Whether your organization is in the public or private sector, compliance with policy and regulatory mandates requires a solid data governance, risk and compliance (GRC) management approach.

• In the public sector, lack of compliance with Office of Management and Budget (OMB) and National Institute for Standards and Technology (NIST) requirements can lead to delays or even reductions in budget allocations.
• In the commercial sector, lack of compliance with Sarbanes-Oxley, the Payment Card Industry Standards (PCI), various State-level disclosure laws (e.g., California SB-1386), the Gramm-Leach Bliley Act, HIPAA, etc., can cause problems ranging from consent decrees and fines, to lawsuits and significant losses of shareholder value.

A key element in common across all of these policies and regulatory requirements is the need for organizations to ensure that controls are operating within predictable boundaries and within acceptable risk and compliance expectations.

NetWitness NextGen approaches the problem of governance, risk and compliance in a different way than most security vendors. While most security vendors strive to implement a specific control set, for example, in accordance with public mandates such as FIPS 200 or OMB M-06-15, or a private sector edicts such as the PCI standard or Sarbanes-Oxley, NetWitness NextGen provides a framework for monitoring all network communications across all application protocols to measure the efficacy of the controls, to monitor the use the controls in an operational context, and report on the enterprise-wide compliance with control objectives for network-based communications.

If your organization desires detailed information regarding the performance of your network-related GRC controls, you need to obtain a deeper look into the actual behavior of all data in motion, reconstructed at the application layer. NetWitness was developed 10 years ago to support the demanding internal control monitoring needs of the U.S. intelligence community. NetWitness NextGen provides a comprehensive distributed network data monitoring framework designed to ensure that the performance of your I/T controls and your information systems security can be measured and monitored completely.

NetWitness Decoder and Concentrator comprise the underpinnings of an enterprise infrastructure providing comprehensive situational awareness and visibility into content and context of all network activity. When combined with power of automated reporting and alerting in Netwitness Informer and the interactive network forensics and analytics in NetWitness Investigator, your organization can acquire the Total Network Knowledge needed to feel confident that your network-based I/T controls are operating at the risk and compliance levels you expect.