Compliance

Advanced Analytics is one of the biggest reasons so many enterprises include Big Data technologies within their cybersecurity arsenal. Elysium Security Intelligence and Analytics (SIA) Solution provides the foundation for a platform designed to create custom advanced analytics, and, at the same time, includes an individualized set of analytics for various compliance and regulatory requirements.

Regulatory Compliance

Regulatory Compliance is at the forefront of peoples’ minds in many an organization in this era of Cybersecurity and IoT (Internet of Things). An ever-growing number of devices throughout the enterprise are connected to the internet and, as a result, the population of bad actors who disrupt the delicate environment that business find themselves operating within increases significantly. These compliance regulations are definitely good for business in general, but they bring with them serious development requirements. These necessitate that new roles, as well as completely new business processes, be created. Gone are the days when your business might be robbed and you would become aware of it immediately. Now, it could take a year or even longer for a breach to be discovered. For an enterprise which is faced with compliance challenges, Elysium’s specialists, recognized leaders in this area, can provide a path to development of a Compliance Analytics Package. Elysium Analytics SIA Compliance Analytics Package satisfies a subset of the following regulations:

  • HIPAA
  • SOX
  • FISMA
  • NIST 800-53
  • NIST 800-171

Compliance Analytics

In addition, Elysium’s SIA Compliance Analytics Package includes base dashboards and reports, as required by regulations, as highlighted below:

Dashboards:

  • Event Summary
  • Investigation Reports
  • Administrative Account Activities
  • Privileged Commands Usage3
  • System Startups and Shutdown
  • Audit Message
  • User Logon and Logoff
  • User Account Added or Removed
  • Password Change or Reset
  • Security Objects Accessed and Delete
  • Network Monitoring

Because Elysium designs these types of solutions as open-source, the dashboards and reports can be expanded as needed, and organizations can extend those solutions to include activities for specific business applications. For example, healthcare companies could easily monitor patient medical record look-ups, and financial companies could continuously monitor transactions.

Data Sources

Current supported sources for out of the box (OOTB) Compliance Analytics Package include:

  • Microsoft Windows Security
  • Microsoft Exchange
  • Cisco ASA
  • FireEye
  • WatchGuard
  • Palo Alto Network

Normalized Schema

To normalize the schema, specific views are utilized to map similar events from different log sources. Through the use of event views, the development of new analytics and the incorporation of new log sources are facilitated, without modifying the OOTB Compliance Analytics. The following are some of the most important event-based views:

  • User Login Successes or Failures
  • Password Change or Reset
  • Audit Message
  • Administration Activity
  • User Account Activity
  • Privileged Command Usage