Analytics

4/9/2013
03:45 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

NetIQ Bolsters Actionable Security Intelligence With NetIQ Change Guardian 4.0

Provides real-time detection and response to unauthorized access and changes to critical files, systems, and applications

HOUSTON – April 9, 2013 – Organizations today face an ever-increasing number of security threats from internal privileged users and external attackers, including APTs. SIEMs are only part of the solution available to Security teams that require true actionable intelligence – the right information at the right time to the right stakeholder – to help identify and mitigate security threats and protect corporate assets.

NetIQ® today announced that Change Guardian&trade 4.0 now detects and responds to potential threats in real time through intelligent alerting of unauthorized access and changes to critical files, systems, and applications.

Most organizations employ SIEM technology as a critical piece of the security infrastructure. However, SIEM alone is no longer enough to achieve sufficient layers of data protection and risk mitigation. Change Guardian complements and extends SIEM by delivering the deeper actionable intelligence on changes to systems and actions of privileged users to more quickly identify and remediate attacks before considerable damage is done.

Providing security teams with details to identify threats and record change – specifics such as who performed the action, what action was performed, when the action was taken, and where the action was taken – and information as to whether or not actions are authorized, Change Guardian 4.0 closes the gap for all SIEM solutions with:

· Rich "before and after" detail for changes to critical files and settings to enable IT to act quickly with minimal expertise.

· Policy-based monitoring that provides the ability to simply specify monitoring policies required for various regulations, mandates, best practices or internal policies.

· Additional platform support for UNIX and Linux to complement existing Windows and Active Directory capabilities.

"Unauthorized change and user activity are a leading cause of security breaches and early indicators of a targeted attack," said Geoff Webb, director, Solution Strategy at NetIQ. "Security teams need actionable information that can extend their ability to manage risk and avoid business disruptions. Our expectations are that as organizations increasingly adopt BYOD, Mobility and Cloud, they will face even greater risks and demands, making solutions like Change Guardian a fundamental requirement to simplify and centralize response."

Availability and Pricing

Change Guardian 4.0 is generally available today worldwide and offered on a subscription basis or perpetual license. For more information please visit www.netiq.com/products/change-guardian/.

About NetIQ

NetIQ is a global, enterprise software company with a relentless focus on customer success. Our portfolio includes scalable, automated solutions for Identity, Security, Access, Governance, Systems and Application, Service, and Workload Management that help organizations securely deliver, measure and manage computing services across physical, virtual and cloud computing environments. For more information, contact us.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Microsoft President: Governments Must Cooperate on Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/8/2018
Why the CISSP Remains Relevant to Cybersecurity After 28 Years
Steven Paul Romero, SANS Instructor and Sr. SCADA Network Engineer, Chevron,  11/6/2018
5 Reasons Why Threat Intelligence Doesn't Work
Jonathan Zhang, CEO/Founder of WhoisXML API and TIP,  11/7/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19220
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to execute arbitrary PHP code via the host parameter to the install/ URI.
CVE-2018-19221
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. It allows SQL Injection via the admin/login.php guanliyuan parameter.
CVE-2018-19222
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. It allows a /install/mysql_hy.php?riqi=0&i=0 attack to reset the admin password, even if install.txt exists.
CVE-2018-19223
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. It allows XSS via the first input field to the admin/type.php?id=1 URI.
CVE-2018-19224
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. /admin/login.php allows spoofing of the id and guanliyuan cookies.