- Resource Reporter 1.0.2 (2012.05.07)
- Lost Events Content (2012.05.07)
- NetworkModelImporter-0.4.4.116.zip (2012.01.11)
- TweetLog User's Guide (2011.10.07)
- TweetLog 1.5.1 (2011.10.07)
Sample Sarbanes-Oxley Reports
Below are some of the examples of the reports we deliver as a part of the Sarbanes-Oxley Compliance Package:
- Access Rights Removed
- Account Creation - Template
- Account Deletion - Template
- Account Lockout
- Account Lockouts by System
- Account Lockouts by User
- Activity by Former Employees
- Administrative Logins and Logouts
- Administrative Logins and Logouts from Third-Party Assets
- Administrative Logins and Logouts Targeting Third- Party Assets
- Administrator Actions - All
- After Hours Building Accesses
- After Hours Systems Access by System
- After Hours Systems Access by User
- After-Hours Login to Sensitive Systems
- After-Hours Logins to Sensitive Systems
- Agents Reporting Inaccurate Times
- All Information Leaks
- Application Configuration Modifications
- Asset Creation by Location
- Asset Deletion by Location
- Asset Identification Report
- Asset Modification by Location
- Assets Available to Third Parties by Domain
- Assets Available to Third- Parties by Criticality
- Assets by Network Domain - Template
- Assets by Network Domain (Creation Time) - Template
- Assets that Failed Technical Compliance Check
- Attacks and Suspicious Activity from Public-Facing Assets
- Attacks and Suspicious Activity from Third-Party Assets
- Attacks and Suspicious Activity Targeting Public-Facing Assets
- Attacks and Suspicious Activity Targeting Third- Party Assets
- Attacks from Development Targeting Production
- Attacks from Production Targeting Development
- Attacks Targeting Email Systems
- Audit Log Cleared
- Authorization Changes - Template
- Availability Attacked Assets
- Average Time to Resolution - By Case Severity
- Average Time to Resolution - By Day
- Average Time to Resolution - By User
- Case Chart
- Case Stage Counts
- Case Status by Owner
- Changes to Development Machines
- Changes to Operating Systems
- Changes to Third-Party Resources
- Compromised Assets Available to Third Parties
- Confidentiality and Integrity Breach Sources
- Covert Channel Activity
- Critical Assets
- Criticality of Assets
- Classification of Assets
- Database Access - All
- Database Privilege Violation
- Default Password not Changed
- Default Vendor Account Used
- Denial of Service Sources
- Development to Test or Operations Cross-Talk
- Device and OS Configuration Changes
- Device Logging Review
- Disallowed Port Access
- DoS Attacks
- Escalated Threat Activity
- Escalated Threat Activity Top Sources
- Escalated Threat Activity Top Targets
- Events Targeting Internal Assets
- Events Targeting Public-Facing and Production Assets
- Executive Summary - Case Metrics
- Exploit of Vulnerability
- External Logins to Public Facing Systems
- Failed Anti-Virus Updates
- Failed Building Access Events
- Failed Database Access
- Fault Logs
- File Changes in Development
- File Creations on Third-Party Accessible Systems
- File Deletions on Third-Party Accessible Systems
- File Integrity Changes Detected
- File Modifications on Assets
- File Modifications on Third-Party Accessible Systems
- File Related Activity on Third-Party Accessible Systems
- Firewall Configuration Modifications
- Firewall Open Port Review
- Former Employee User Account Access Attempt
- Generate Case for Attack Against Remote Assets
- High Risk Events
- High to Low Classified Asset Communication
- Identity Based Access Violation
- Inactive User Account Detected
- Infected VPN Remote Host Found
- Information Interception
- Information System Audit Tool Logins
- Information System Failure Hosts
- Insecure Services Use Detected
- Intellectual Property Rights Violations
- Intellectual Property Rights Violators
- Internal Reconnaissance Top Events
- Internal Reconnaissance Top Sources
- Internal Reconnaissance Top Targets
- Internet Activity per Device per Machine
- Internet Activity per Device per User
- Invalid Certificate Presented
- Invalid Data Input
- Least Frequent 10 Attack Sources
- Least Frequent 10 Attacked Targets
- Least Frequent 10 Events
- Low to High Classified Asset Communication
- Machines Conducting Policy Breaches
- Malicious Code Detected
- Malicious Code Sources
- Max Time to Resolution - By User
- Misuse of Information Processing Facilities
- Misuse of Information Systems Sources
- Most Frequent 10 Attackers Chart
- Most Frequent 10 Targets Chart
- Network Device Configuration Modifications
- New Hosts
- New Services
- New User Account Created
- Non-Secured Access of Assets from External System
- Number of Successful Administrative Logins
- Number of Successful User Logins
- Number of Unsuccessful Administrative Logins
- Number of Unsuccessful User Logins
- Open Cases
- Operating System Changes
- Operating System Configuration Modifications
- Operations to Test or Development Cross-Talk
- Organizational Records Information Leaks
- OS Configuration Modifications
- Outbound IM Traffic
- Password Changes
- Peer to Peer Ports Used
- Peer to Peer Sources
- Personal Information Leaks
- Policy Violations from Third-Party Assets
- Privileged Access Attempt Detected
- Privileged Access on a Remote Connection
- Remote Access to Systems with Insecure Configuration
- Resource Exhaustion Detected
- Same User Using Different User Names to Log-on
- Security Software Stopped or Paused
- Services Accessed by Third-Parties
- Services on Assets Available to Third Parties
- Software Changes in Operations
- Successful Brute Force Logins
- Successful Building Access Events
- Summary of Suspicious Activity by New Hires
- Suspicious Activity by New Hires
- Syslog Restart Events
- System Restarted at Unscheduled Time
- Systems with Persistent Vulnerabilities
- Test to Development or Operations Cross-Talk
- Third-Party – Sourced Attacks
- Third-Party – Targeting Attacks
- Third-Party Access
- Third-Party Incidents - Closed Cases
- Third-Party Incidents - Open Cases
- Top 10 Events Chart
- Top 10 Unsuccessful Administrative Logins
- Top 10 Unsuccessful User Logins
- Top 20 Policy Breach Events
- Top Email Receivers (Amount)
- Top Email Receivers (Size)
- Top Email Senders (Amount)
- Top Email Senders (Size)
- Top Largest Emails
- Top Public Web Mail Senders
- Trojan Code Activity
- Unauthorized Admin Access to Domain Controller
- Unscheduled Change in Status of Service
- Unsuccessful Administrative Logins by Asset
- Unsuccessful Administrative Logins from Third-Party Assets
- Unsuccessful Administrative Logins to Third-Party Assets
- Unsuccessful User Logins
- Unsuccessful User Logins from Third-Party Assets
- Unsuccessful User Logins to Third-Party Assets
- User Account Deletion
- User Logged in - Removed from Stale Accounts
- User Logged in from Two Locations
- User Logged Out - Added to Stale Accounts List
- User Logins and Logouts
- User Name and IP Address Association
- User Logins and Logouts from Third-Party Assets
- User Logins and Logouts to Third-Party Assets
- User Password Change Detected
- Privileged Account Changed
- Virus Summary
- Virus Summary by Hosts
- VPN Access Report
- VPN Access Report by Target Asset
- VPN Login Recorded to Session List
- VPN Session Terminated - Cleared from Session List
- Vulnerable Assets Available to Third Parties by Criticality
- Vulnerable Assets Available to Third Parties by Domain
- Vulnerable Business Information Systems