SYSTEM HARDENING - FILE INTEGRITY MONITORING - WHITELISTING - CHANGE MANAGEMENT - COMPLIANCE VERIFICATION & WORKFLOW - PROCESS AUTOMATION- DATA FORENSICS & AUDITING - THREAT INTELLIGENCE FEED - CHANGE PREVENTION
CimTrak provides the forensic analysis of outages and security incidents in real-time. Forensic details include what
files were added/modified/deleted, source IP address, the user who made the change, time of change, and process involved.
CimTrak provides the forensic analysis of outages and interruptions as soon as it occurs with proprietary
technology providing the ability to monitor in true real-time.
CimTrak has a unique functionality where it can manually or automatically roll-back and restore files that drift from a knows and expected state. This is particularly important with system attributes and configuration settings that should NEVER change. This feature positively impacts mean-time-to-repair/restore/recover (MTTR) to prevent both security incidents and operational failures.
Given CimTrak’s patented real-time change detection capability, immediate notification and remediation options are available to ensure that any potential threat, both internal and external, does not permeate throughout the organizations. CimTrak’s mean time to detect (MTTD) malicious and unwanted changes is measured in minutes as opposed to the industry average of 195 days.
CimTrak’s ticketing functionality integrates with ITSM technologies creating a closed-loop environment of change management to reconcile expected and approved changes.
This approach drastically reduces the "noise" problem when authorized/expected changes (i.e. patches) are logged and
achieved leaving only those alerts that highlight unknown, unauthorized and potentially malicious changes or activity.
When CimTrak detects changes, CimTrak's Trusted File Registry (TFR) which is a database repository of known and
trusted files as determined by the software vendors themselves, validates and verifies the trust and integrity of individual files. The TFR database has several billion
cryptographic hashes of trusted files including source and meta-level information associated with each file.