Change Tracker Gen7 provides the most accurate and effective File Integrity Monitoring solution, ensuring the integrity of your security IT systems and reporting any changes as they take place. But how do you differentiate between ‘good’, intended or planned changes, and ‘bad’, possibly malicious activity?
The solution is to leverage Cloud-Based Threat Intelligence and automatically authorize file changes as they are detected using the world’s largest authoritative file whitelist. And now you can do just that, using the NNT FAST Cloud (File Approved-Safe Technology).
NNT is excited to invite you to watch our Quarterly Update: NNT’s FAST Cloud Integration from NNT’s CEO & CTO. During this session, you’ll hear directly from our CEO, Mark Kerrison, and CTO, Mark Kedgley as they provide a detailed technical overview of our latest feature, NNT FAST Cloud.
The Challenge
The challenge for security pros historically has always been managing the change noise, separating the ‘everyday okay’ changes from the ‘usual or suspicious’ changes. It’s an incredibly time-consuming task, but vital in order to spot a breach.
The NNT Solution- The Mute Button for FIM Change Noise
By integrating NNT’s FAST Cloud with our flagship Gen7 solution, file changes are now automatically and immediately verified as ‘known safe’ as they are spotted. By automatically approving these whitelisted changes, the change noise, and consequently, the time spent analyzing changes is now significantly reduced. As a result, the remaining genuinely suspicious changes can now be investigated thoroughly.
NNT FAST Cloud uses file reputation intelligence from all leading manufacturers and is continuously updated as patches and updates are released, then enhanced even further by incorporating threat knowledge from third party file-reputation and file whitelist repositories.
Combined with NNT patch intelligence means other changes can also be queried and automatically approved (i.e. Software updates, windows registry changes, new services/processes, etc.).
The NNT whitelist is combined with the blacklist of your anti-virus system. The end result is breach activity exposed in the remaining ‘no man’s land’ of neither blacklisted now whitelisted files.