- Acronis
- Aruba Networks
- Assuria
- Boldon James
- C2C
- Celestix
- Check Point
- Credant
- Cryptocard
- DESlock
- Exinda
- Extricom WLAN
- ForeScout NAC & IPS
- Imprivata SSO
- InfoGov
- IronKey
- Juniper Networks
- Loglogic
- Lumension
- McAfee
- Mimecast
- Netasq EAL4
- Palo Alto Networks
- Safend
- SecurEnvoy
- Sourcefire
- Stonesoft
- Swivel
- Symantec
- Titus Labs
- Trend Micro
- Vasco
- Verity Systems CESG Degausser
- Wallix
- Watchguard
- 1st Responder Services
- Business Support
- Database Security
- Forensics
- Information Systems Security Assessment
- ISO27001 GAP Analysis
- IT Security Awareness
- IT Security Consultancy
- IT Security Standards Compliance Assessment Service
- Penetration Testing
- Physical Security
- Service Management
- Social Engineering
- Wireless Security
- Web Application Test
Lumension Risk Manager
Provides a comprehensive view across hundreds of global regulations, mandates and internal policies improving the efficiency of controls and reducing risk. Lumension Risk Manager provides flexibility to easily accommodate updates to requirements and enable real-time visibility of a company's current level of compliance.
X VirusnX SpywarenX SpamnX Web/IMnX IPS/Patch Mgmtn5 Data/System Mgmtn
Lumension Risk Manager provides the capabilities to:
- Align business interests (sales and manufacturing processes, etc.) with IT assets (servers, workstations, applications, etc.), compliance regulations and control frameworks
- Define and model unique risk profiles across your IT assets
- Automate the gathering of compliance and IT risk assessment asset data through integration with Lumension and third party tools (i.e. vulnerability scanners, etc.)
- Benchmark risk assessments against IT control frameworks
- Report on risk,, compliance and remediation metrics across an entire regulation or internal mandate
- Prioritize potential risk by correlating IT assets to critical business processes
Key Features of Lumension Risk Manager
- Risk Profiling: These features model the relationship between IT assets and business interests to identify IT-borne business risk.
- IT Asset Catalog with Comprehensive Resource Types: Going beyond just IP-addressable assets, all resource types are included, such as applications, databases, servers, networks, data centers, people and processes.
- Patent-Pending Risk Intelligence Engine: Correlates risk profile information with compliance requirements and automatically identifies mitigating IT controls to address any potential regulatory and IT risk exposure. Controls Framework: Harmonizes controls across different regulations including PCI, SOX, HIPAA, COBIT, NIST and hundreds more.
- Unified Compliance Framework (UCF): Lumension Risk Manager utilizes the industry-vetted and harmonized mapping of unique controls that spans more than 400 global compliance regulations and mandates. Controls Assessment: Automated assessment of technical, physical and procedural controls.
- Streamlined Workflow for Assessing Physical and Procedural Controls: Automated risk assessment workflow provides structure around the process of collecting risk scores and providing evidence for physical and procedural controls.
- Automated Self-Assessment Surveys: Send multiple-choice surveys to system owners to request up-to-date control implementation status for their areas of responsibility. Once approved, survey responses automatically update risk scores.
- Interfaces with Security Point Solutions: Connectors to Lumension security solutions and third party point products such as vulnerability scanners, through the Lumension Connector Development Kit which enables scan and inventory data to be imported from virtually any database system to automatically update risk scores and measure levels of compliance.
- Attachments for Evidence Collection: Provides a convenient way to manage the myriad of evidence artifacts required to demonstrate the validity of self-assessment scores.
- Exception Management: Provides flexibility to mark risk scores as “exempt” for a fixed period of time, with the exception state visible, but not counted in the compliance and IT risk calculations.
- Risk & Compliance Reporting: Generate reports and metrics to satisfy a diverse IT risk and compliance audience.
- Compliance and IT Risk Reporting: Compliance reports demonstrate degrees of compliance as they pertain to regulations or internal policies. IT risk reports catalog security gaps and how they could affect key business interests.
- Operational Security Reporting: Provides detailed security gap and trending information across IT operations.
- Remediation Modeling and Forecasting: Create “what-if” project scenarios to estimate how a project or remediation effort will improve your IT risk and compliance metrics.
- Remediation Tracking: Provides assignment and status tracking of remediation projects with scores automatically updated to reflect improvement in compliance and IT risk metrics.
- E-mail Notifications: Alerts, which are configurable to specific users/groups provide notifications of key conditions and state changes within compliance measurements.
Lumension Product Line Support Offerings
Castleforce also assists in providing the following services for Lumension.
- WebEx demonstration
- Installation and workshop
- Professional consultancy
Compliance Standards
Requirement 10 Track and monitor all access to network resources and cardholder data
GCSX No 13 Protective Monitoring
A-7-1 Responsibility for assets
A.12.1 Security requirements of information systems
A.13.2 Management of information security incidents and improvements
A.15.2 Compliance with security policies and standards, and technical compliance
© Copyright Castleforce 2007-2012. Web design by Theme Group