Continuous Monitoring

Whether your organization is in the public or private sector, compliance with policy and regulatory mandates requires a solid data governance, risk and compliance (GRC) management approach that is bolstered by continuous monitoring of key security controls.

• In the public sector, lack of compliance with Office of Management and Budget (OMB) and National Institute for Standards and Technology (NIST) requirements can lead to delays or even reductions in budget allocations.
• In the commercial sector, lack of compliance with Sarbanes-Oxley, the Payment Card Industry Standards (PCI), various State-level data breach laws (e.g., California SB-1386), the Gramm-Leach Bliley Act, HIPAA, etc., can cause problems ranging from consent decrees and fines, to lawsuits and significant losses of shareholder value.

A key element in common across all of these policies and regulatory requirements is the need for organizations to continuously monitor that controls are operating within predictable boundaries and within acceptable risk and compliance expectations.

NetWitness approaches the problem of governance, risk and compliance in a different way than most security vendors. While most security vendors strive to implement a specific control set, for example, in accordance with public mandates such as FIPS 200 or OMB M-06-15, or a private sector edicts such as the PCI standard or Sarbanes-Oxley, NetWitness provides a framework for continuously monitoring all network communications across all application protocols to measure the efficacy of the controls, to monitor the use the controls in an operational context, and report on the enterprise-wide compliance with control objectives for network-based communications.

Network Security Monitoring Must EVOLVE and be AGILE

If your organization desires detailed information regarding the ongoing performance of your network-related GRC controls, you need to obtain a pervasive visbility into the actual behavior of all network traffic, reconstructed from the network to the application layer. NetWitness provides a comprehensive approach to network security monitoring designed to ensure that the performance of your I/T controls and your information systems security can be measured and monitored continuously and completely.