Based on the Trust Service Criteria(TSC), SOC 2 compliance classifies the TSC into the five categories of security, availability, processing, integrity, confidentiality, and privacy.
SOC Type 2 reports provide detailed information and assurance about controls os systems when processing user data, including the confidentiality and privacy of information processed by those systems.
CimTrak's mean-time-to-detect(MTTD) malicious and unwanted change is measured in minutes as opposed to the industry average of 206 days.
CimTrak provides detailed alerts, reports, and controls to common criteria sections including:
CC2 - Communication and Information
CC3 - Risk Assessment
CC4 - Monitoring Activities
CC5 - Control Activities
CC6 - Logical and Physical Access Controls
CC7 - System Operations
CC8 - Change Management
Additional Criteria for Availability
Additional Criteria for Processing Integrity
Additional Criteria for Privacy
Instant notification and in-depth insight into all changes. Complete coverage for your environment.
Monitor critical configurations to ensure a compliant state.
Monitor your environment. Don’t let unauthorized access occur with your routers, firewalls, and network devices.
SYSTEM HARDENING - FILE INTEGRITY MONITORING - WHITELISTING - CHANGE MANAGEMENT - COMPLIANCE VERIFICATION & WORKFLOW - PROCESS AUTOMATION- DATA FORENSICS & AUDITING - THREAT INTELLIGENCE FEED - CHANGE PREVENTION
CimTrak provides the forensic analysis of outages and security incidents in real-time. Forensic details include what
files were added/modified/deleted, source IP address, the user who made the change, time of change, and process involved.
CimTrak provides the forensic analysis of outages and interruptions as soon as it occurs with proprietary
technology providing the ability to monitor in true real-time.
CimTrak has a unique functionality where it can manually or automatically roll-back and restore files that drift from a knows and expected state. This is particularly important with system attributes and configuration settings that should NEVER change. This feature positively impacts mean-time-to-repair/restore/recover (MTTR) to prevent both security incidents and operational failures.
Given CimTrak’s patented real-time change detection capability, immediate notification and remediation options are available to ensure that any potential threat, both internal and external, does not permeate throughout the organizations. CimTrak’s mean time to detect (MTTD) malicious and unwanted changes is measured in minutes as opposed to the industry average of 195 days.
CimTrak’s ticketing functionality integrates with ITSM technologies creating a closed-loop environment of change management to reconcile expected and approved changes.
This approach drastically reduces the "noise" problem when authorized/expected changes (i.e. patches) are logged and
achieved leaving only those alerts that highlight unknown, unauthorized and potentially malicious changes or activity.
When CimTrak detects changes, CimTrak's Trusted File Registry (TFR) which is a database repository of known and
trusted files as determined by the software vendors themselves, validates and verifies the trust and integrity of individual files. The TFR database has several billion
cryptographic hashes of trusted files including source and meta-level information associated with each file.
