302, 404 -- The ability to reconstruct what actually happened to specific data, including time sequences for processing and related activities.

NitroGuard Database Activity Manager (DBM) provides protected audit trails of all database activity, including that of privileged users. NitroView ESM performs data analytics for database activity (as detected by NitroGuard DBM), as well as user and system activity seen elsewhere in network, server logs, and other events.

304, 306, 308 -- Monitor login failures to financial data-sources, and monitor activity by user when logins are successful, provide reports of account activity including new and disabled accounts.

NitroGuard DBM monitors these critical data-sources directly either via an agent or network-based appliance. All user activity, account creation, authentication, and database activity performed on the database is logged for reporting and auditing purposes, an events are generated for further correlation and analysis. of this activity.

NitroView ESM provides the ability to correlate all database activity events, network activity events, and security events--providing reports for Admin Access to Financial Systems, Login Failures, and related activity both before Login (network activity) ad after login (database activity).

404, 409 -- Create and monitor controls of systems that can impact the ability to faithfully report financial status.

NitroView provides extensive attack alert and audit trail storage. Can be used to cross-reference observed behavior during forensic analysis. Combined with NitroGuard DBM database activity monitoring, NitroView is able to monitor both the network and the database itself, clearly indicating when financial systems are compromised, as well as who compromised the system, when, and in many cases how.

404, 409, 802 -- Continuous monitoring of database activity, especially high risk activities including privileged user behavior, direct access to sensitive data stores, user privilege escalation, failed login and failed database operations.

NitroGuard DBM provides database access monitoring--either host-based on as a non-intrusive network appliance. NitroGuard DBM includes secure "audit the auditor" capabilities to ensure accurate detection and logging of privileged user behavior, account changes, schema changes, database table access, etc.

NitroView ESM performs real-time monitoring, logging, and auditing of user activity., based upon NitroGuard DBM events as well as additional data collected from security devices, logs, and the network itself. Using Policy based access, the data collected in the NitroView system is not accessible to the users being monitored and therefore provides a clear demarcation to sensitive data.

409 -- Reporting.

NitroSecurity supports the creation of reports across a wide range of Sox requirements, including those items highlighted here, and any other requirement involving network activity, information access, database activity, user activity, etc.

ISO 17799, Section A.9 -- Monitor and report on foreign domain activity and password events (i.e., activity across the trusted network perimeter)

NitroView Enterprise Security Manager (ESM) provides correlation and reporting of foreign domain activity (from firewalls, IPS, network activity, and server logs) and password events (from server logs).

NitroGuard Database Activity Manager (DBM) provides core password event monitoring, at the database itself. This data may be used alone, or with NitroView ESM for correlation and analysis.

ISO 17799, Section A.10 -- Control of operational software, system test data, etc.

NitroGuard DBM provides continuous monitoring of critical system files, database tables, and software to ensure their integrity. The DBM is able to track user & administrator sessions, detect out-of-process database changes, policy violations & anomalies, and ensure that required operational processes are running. Detects & alerts when a process is stopped, and even restart it automatically Additionally, a framework is provided for executing scripts on target servers for assessing, reporting and enforcing corporate policies.

NitroView ESM provides analysis an correlation, and reporting of these events, which may be sourced from NitroGuard DBM and/or from object-level auditing on the operational software itself.

ISO 17799, Section A.12 -- Control of Financial data and Human Resources data. Provide control of system audit data and collected data, including control of source code to prevent control bypass.

NitroGuard DBM provides core control over database processes, operation, access and data, as discussed above, with further analysis being provided by NitroView ESM to provide context around events -- such as: the attack vector of the unauthorized access to Financial or HR data; related security violations; and other patterns useful for forensic security operations.

NitroView LogCaster provides proper encryption and storage of this audit data, providing the necessary control of collected evidence.

NitroView ESM's integration with popular authentication systems helps ease the complexity associated with appropriately tracking and accounting for user authentication across the system. This includes the correlation of event, flow and log information to database activity events created by NitroGuard DBM, perimeter security events created by NitroGuard IPS, and internal system-, host- and network- activity collected from routers, switches, and logs.

Create policies and procedures that identify prevention and timely detection of unauthorized acquisition, use or disposal of assets.

NitroSecurity provides a complete view of user activity from the network perimeter to the database itself, providing a clear and concise system for the detection, prevention, and forensic examination of asset activity.