Regulation and Event Log Compliance

Many companies, whether located in the United States or elsewhere, are faced with the challenge of complying with increasingly demanding government regulations such as

Sarbanes-Oxley
PCI-DSS 4.0 Compliance
Health Insurance Portability and Accountability Act (HIPAA)
SB1386 (California)
Gramm-Leach-Bliley Act
CJIS Security Policy
Controlled Unclassified Information (CUI) Compliance
NIST 800-171
ISO 27001:2013
ISO 27001:2022
CMMC v2.0

and more. Many companies are already using EventSentry to help them to fulfill regulatory compliance. EventSentry helps them become compliant with minimal effort and great flexibility - at a reasonable price.

Due to its flexible design, EventSentry can help you meet many government regulations in a variety of ways:

1. Compliance Modules (Reports)

The built-In compliance reports ease the burden of compliance by listing exactly which individual compliance requirements EventSentry is capable of fulfilling. Then, simply set the required review parameters (e.g. daily, weekly) or schedule the reports as jobs. The following regulatory frameworks are currently covered by the compliance module:

PCI-DSS 4.0
FISMA
HIPAA
Sarbanes Oxley (SOX)
GLBA
ISO 27001:2013
ISO 27001:2022
NIST 800-171
CMMC v2.0

2. Compliance Tracking

Compliance tracking intercepts and normalizes security-related events from the Windows event log, and consolidates them in the EventSentry database. This includes Active Directory Change Reporting (e.g. Account Management Tracking) as well as tracking of user activity (e.g. Logon Tracking). In full, compliance tracking includes the following features:

Console Logon Tracking
Process Tracking
File Access Tracking
Account Management Tracking
Policy Change Management Tracking
Print Tracking
Permission Inventory

3. Real-Time Event Log Monitoring

Since a core feature of EventSentry is to monitor the security event log of Windows-based computers, you can configure EventSentry to perform a variety of tasks including:

Immediate Email notification of critical events
Immediate Email notification of break-in attempts, configured with thresholds
Notification of software errors and failed services
Collection and archival of all events in a SQL database, searchable through web reports
Archival of event logs in a central location
and many more.

4. System Health Monitoring

Depending on your specific compliance needs, many of the system health monitoring features also supplement the compliance tracking and event log monitoring features.

EventSentry provides the following additional functionality to achieve compliance:

File Integrity Monitoring (FIM)
Software & Patch Monitoring, including notification of added software and patches
NTP Synchronization
Service Monitoring, including notifying of added or removed services