Triumfant
 
  Home
|
 Products
|
|
|
|
|
|
Company
  
   
 
Triumfant navigation bar
Products
Triumfant Overview
Triumfant Compliance Manager
- Benefits
- Features
- How it Works
Security Manager
- Benefits
- Features
Resolution Manager
- Benefits
- Features
- How it Works
  Triumfant Compliance  
ENFORCE YOUR POLICIES - AUTOMATICALLY

Compliance Manager can dramatically reduce the time and cost necessary to achieve compliance with a variety of regulations—including Sarbanes-Oxley, PCI DSS, FISMA, FDCC, HIPAA and custom IT policies—while making the organization more secure in the process. Preconfigured policies allow rapid adoption of standards across the entire organization. Built-in remediation capabilities automatically enforce policies. And comprehensive reporting at various levels of detail creates evidence of compliance to minimize the effort required to satisfy a security audit and facilitate management on an ongoing basis.

MAINTAIN COMPLIANCE

Maintaining compliance today requires significant oversight, intervention, planned outages and manual remediation. Organizations typically find themselves in a never-ending game of compliance catch up. Triumfant Compliance Manager is the only stand-alone solution that actively manages compliance so you can maintain a perpetual state of compliance and audit readiness. In addition, Compliance Manager verifies and enforces security policies on every computer, every day to minimize the risk of breach and liability.

THINKING ABOUT COMPLIANCE FOR YOU

Powered by the Triumfant IT Intelligence™ platform, Triumfant Compliance Manager actually thinks about compliance for you. Compliance Manager collects over 200,000 attributes from every machine every day, detects changes, diagnoses which changes can cause you to fall out of compliance, restores compliance automatically and provides you with a verification report before you even know you were at risk.

Get out of the compliance catch-up game with Triumfant Compliance Manager.

Call your Triumfant sales executive today to learn more: 800-267-2190.

PUT COMPLIANCE MANAGER TO THE TEST : SCHEDULE A PILOT:

Register and receive access to our hosted Compliance Manager solution today. It’s free!

top

Benefits

  • Enforce any Security Checklist - Validate and enforce of any security checklist with out-of-the-box support for many of the more popular checklists such as NIST 800-68, PCI DSS, FDCC, and CIS:
    • Payment Card Industry Data Security Standard (PCI DSS)
    • Federal Information Security Management Act (FISMA)
    • Federal Desktop Core Configuration (FDCC)
    • Security Content Automation Protocol (SCAP)
    • Health Insurance Portability and Accountability Act (HIPAA)
    • Sarbanes-Oxley (SOX)
  • Continued and automatic adherence - Automatically detect and resolve changes that impact compliance, whether inadvertent or malicious.
    Example: Did a user disable his personal firewall? (PCI 1.3.9) Compliance Manager will automatically enable it again.
  • Increased reporting scope - Visibility across the entire environment guarantees that compliance controls are tested beyond a sample and potentially non-representative grouping.
  • Simplified compliance baselines - Pre-installed policies allow rapid adoption of the standard across the entire environment.
  • Monitoring of control effectiveness - Ensure successful and continual operation of other controls, such as anti-virus and patch management; detect exceptions, suggest remediation, automatically correct or revert to baseline settings.
  • Control extension - What happens if the anti-virus agent does not have a signature for a new form of attack? Gain adaptive zero-day response capabilities for worms and other malware to support existing malware handling tools.
  • Document operational processes - Provide persistent auditable evidence of the success of security operations tasks, such as testing, change control, patch management and more.

