IT-Grundschutz
IT Security Control – Simply and Economically. IT-Grundschutz (BSI)
Organisations must realize that IT security is not a static condition but an ongoing process. Therefore you should constantly ask, "Am I secure? Am I compliant?" The many security problems and gaps present within an organisation are often not known in advance but discovered during preparation for the certification or by a third party after a security breach has occurred.
The German Federal Office for Information Security’s (BSI) IT-Grundschutz provides a method for an organisation to establish an Information Security Management System (ISMS). It comprises both generic IT security recommendations for establishing an applicable IT security process and detailed technical recommendations to achieve the necessary IT security level for a specific domain.
CONTINUOUS AND AUTOMATED COMPLIANCE
Tripwire helps you achieve IT-Grundschutz compliance with a single integrated solution. The Tripwire® VIA™ suite combines the power of Tripwire® Log Center—log and SIEM—and the intelligence of Tripwire® Enterprise—FIM and configuration control. The Tripwire VIA suite delivers an automated solution designed to support monitoring, change detection, reporting and investigation in real time to meet the requirements of IT-Grundschutz and the recommended controls.
Tripwire VIA solutions allow you to:
- Protect sensitive data and systems by auditing data access, privileges and configuration settings.
- Real-time continuous monitoring and instant detection of any changes and events that may impact security.
- Instant alerting of suspicious behaviour within the enterprise.
- Remediate configurations and automate hardening of security controls.
- Collect any readable audit, accounting or operational log, and process it in to a scalable flat-file based forensic data store
