KeyStroke Logging for HPE NonStop ServersPrivileged accounts hold the keys to the most critical data on your HPE NonStop servers. They can take action with the highest privileges on the most sensitive areas of your system. PCI DSS requires that all actions taken by any user with administrative privileges must be tracked.
Presented by XYPRO Senior Solutions Architect and Connect User Group Past President, Rob Lesan. This webinar will cover it all!
If your HPE NonStop servers handle PCI data, you need to keystroke log privileged users! Period. You must implement automated audit trails for all system components in order to reconstruct the following events:
All individual user access to cardholder data.
All actions taken by any individual with root or administrative privileges.
Keystroke logging is the most effective method to meet this requirement.
XYGATE captures keystrokes from Guardian (TACL), OSS (ksh, bash, etc.), via telnet (hopefully over TLS!), ssh or any other method. XYGATE keystroke logging operates with or without Safeguard and differentiates between a user and an alias for both reporting and control.
Keystroke logs combined with a SIEM or Security Intelligence technology, go beyond compliance to real-time detection and prevention of data breaches.
Compliance requirements, zero overhead, extensible reporting and the ability to record actions from all users via XYGATE is the ideal solution to meet this very necessary security requirement.
XYPRO's 2021 Cybersecurity RoadmapXYPRO’s Chief Product Officer, Steve Tcherchian presents XYPRO’s 2021 product roadmap update including how recent XYGATE updates help you meet your 2021 data protection goals and cybersecurity objectives.
Get an insider’s look into new features and functionality that maximize your XYGATE security investment. Join Steve as he discusses XYPRO’s latest advances in Multi-Factor Authentication(MFA), Compliance and Anomaly Detection. You’ll also be updated on HPE NonStop integrations with Splunk, SailPoint, CyberArk and ServiceNow.
Punto a punto, cerrando el círculo en seguridad HPE NonStopLa seguridad HPE NonStop y cómo fortalecerla
Ya sea que necesites implementar una estrategia de seguridad de manera proactiva o por cumplimiento regulatorio, conocer el estado actual de tu seguridad es fundamental para diseñar dicha estrategia e incrementar al máximo el control y visibilidad de lo que sucede en tu HPE NonStop. Con la suite de XYGATE lograrás asegurar todo recurso y todo objeto cerrando así el cerco de seguridad de tu ambiente NonStop manteniendo una visión granular de todo lo que sucede.
La evolución de la seguridad HPE NonStop ha sido tal que al día de hoy es posible asegurar tu plataforma en su totalidad y de manera rápida, flexible y dinámica.
Establecer un cerco de seguridad HPE NonStop es fácil y con la suite de XYGATE es posible hacerlo. Ya sea que tu ambiente NonStop sea pequeño o grande y sin importar su grado de complejidad, contamos con las herramientas adecuadas para hacer de la implementación de tu estrategia de seguridad una tarea alcanzable y acorde con los requerimientos y regulaciones de seguridad internacionales.
En conjunto con el nivel de seguridad requerido, se debe de contar con la visibilidad y trazabilidad necesarias de todo lo que sucede en el ambiente NonStop. En este sentido, la auditoría granular que proporciona la familia XYGATE prueba ser sumamente valiosa y necesaria. Nuestro XYGATE Merged Audit (XMA) es la solución perfecta para lograr esto.
XMA se instala y configura en minutos. Configurar XMA para reenviar datos a tu SIEM lleva incluso menos tiempo. Todo lo que necesita es la dirección IP, el puerto y el método de transporte (TCP o UDP). Inserte esas configuraciones en la plantilla dentro de su archivo de filtros XMA y listo.
Como referencia ponemos a su disposición el siguiente webinar XYPRO's From Zero to Hero Integrate HPE NonStop with Splunk en donde se habla sobre la integración de XMA con la SIEM Splunk.
Proactive Risk Management HDFC, India’s Largest Private Bank, modernizes CyberSecurityJoin Shailesh Khochare, Senior Vice President, Head Data Processing Centre, IT Security Operations & Compliance for HDFC as he discusses HDFC’s use of XYGATE SecurityOne (XS1), the “single pane of glass” solution to contextualize, prioritize and control HPE NonStop and ACI Base24 security incidents.
NonStop Education Day - HPE NonStop Security with XYPRO XUA and XMAIn this training session, you will learn how to install and configure XYGATE User Authentication (XUA) and XYGATE Merged Audit (XMA), both of which are already included with every HPE NonStop server, to properly secure and optimize your NonStop systems and applications from a catastrophic security breach and ensure compliance with all the current global regulations.