top

Features

  • Pre-defined templates - Out-of-the-box policy templates define some of the most popular security checklists.  As new templates are created by Triumfant, they will be automatically distributed to Compliance Manager customers via MetaPacks. In addition, a policy template authoring environment enables customers to develop their own policy templates or to adapt existing policy templates.
  • Exception Reporting - Receive daily reports of machines falling or expected to fall out of compliance in your environment.
  • Compliance Management Reporting - View compliance status by device, requirement or rule, at varying detail levels.
  • ‘One-touch’ audit - Produce supporting audit evidence for the entire installed base at the click of a button.
  • Automated resolution - Maintain systems at a compliant status without the need for manual intervention.
  • Audit Trails - Gain in-depth visibility of changes occurring over time and their impact on compliance status and system functionality.
  • Compliance Reporting - Audit-grade tailored reporting provides supporting evidence necessary as part of the audit process.
  • Automated change analysis - Compliance Manager provides a highly effective control for monitoring unplanned changes, providing the auditor with evidence necessary to judge the effectiveness of the change management program.
  • Automated log analysis - Compliance Manager analyzes a variety of logs and can be configured to capture and report on events such as failed logon attempts and unauthorized access to sensitive objects.
  • Automated file integrity analysis - Automatically analyzes the integrity of all files every day and detects unauthorized modification of file contents.
  • SCAP support - Triumfant Compliance Manager supports Security Content Automation Protocol (SCAP) to enable automated vulnerability management, measurement, and policy compliance evaluation. Compliance Manager provides the following SCAP features:
  • Use of Common Vulnerability Enumeration (CVE) format and identifiers to describe detected security vulnerabilities and exposures
  • Use of Common Configuration Enumeration (CCE) format and identifiers to describe system configuration issues
  • Use of Common Platform Enumeration (CCE) format to identify IT platforms
  • The ability to display Common Vulnerability Scoring System (CVSS) base scores and vector strings for detected security vulnerabilities
  • The ability to import, install, and execute security checklists expressed in eXtensible Configuration Checklist Document Format (XCCDF)
  • The ability to import definitions of configuration items expressed in Open Vulnerability Assessment Language (OVAL)and to retrieve and analyze detailed machine states corresponding to OVAL objects
  • The ability to generate machine readable and human readable reports that document the results of an SCAP security checklist

Triumfant is currently working toward achieving SCAP validation in accordance with requirements defined by “Security Content Automation Protocol (SCAP) Validation Program Test Requirements Version 1.0 (DRAFT)” released in December of 2007 by the National Institute of Standards and Technology (NIST).

top

How it Works

Triumfant Compliance Manager puts you in control. The days of responding to real-time alerts of machines falling out of compliance are gone. Now you can receive a daily remediation report of machines that fell out of compliance and were corrected with Triumfant Compliance Manager’s powerful scanning, prediction, and resolution engine.

Designed with compliance and enterprise security managers in mind, Compliance Manager automatically opens tickets in your change control system, addresses the issues, and closes them. And Compliance Manager is robust enough to reliably keep your systems in a functional state throughout this process. With audit-grade reporting, the audit process becomes smoother and easier, with various compliance reports available at the ‘touch of a button’.

Triumfant Compliance Manager consists of:

Automated Resolution Agent - Based on the Triumfant IT Intelligence™ platform, Compliance Manager executes an agent-based Automated Resolution Management process that consists of a proprietary five-step process: Data Collection, Detection, Diagnosis, Remediation and Verification.

Point of Sale (POS) Systems Module - Maintaining compliance of highly vulnerable POS systems is becoming a focal point of compliance. Compliance Manager continually enforces compliance and security on POS systems, including wireless terminals, and it can do so seamlessly without constant intervention by store operations.

Policy Library Module - Pre-defined security and compliance templates address requirements of all major recognized sources including PCI, CIS, CERT, NIST and others. This truly plug-and-play system eliminates the time consuming task of developing accurate templates.

Connect to Change-Control/Problem Ticket Management System - Compliance Manager plugs into your existing change management system, opens its own tickets and handles and closes them all without human intervention. Not only do you get automated resolution but also an auditable trail of related changes.

Reporting Module - Suitable for proof of compliance with auditors, Compliance Manager’s reports are designed to provide sufficient evidence of controls, satisfying the most stringent audit procedures while saving you time and money.

top
Triumfant
View the Demo
Triumfant
Try it Now
Triumfant
Schedule a Pilot
   
Triumfant
Triumfant
© 2008 Triumfant, Inc. | Website by Ashley Cyber Services, LLC
Resource Library | Site Map | Privacy Policy | Contact Us