Tenable for IT-Grundschutz
The IT-Grundschutz Standards and Catalogues are a set of recommendations designed to assist an organization in achieving an appropriate security level for information throughout an organization. The Federal Office for Information Security (BSI) in Germany develops and maintains the BSI Standards, of which IT-Grundschutz is a part, with the providing methods, processes, procedures, and approaches to information security management, risk analysis, and business continuity management.
Tenable offers a range of solutions to help you meet BSI Standards and IT-Grundschutz recommendations as your network changes and evolves.
IT-Grundschutz Audits with Nessus and SecurityCenter
Use Tenable's pre-written IT-Grundschutz BSI audit files to help meet recommendations for Windows (available now) and Linux (coming soon) systems.
With Nessus and SecurityCenter, organizations can run IT-Grundschutz-based audits to identify and correct issues that may impact technical and infrastructual security, aiding in the application of trusted methodologies, operational practise, risk assessment, and risk analysis.
Other types of Nessus and SecurityCenter audits can also identify sensitive data that may be protected by IT-Grundschutz recommendations, such as credit card numbers and sensitive business information. Nessus and SecurityCenter can perform these searches without an agent and only require valid credentials to scan a remote computer.
Intelligent Continuous Monitoring with Tenable SecurityCenter CV Architecture
Monitor and assess compliance with IT-Grundschutz recommendations continuously by combining Nessus with the other components within the vulnerability, threat and compliance management platform: SecurityCenter, Passive Vulnerability Scanner, and the Log Correlation Engine.
- Continuously monitor and discover new devices on the network that may create organizational exposure.
- Secure log aggregation / storage and log normalization / search for compliance monitoring and analysis.
- Identify relevant assets and limit IT-Grundschutz audits to those assets, reducing time and resources required for regular scans.