We will show you how to configure User Authentication to restrict access by users, groups, ip address port and more. We’ll then discuss integrations such as Microsoft Active Directory for Single Sign-On to integrate your NonStop servers with the rest of your enterprise and RSA SecurID for Multi-Factor Authentication to address the latest PCI-DSS requirements.
The second half of this session will focus on how to configure collectors to gather data from various NonStop security sources using Merged Audit. We’ll also describe security oriented best practices around data filtering and database management concepts. You will learn how to integrate your collected data into analytics tools like SPLUNK, IBM QRADAR and RSA Netwitness. We’ll demonstrate how to create useful security dashboards, reports, and alerts.
The program will wrap with a discussion around troubleshooting XUA and XMA if things go wrong to ensure you can recover quickly.
Success & Covid19 Strength, Capacity, Caring & CompassionAt XYPRO, part of accepting this new Working from Home reality is making a conscious effort to shift our mindset to strategies aimed at providing employees with a sense of stability in a crazy time. We emphasize communication, empathy, teamwork and employee engagement. These strategies help us foster a desirable work environment which translates in XYPRO’s ability to remain focused and productive. It's important to provide resources for parents, younger employees, mentoring and group activities. Implement programs aimed at increasing remote engagement and promote team building via communication & fun. Opportunities for employees to have their voices heard is key to knowing if what you're doing is working. Transparent communication builds trust. In this presentation I'll describe how XYPRO prepared for and handled the Covid-19 pandemic, moving to 100% work from home, helping our employees work effectively when they never worked remotely before, employee engagement, mental health, retaining our company culture and planning for a return to the office.
Presented by Dr. Melodie Bond-Hillman, XYPRO
Modernizing CyberSecurity Building a Strategy That WorksOnce your network and systems have been compromised, there is no going back. The best you can do is contain the damage as quickly as possible. The current mean time to detect a cybersecurity breach is nearly 60 days. That means hackers are in your network, on your systems doing what they want for 2 months before you know, IF they're ever detected. The damage to your systems, the loss of your critical data, the impact to your company’s reputation and potentially to your career is immeasurable. These are the things that keep leaders up at night.
Presented by Steve Tcherchian, XYPRO
Integrate Your HPE NonStop Servers with SailPoint Identity GovernanceWhether you need to provision users on one or multiple HPE NonStop servers, XYGATE Identity Connector (XIC) elegantly integrates your NonStop servers with your SailPoint enterprise solution. Achieve user governance, provisioning and reconciliation of HPE NonStop user accounts directly from SailPoint.
Ensuring employees have the correct access to the right business applications and IT resources is a critical requirement with which many companies struggle. Current solutions for requesting and managing user access are inefficient, manual, complex, and outdated. Governance is often an afterthought, leaving enterprises vulnerable to security risks and exposed to compliance issues.
Many organizations are adopting solutions like SailPoint to manage their technology assets. SailPoint, the market leader in Identity Governance and Administration, allows businesses to automate an ever-growing technology landscape while addressing security and compliance risk.
XYPRO and SailPoint have partnered to provide the first and only SailPoint certified integration for HPE NonStop servers. XIC for SailPoint provides complete control over who has access to your NonStop servers from your enterprise SailPoint instance.
SailPoint is a flexible identity governance software designed to provide efficient, all-encompassing visibility into who is doing what in your environment via rapid automation of identity and access management across the enterprise. Other benefits:
• Automated User Provisioning – Give users the access they need as they join an organization
• Access Request – Empower users with automated application and data access
• Access Certification – Always ensure users have the right access
• Integrate with CyberArk – The market leader in Privileged Access Management
• Free up Resources – eliminate time consuming manual processes that are costly and error prone
• Simplify Audit Activity
• And much more…
Why XYPRO and SailPoint?
SailPoint’s industry-leading, powerful access certifications, governance controls and logical workflows allow NonStop customers to take full advantage of the capabilities provided by SailPoint that have long been available for other platforms.
A common use case is user account provisioning and deprovisioning. With XIC, when an identity is provisioned through SailPoint, HPE NonStop is now an option to select. Once selected, the userid and all relevant attributes are automatically created on your HPE NonStop servers. No user intervention. No emails being sent to administrators and no manual processes. Similarly, when an identity is disabled through SailPoint, the corresponding account is immediately disabled on all NonStop servers on which it was provisioned.
When that identity is removed using SailPoint, the account is immediately removed from all NonStop servers, ensuring the removal of stale accounts, improving your relationship with your auditors, and strengthening your security procedures at the same time.
XYGATE Identity Connector is a lightweight, easy to deploy, executable using a micro service framework and standard SCIM 2.0 protocols. Simply configure the service XML with the specific HPE NonStop server properties and run the deployer. XYPRO’s NonStop Identity Connector deploys quickly in a JAVA Virtual Machine (JVM) on OSS. No other software is required. Installation is simple, quick and secure.
