SYSTEM-WIDE
SECURITY COMPLIANCE & REMEDIATION REPORTING
INDUSTRY STANDARD
SYSTEM COMPLIANCE
Cybervine have been exploring methods to proactively assist with Information Security, Data Protection, and System Integrity using International Industry Standards (such as those governed by NIST) to adopt best practices and protection standards for System Compliance & Remediation.
Although in early Beta, our System Compliance & Remediation reports cater for the adapating rules and regulations of these standards, policies, and best practices. This includes nodes provisioned for transactional purposes (Eg. PCI DSS), client data storage clusters (Eg. POPIA Compliance), hosted email services, as well as private/public systems requiring a security baseline with reporting and/or security audits with remediation/mitigation advisory.
To perform this service, Cybervine utilizes the results from an agentless scan (OpenSCAP) and evaluates the Digital Signature Standards (DSS) to provide a detailed report of system requirements not yet met (including remediation/mitigation advice where applicable) – whether matching criteria with an International Industry Standard Framework, or a custom defined framework to meet a level of system hardening.
In addition, Cybervine can assist by providing regular system-wide Compliance & Remediation Reporting for your system(s) and IT environment. To get started, request a once-off free trial (limited storage capacity available).
Alternatively, kindly contact us if you have any questions or require assistance!
Please note: Cybervine IT Solutions are unable to certify System Compliance and thus this service can only assist in System Compliance (Risk Managment).
REASONS FOR ACHIEVING SYSTEM COMPLIANCE
STANDARD
Overall IT System or Environmental Audit & Assessment
Remediation Advice & Mitigation Techniques with Code Snippets
Custom/tailor-made Frameworks to suit your requirements
Persistent System Hardening
Prevention & Protection against known attack vectors
OPTIONAL
Weekly, Monthly, and Quarterly Automated Compliance Reports
Custom Remediation Playbooks for Automation
International Industry Standard Framework (Eg. Payment Card Industry)
Custom rule selection/removal for specific edge cases
Access to Scan Results in a web portal
TEST DRIVE SYSTEM COMPLIANCE TODAY!
Kindly fill in the form below to get started! Once submitted, instructions on how and where to upload your OpenSCAP results, as well as download your System Compliance & Remediation report, will be privately sent to you.
Please note: Cybervine IT Solutions do not certify Compliance. This is an evaluation of one or more OpenSCAP results from your system(s) to provide an overall System Compliance & Remediation report.
FREQUENTLY ASKED QUESTIONS
OpenSCAP is a project consisting of open source tools for using the Security Content Automation Protocol (SCAP) to extract the data driven measurements required to facilitate System Compliance. OpenSCAP performs this measurement by evaluating a baseline scan of a systems’ digial signatures with that of a selected framework (such as one governed by NIST).
The National Institute of Standards and Technology (NIST) is the organization providing the cybersecurity framework and guidelines required for compliance measurements, best practices, and IT security standards.
The Digital Signature Standard (DSS) is a suite of code signing algorithms for NIST to verify the authenticity and integrity of data at rest or in transit.
The Payment Card Industry Data Security Standard (PCI-DSS) is an information security standard to safeguard the processing of card transactions. The standard is enforced internationally to protect cardholders and assist with preventing unauthorised online and fraudulent use.