Change is constant and continuous... even for your critical operating systems. In fact, many of those changes are expected and advantageous, such as patches and updates. However, from a security and auditing perspective, changes... even good changes, create noise and can become a nightmare to manage.
Detect change to the attributes of any member entity or configuration
Reconcile changes that were the result of patches and updates
Eliminate false positives
The CimTrak Trusted File Registry™ is a cloud-based service that integrates seamlessly into the CimTrak Integrity Suite to provide security professionals with the ability to automatically reconcile changes that were the result of patches and updates. By suppressing change noise resulting from trusted and valid changes, organizations can highlight the unknown and unwanted changes that matter.
The CimTrak Trusted File Registry™ eliminates false-positive issues by automatically identifying vendor-verified patches and updated files and then promotes them to the organization's new and trusted baseline.
Patches and updates, which are identified via integration with the CimTrak Trusted File Registry™, can be automatically documented and associated with authorized and approved tickets. Those tickets can be managed in CimTrak's own ticketing system, or through official integrations with Atlassian Jira, BMC Remedy, ServiceNow, and CA ServiceDesk. This will provide organizations with documentation and a simple audio trail of the OS patches and updates that were applied to systems enterprise-wide.
Reducing good and expected change noise allows organizations to detect breaches and malicious activity more efficiently. This approach eliminates false positives and highlights everything that is either malicious or the result of circumvented processes... the things that really matter.