCI Compliance

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

INFORMATION ASSURANCE DIRECTORATE

Information Security Risk Strategies. By

Gujarat Forensic Sciences University

Maximizing IT Security with Configuration Management WHITE PAPER

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

Global Security Consulting Services, compliancy and risk asessment services

Department of Management Services REQUEST FOR INFORMATION

Establishing a Credible Cybersecurity Program. September 2016

Choosing the level that works for you!

90% of data breaches are caused by software vulnerabilities.

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

Risk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23

The HITRUST CSF. A Revolutionary Way to Protect Electronic Health Information

IBM BigFix Compliance PCI Add-on Version 9.5. Payment Card Industry Data Security Standard (PCI DSS) User's Guide IBM

The Importance of Cybersecurity Threat Detection for Utilities

The Center for Internet Security

Securing Your Digital Transformation

Streamlined FISMA Compliance For Hosted Information Systems

REGULATORY COMPLIANCE REGULATORY COMPLIANCE SERVICES. Dynamic Solutions. Superior Results.

Reinvent Your 2013 Security Management Strategy

to Enhance Your Cyber Security Needs

Ten Innovative Financial Services Applications Powered by Data Virtualization

Tripwire State of Container Security Report

COBIT 5 With COSO 2013

Art of Performing Risk Assessments

RSA Solution Brief. The RSA Solution for Cloud Security and Compliance

Canada Life Cyber Security Statement 2018

Ensuring System Protection throughout the Operational Lifecycle

Simplifying Security for IBM i and IBM Security QRadar

Checklist for Applying ISO 27000, PCI DSS v2 & NIST to Address HIPAA & HITECH Mandates. Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP)

IT-CNP, Inc. Capability Statement

Master the implementation and management of a Cybersecurity Program based on ISO/IEC 27032

Security for NG9-1-1 SYSTEMS

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

Performing a z/os Vulnerability Assessment. Part 1 - Data Collection. Presented by Vanguard Integrity Professionals

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

COMPLIANCE SCOPING GUIDE

HITRUST ON THE CLOUD. Navigating Healthcare Compliance

INFORMATION ASSURANCE DIRECTORATE

USING QUALYSGUARD TO MEET SOX COMPLIANCE & IT CONTROL OBJECTIVES

Compliance with CloudCheckr

An Oracle White Paper April Oracle Technology for Government Cybersecurity

Incident Response Table Tops

Taking a Business Risk Portfolio (BRP) Approach to Information Security

Securing Your Most Sensitive Data

Cybersecurity & Privacy Enhancements

Big Brother is Watching Your Big Data: z/os Actions Buried in the FISMA Security Regulation

Transcription:

TM Vanguard automates review of current z/os Security Server configurations against prevailing standards to include DISA STIG, NIST, and DB2 hardening standards and Vanguard Best Practices dramatically reducing personnel cost and time to verify compliance. KEY FEATURES: Vanguard is designed to provide the fastest, most cost-effective and accurate method to verify that security configuration controls are in accordance with published prevailing standards for z/os systems. allows organizations to easily move to continuous monitoring from periodic compliance reporting. VANGUARD TAKES THE TARGET OFF YOUR BACK If you look at any best practice guidance, regulation or standard around effective IT security today, you ll quickly recognize that it advises organizations to ensure their computing systems are configured as securely as possible and monitored continuously for changes. Today, the Security Technical Implementation Guides (STIGs) from the Defense Information Systems Agency (DISA) are the gold standard given their exacting dictates for configuration and monitoring, which prevent cyberattacks for both governments and commercial organizations. To put things in perspective, following the guidelines laid out in the STIG is essential in eliminating the easy vectors hackers often use to launch attacks. One such breach at MBIA, the nation s largest bond insurer, was perpetrated due to system misconfiguration. Page 1

