What is VA?
Virtual Auditor’s Security Orchestration, Automation and Response (SOAR) solution is a unique, fully-managed, information security auditing assessment solution that helps you establish a formal information security program within your organization. VA is packed with powerful vulnerability, auditing and testing tools that can help identify security vulnerabilities within your environment, as well as gaps in your existing security program.
Virtual Auditor Eliminates
compliance
VA helps organizations prepare for, and succeed with, numerous industry compliance requirements. VA supports: ISO 27001/02, GLBA, FFIEC, NYC Part 500, HIPAA, HITRUST, NIST 800-53, and more. Learn more about the compliance solutions VA offers here.
What does Virtual
Auditor do?
Unlike a third party auditor plugging his/her foreign machine into your network and scanning with a number of unknown or unsafe tools, VA takes a different approach. Imagine taking all of the best assessment security tools in the industry and molding them into one assessment engine. Virtual Audior’s SOAR is such an engine. VA is located in your data center, never “in the cloud”.
The server is dedicated to your organization and does not carry the potential malware risks from on-site third party auditors’ laptops that have connected to dozens or hundreds of networks. Rather than being handed a large “snap shot in time” audit without the benefit of a baseline, VA delivers consistent reports of useful data and imagery, based upon progress over time, in a ready-to-present format for management.
VA is a repeatable lifecycle auditing tool that delivers bite size information to the IT Administrators for remediation purposes. Just like the old saying, “How do you eat an elephant? One bite at a time!” Virtual Auditor helps to establish a process that makes information security a daily part of the organization, not just once a year at audit time. VA can deliver tickets to your standards-based Help Desk platform to facilitate IT and Security remediation on a consistent basis.
Where does it reside?
NOT IN THE CLOUD! This appliance sits within your network and collects data that is never transmitted outside your domain and never sent to offshore resources.
VA has been used as tool for Compliance Departments for internal audits and for security within the IT Department itself. Since every organization’s structure is different, different departments may oversee the VA process.
How is Virtual Auditor different from other security technologies such as:
a SIEM (Security Information Event Manager)?
A SIEM blindly captures all event logs across the network from devices that have been configured (usually with an agent) to send their logs to the SIEM. Although SIEMs are an excellent log capturing platform, the amount of data transmitted to them are so overwhelming that SIEMs in most organizations become “shelfware” or too expensive to maintain. VA is complimentary to a SIEM, not a replacement for it.
an Onsite Security Analyst (consultant
or a full time employee)?
While the VA appliance doesn’t purport to be all things to all organizations, in this era of difficult recruiting, training, and retaining technical information security staff, VA can provide consistency in collecting, analyzing, reporting, and monitoring technical information security vulnerabilities. VA is not subject to turnover, lost documentation, or pointless training or time spent out of the office. Whether as a replacement for a smaller organization, or a valued member of the team in larger organizations, VA is highly proficient in its role.
A Third Party Assessment?
As opposed to a point-in-time snapshot of technical vulnerabilities delivered in an overwhelming mass of data, VA provides consistent, manageable reports and remediation steps. Benefit from VA’s extensive documentation to help establish your internal program to identify and mitigate vulnerabilities.
Current Audit Modules
VA can be implemented into any Active Directory environment running Windows operating systems, Macs, Linux, Cisco devices, SCADA systems, IBM iSeries servers, and databases. VA’s vulnerability engine is an agentless auditor of configurations, patches, and web applications.
As VA checks for compliance findings it covers PCI DSS, HIPAA / HITECH, NIST, firewalls, routers, and virtualization. VA detects, scans, and profiles numerous devices and resources to increase security and compliance across your network.
VA covers network devices, virtual hosts, databases, OSes, & web applications. VA utilizes extensive configuration and compliance auditing modules for the following areas:
- Antivirus Vendor Audits
- CERT Recommendations
- CIS & NSA Best Practice Guides
- GLBA Guidelines
- HIPAA Profiles
- NIST SCAP & FDCC Content
- PCI Configuration Requirements
- Recommended Vendor Settings
- Cisco Router & Firewall Configurations
- Juniper Router, Firewall & Network Switches
- Palo Alto Networks Firewalls
- Network Inventory Audits
- Active Directory Audits
- Software White List Audits (Acceptable & Unacceptable)