BMC and CimTrak

Mitigate Security Threats and Breaches

CimTrak Logo 162x100

The CimTrak Integrity Suite protects critical files, registry, configuration settings, users, policies, network devices and more from changes, whether malicious or accidental, that can take down your IT infrastructure, threaten critical/sensitive data, or cause non-compliance with regulations such as PCI, HIPAA, GDPR and many more.

CimTrak eliminates the overwhelming change noise to pinpoint unwanted, unauthorized, and unexpected activity in real-time to create and establish a trusted and resilient infrastructure. CimTrak enables change reconciliation by providing a side-by-side comparison highlighting real-time changes or change over time. If those changes are unwanted, CimTrak can roll-back and restore files and directories back to their approved state manually or automatically. Furthermore, CimTrak has the functionality that can prevent changes entirely for those files and directories that should never change.

BMC and Cimcor have teamed together to create a best practices approach for Closed-Loop Change Control. CimTrak's value add is augmenting BMC's Change Management and Security processes with the ability to validate and verify that only expected and authorized changes are happening inside and outside the change management windows.

CimTrak’s integration with Helix ITSM enables customers to identify unknown, unwanted, and unauthorized changes in real-time by capturing the approved and authorized change request in ITSM and reconciling the observed changes in CimTrak. The result of this process enabled the customer to identify and highlights when someone was circumventing a process, or a malicious activity was developing. This closed-loop change control value proposition is further extended by CimTrak by providing roll-back and remediation capabilities as well as change prevention.

The results from this combined integration provide measurable benefits to both a customer’s operations and security teams. Operationally, only planned releases that have been approved, tested, and scheduled are allowed to make changes in the environment which highlights circumvented processes. The security impact of this controlled process is that all malicious changes are immediately exposed for removal and remediation. The combined results drive higher operational availability while mitigating the risk of security threats and breaches.

Benefits of CimTrak and BMC

Continuously detecting deviations from a “correct state” provides unprecedented value for both Security and IT Operations.

Identification and Detecting Security Breaches - If you control change, you control security.
Next-Generation File Integrity Monitoring – Control and validate the integrity of OS and applications by detecting current file state against a known and trusted baseline or benchmark(s).
Trusted and Certified Benchmarks - CimTrak provides detailed alerts, reports and controls for both CIS (Center for Internet Security) and DISA STIGs
“Change Noise” Suppression – Only alert on unwanted, unauthorized and unexpected activity.
Change Reconciliation – Highlight and expose authorized changes vs observed changes.
Change Prevention - Prevent changes entirely for those files and directories that should never change.
Roll-Back and Remediation – Mean-Time-To-Restore (MTTR) to a correct and operational state is measured in seconds.
Compliance - Continuous and corrective guidance to ensure and attest that systems/devices remain in a state of compliance regardless of the regulatory mandate.
Compliance Workflow – Integrated ticketing system to manage compliance drift and remediation steps upon fails compliance tests.
Vulnerability Threat Management - Analyze and evaluate real-time security decisions and vulnerability posture with STIX/TAXII Feeds.

The CimTrak Integrity Suite is a bi-directional ticket/incident synchronization through the use of an intermediary service (The CimTrak Ticket Syncer) that communicates between CimTrak and BMC Helix ITSM with the AR System REST API.

Tech Specs

The CimTrak Integrity Suite offers bi-directional ticket/incident synchronization through the use of an intermediary service (The CimTrak Ticket Syncer) that communicates between CimTrak and BMC Helix ITSM with the AR System REST API. Through the use of CimTrak with the Ticket Syncer, tickets/incidents created, modified, resolved or closed in either environment are synchronized in both environments.

Learn More

Synchronization

Synchronization is achieved by polling both CimTrak and ITSM for changes in tickets since the last time polling occurred and creating/updating tickets of the out of date system. Configuration Items can be attached to the external ticket, the configuration item label/name (plus an optional prefix and suffix) will be matched to the agent name for a task in a CimTrak ticket.

Learn More