AUTOMATE YOUR DISA STIG ASSESSMENTS AND DRAMATICALLY REDUCE COSTS AND TIME TO VERIFY COMPLIANCE was designed to provide the fastest, most cost-effective and accurate method to verify that security configuration controls are in accordance with the DISA STIG for z/os systems. Vanguard s team of United States-based, z/os mainframe security experts analyzed all of the DISA STIG z/os and RACF checks to determine how best to interpret them, test configuration controls for compliance and report findings. This comprehensive intelligence was built into along with efficient automation capabilities. The result is that organizations using can perform System z checks and report findings in a fraction of the time of standard methods. Configuration Manager also allows organizations to easily move to continuous monitoring from periodic compliance reporting. ACTUALLY IMPROVE ON THE DISA STIG TEST PROCESSES WITH CONFIGURATION MANAGER Verifying that mainframe systems are in accordance with the DISA STIGs can require that more than 300 checks be performed, depending on specific configurations. For each check, from one to hundreds of thousands of control points must be tested. It can be extremely costly and time consuming to use the standard DISA STIG Checklist process to verify that z/os systems are configured correctly, even for smaller installations. Organizations that try this method to comply face the following challenges: Configuration checks take too long or are impossible to complete. Team morale is negatively impacted by the added workload. Multiple findings for the same checks are common. Ambiguous checks can put teams at risk if interpreted incorrectly. DISA STIGS are updated every three months. With CONFIGURATION MANAGER however, organizations can perform tests and report findings in a few hours each quarter, instead of the hundreds, or thousands, of hours required when using the standard z/os DISA STIG Checklist process. Once has identified findings, they can be remediated, as required, to improve an organization s overall z/os security baseline and increase security levels. Page 2

: TECHNICAL FEATURES Creates summary and detailed reports To provide the proper information required. Executes in both batch and online environments. Supports parallel collection and execution of checks to enable reporting to be completed quickly. Architected to prevent failure of one check from affecting reporting on another check. Consistent look and feel across all DISA STIG categories. Users do not need to be an expert on the DISA STIG to complete checks and report on compliance. Vanguard always supports the latest DISA STIG versions, including versions for the past two years. Page 3

KEY DIFFERENTIATIORS A) Organizations can perform tests and report findings in a few hours each quarter instead of the hundreds or thousands of hours required when using published standards. B) Creates summary and detailed reports to provide the proper documentation required. C) The ability to compare multiple occurrences of the reported results for historical reporting. D) Users do not need to be an expert on the published standards to complete checks and report on compliance. E) Supports implementing the z/os Security Server and RACF configuration checklist from the National Checklist Program (NCP) of the National Institute of Standards and Technology (NIST) and the Department of Homeland Security (DHS). F) Automates more than 300 z/os Security Server checks and produces accurate compliance reports in minutes. G) Provides update for all DISA levels and checks within 30 days of posting. H) Delivers the ability to match wildcard resources to profiles. WHY VANGUARD CONFIGURATION MANAGER? has a built in DB2 Compliance module Vanguard built into VCM a set of DB2 checks based on their best practices and posted to the NIST NCP site as the set of standards for auditing DB2 security for RACF. These checks are automated in VCM and can be easily executed in a continuous monitoring methodology that ensures that any deviations from the standards are captured and reported. has a built-in Best Practices Compliance module Vanguard built into VCM a set a comprehensive set of Best Practice checks based on their Professional Services Auditing requirements. These checks are automated in VCM and will significantly reduce the amount of time it takes for Vanguard Professional Services to complete a comprehensive audit on a given target mainframe system. Please contact Vanguard Professional Services on how to enable this functionality. has a built in comprehensive PCI Audit Solution Vanguard has automated a number of PCI checks and walks the end user through an entire set of PCI checks for the mainframe. Please contact Vanguard Professional Services on how to enable this functionality. Page 4

FOR MORE INFORMATION To learn more about Vanguard Security Solutions, please contact Vanguard Integrity Professionals at (702) 794.0014 or visit www.go2vanguard.com ABOUT VANGUARD SECURITY SOLUTIONS Vanguard offers one of the most advanced and integrated portfolios of enterprise security products and services in the world. The portfolio was the first to offer a fully automated baseline configuration scanner for mainframe DISA STIGs. The World s largest Financial, Insurance, Government Agencies and Retailers entrust their Security to Vanguard Integrity Professionals. Corporate Headquarters Vanguard Integrity Professionals 6625 S. Eastern Avenue Suite 100 Las Vegas, NV 89119-3930 Telephone: 702.794.0014 Fax: 702.794.0023 Page 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback