Mitigate Security Threats and Breaches
The CimTrak Integrity Suite protects critical files, registry, configuration settings, users, policies, network devices and more from changes, whether malicious or accidental, that can take down your IT infrastructure, threaten critical/sensitive data, or cause non-compliance with regulations such as PCI, HIPAA, GDPR and many more.
CimTrak eliminates the overwhelming change noise to pinpoint unwanted, unauthorized, and unexpected activity in real-time to create and establish a trusted and resilient infrastructure. CimTrak enables change reconciliation by providing a side-by-side comparison highlighting real-time changes or change over time. If those changes are unwanted, CimTrak can roll-back and restore files and directories back to their approved state manually or automatically. Furthermore, CimTrak has the functionality that can prevent changes entirely for those files and directories that should never change.
BMC and Cimcor have teamed together to create a best practices approach for Closed-Loop Change Control. CimTrak's value add is augmenting BMC's Change Management and Security processes with the ability to validate and verify that only expected and authorized changes are happening inside and outside the change management windows.
CimTrak’s integration with Helix ITSM enables customers to identify unknown, unwanted, and unauthorized changes in real-time by capturing the approved and authorized change request in ITSM and reconciling the observed changes in CimTrak. The result of this process enabled the customer to identify and highlights when someone was circumventing a process, or a malicious activity was developing. This closed-loop change control value proposition is further extended by CimTrak by providing roll-back and remediation capabilities as well as change prevention.
The results from this combined integration provide measurable benefits to both a customer’s operations and security teams. Operationally, only planned releases that have been approved, tested, and scheduled are allowed to make changes in the environment which highlights circumvented processes. The security impact of this controlled process is that all malicious changes are immediately exposed for removal and remediation. The combined results drive higher operational availability while mitigating the risk of security threats and breaches.