From Zero to Hero Integrate HPE NonStop with SplunkXYGATE Merged Audit (XMA), included with every HPE NonStop server since 2010, is an easy-to-use and integral security component of the HPE NonStop operating system. XMA collects data from application, system and audit logs into a single, normalized SQL database to generate reports and forward data to your log management or analytics solution. Exciting, right?
Without having to purchase any additional software, XMA communicates directly with enterprise solutions like Splunk “...to modernize your security operations and strengthen your cyber defenses”.
Data is collected from EMS, Safeguard, ACI BASE24, iTP Webserver, XYGATE installations, and much more. This data is aggregated, filtered, formatted, and selectively forwarded in real time. Did I mention you don’t have to try or buy any additional software? XMA is on your NonStop servers already! You own it!
Getting HPE NonStop server data to Splunk is easy. Whether your data is in native XMA/NonStop format, Common Event Format (CEF) or a custom format, it can be sent to multiple targets via TCP or UDP. The only thing to decide is which data you want to send.
XMA is installed and set up within minutes. Configuring XMA to forward data to Splunk takes even less time. All you need is the IP address, port and transport method (TCP or UDP). Pop those settings into the template inside of your XMA filters file and off you go.
Sit back, relax, and let your SOC monitor the log data from Splunk, while you enjoy modern, intelligent, and intuitive enterprise dashboards.
Want to read about XYPRO’s top 5 recommended reports?
5 Best Practices for HPE NonStop File Integrity MonitoringFile Integrity Monitoring (FIM) is a foundational requirement for security compliance frameworks to help identify unexpected or malicious activity across critical system files, diagnose unwanted or inadvertent changes, and shut down attacks before they have a chance to cause damage and disruption.
Organizations that collect and process credit card transactions and payments data must comply with the Payment Card Industry Data Security Standard (PCI DSS) requirements 10.5.5 and 11.5 that state organizations must make efforts to monitor file modifications and ensure the integrity of critical logs from within their Cardholder Data Environment (CDE).
On HPE NonStop servers, XYGATE SecurityOne (XS1) monitors and alerts when key files, objects, or system configurations are viewed, deleted, modified or ownership has changed. XS1 identifies who made the change and if the change put the system at risk or violated policy.
This intelligent form of real-time integrity monitoring simplifies monitoring activity and helps meet the strictest of compliance requirements while reducing noise generated by unnecessary alerts. Your resources are focused on the most critical security events.
Join XYPRO Technology’s Chief Product Officer & CISO, Steve Tcherchian, and Solutions Delivery Specialist, William Ferrara, as we demonstrate the Top 5 HPE NonStop File Integrity Monitoring use Cases.
Integrate Your HPE NonStop Servers With CyberArkXYPRO Technology Corporation, a leading cybersecurity solutions company, and CyberArk the global leader in privileged access management, presented a webinar on integrating HPE NonStop Servers.
The presenters are CyberArk’s Brian Carpenter, Director of Business Development, and Steve Tcherchian, Chief Product Officer and Chief Information Security Officer for XYPRO.
They discussed how the CyberArk Privileged Access Security Solution secures, manages, automates, and logs all activities associated with privileged access. They will detail current attack vectors and analyze real use cases on how your HPE NonStop servers can seamlessly integrate with CyberArk processes to help ensure complete visibility, traceability, automation, and security of your HPE NonStop servers.
“The largest security risks to any organization are the misuse or compromise of privileged credentials,” said Tcherchian. “Privileged accounts are a particular risk as they enable elevated access to your organization’s mission-critical data.”
“Because of the fear of ‘breaking something’ that could impact the ATM, POS, Mobile, or Payments infrastructure, many applications and systems were initially deployed, years ago, with passwords for privileged accounts that were and still are rarely rotated, shared, and improperly stored,” said Tcherchian. “This practice should be keeping CIOs and CISOs up at night, especially since there is something they can do about it.”
The compromise of privileged accounts is connected to nearly all targeted attacks. Proper credential storage and management are paramount for responsible risk mitigation. If you are still manually managing privileged access, you’re not doing all you can to protect your systems. It’s not news that anything manual is resource-intensive, error-prone, and leaves gaps in your security.
A Privileged Access Management solution provides the ideal capabilities for automating these activities. In this webinar, XYPRO and CyberArk will discuss how the HPE NonStop server integration can help with visibility, traceability, automation, and security.
Protect Your Applications with Multi Factor AuthenticationVIRTU-NUG Session 1: June 10, 2020