Assuria Auditor

Server Security. Assured

Configuration Assurance. Vulnerability Assessment.
Change Detection. Compliance.

Assuria Auditor provides automated Vulnerability Assessment and Configuration Assurance for servers and endpoints through a blend of Resident Agent and Remote Agentless scanning approaches.

• Server hardening
• Vulnerability Assessment
• Compliance Assessment
• Change detection
• Inventory Reporting

 

Evolved over a period of 15 years, Assuria Auditor is used by central government agencies, financial services companies, local authorities, education organisations and other commercial organisations in more than 30 countries worldwide.

As a software only solution, employing a unique blend of agent based and agentless scanning techniques and probably the widest system coverage in the industry, Assuria Auditor forms a critical element of the IT security infrastructure for some of the largest organisations in the world.

Auditor Overview

Assuria Auditor is deployed in hundreds of government agencies and commercial enterprises to minimise information risk, improve security controls and comply with industry standards. Assuria Auditor provides deep configuration and vulnerability scanning, inventory reporting, compliance assessment and powerful change detection through an extensible and flexible architecture. It provides vital information assurance and protection for critical business servers and helps maintain systems in a secure ‘known state’.

Assuria Auditor is a market leader in countering the ‘insider threat’ to business integrity and a key solution for managing compliance to regulatory standards such as ISO27001, GPG-13 and PCI -DSS. Using a flexible, distributed management framework, Assuria Auditor measures, manages and reinforces server security policies and security good practice using a host-to-network view of critical systems, assessing security controls, detecting and reporting system security weaknesses and providing remediation advice.

Vulnerability Assessment

Assuria Auditor utlises a comprehensive built-in Knowledge Base of known security vulnerabilities, security control configurations, up to date patch checks and security best practice information to enable organisations to easily bring their IT infrastructures up to high standards of security, especially servers. Internal IT security knowledge or experience is not necessary, because the built-in Assuria Auditor knowledge base includes not only the thousands of individual checks for a wide range of operating platforms, but also explanations of the implications of each vulnerability and step by step instructions on remediation.  

Automated operation and alerting

Assuria Auditor has a powerful bult-in scheduling subsystem which allows scanning and integrity checking operations to be fully automated. Once systems have been brought up to the required level of security configuration, for the most part, scanning operations should be looking for exceptions and suspicious changes to critical system components (for example with file integrity checking) and these operations can be fully automated and scheduled. Checks can also be configured to raise alerts in a number of formats and using various alerting processes. 

Change Detection

System administrators and corporate network management systems can be alerted to unexpected

or un-authorised configuration changes, or changes to critical system elements and applications. Powerful change detection management features allow rapid assessment and reporting of suspicious or potentially troublesome changes.

Inventory Reporting

Assuria Auditor also provides powerful inventory reporting features, listing all hardware and software installed and much more, greatly assisting asset managers and internal auditors.

Extensible Knowledge Base

Assuria Auditor offers huge flexibility and extensibility. The built-in knowldge base of vulnerability tests, patch checks, compliance assessment checks and security best practice can be extended through a simple to use interface, even allowing addition of entirely new checks, modified checks and creation of custom policies.

Key Features

Vulnerability Assessment

Assuria Auditor utilises a comprehensive built-in Knowledge Base of known security vulnerabilities, security control configurations, up to date patch checks and security best practice information to enable organisations to easily bring their IT infrastructure up to high standards of security, especially servers. Internal IT security knowledge or experience is not necessary, because the built-in Assuria Auditor knowledge base includes not only the thousands of individual checks for a wide range of operating platforms, but also explanations of the implications of each vulnerability and step by step instructions on remediation.  

Regulatory Standards Compliance

The comprehensive built-in security database includes mappings of each of Assuria Auditor’s 2500+ security configuration checks to appropriate references within a range of standards such as ISO 27001, GPG-13, BS17799, PCI-DSS, SOX, GCSX CoCo and others. This makes it easy to assess server compliance against these standards. Detailed remediation instructions enable even inexperienced system administrators to quickly bring systems up to the level of compliance needed. Powerful reporting also provides verification to satisfy internal and external auditors. CVE and BID references are also provided, with CVSS scores where appropriate.

Internal Policy and Build Standards Compliance

As well as monitoring compliance with external standards and accepted best practice in security configuration, Assuria Auditor can easily be customised to allow users to adjust checks and policies and write new checks to match the specific requirements of an organisation’s own security policy, thus ensuring full compliance. In the same way, Assuria Auditor can be configured to assess the build configuration of systems against internal build standards so as to ensure that systems are configured to corporate standards prior to rollout.  

Change Detection and File Integrity Monitoring

System administrators and corporate network management systems can be alerted to unexpected or un-authorised configuration changes, or changes to critical system elements and applications. Powerful change detection management features allow rapid assessment and reporting of suspicious or potentially troublesome changes. Change detection can be applied to whole systems and subsystems (i.e. Baselines) or specific resources such as individual files, folders or executables (i.e. File Integrity Monitoring).

Automated operations and alerting

Assuria Auditor has a powerful bult-in scheduling subsystem which allows scanning and integrity checking operations to be fully automated. Once systems have been brought up to the required level of security configuration, for the most part, scanning operations should be looking for exceptions and suspicious changes to critical system components (for example with file integrity checking) and these operations can be fully automated and scheduled. Checks can also be configured to raise alerts in a number of formats and using various alerting processes.

Inventory Reporting

Assuria Auditor provides powerful inventory assessment and reporting features, listing all hardware and software components installed, active services, open ports and much more, greatly assisting asset managers and internal auditors. Why buy a separate inventory reporting system when Assuria Auditor gives you these features as well!

Assuria Auditor Information Manager (AIM)

The Assuria Auditor results database contains vast amounts of valuable and hard to get system information that until now was a hidden goldmine. Now this resource is accessible via AIM – a powerful and easy to use analysis and reporting feature. Please follow the link to the AIM specification page at left.

Extensible Knowledge Base

Assuria Auditor offers huge flexibility and extensibility. The built-in knowldge base of vulnerability tests, patch checks, compliance assessment checks and security best practice can be extended through a simple to use interface, even allowing addition of entirely new checks, modified checks and creation of custom policies.

Assuria Auditor Architecture

Assuria Auditor is almost unique amongst vulnerability scanning solutions in offering both resident software agent and agentless credentialed scanning and assessment features. Unobtrusive, self contained resident agents operate autonomously, using central controller facilities only for policy or knowledge base updates and for uploading scan results.

Agentless, credentialed scanning allows deep assessment of target systems without the need to install agents. Using securely managed credentials (username and password) Assuria Auditor RA scans systems using the same built-in policies and checks as the resident agents.

Scan results are stored in the Assuria Auditor Console Database, where analysis, reporting and remediation management is also handled. Many hundreds of resident agents can be managed from a single console.  

Assuria Auditor Information Manager (AIM)

Fast easy access to stored system audit information.

The Assuria Auditor results database contains vast amounts of valuable and hard to get system information that until now was a hidden goldmine. Now this resource is accessible via AIM – a powerful and easy to use analysis and reporting feature.

The following views are available In the current AIM release:

Changes:  The Change Detection view is designed to help monitor and detect changes to system baselines.

Patches: The Patches view gives information on which patches have already been applied, and which still need to be applied for each host.

Users/Groups: The Users / Groups view lists the users existing on the hosts, and of which groups they are members.

Packages: The Packages view shows the packages which have been installed on each host.

Standards: The Standards view shows host vulnerabilities, summarized and grouped by Standards.

The Assuria Information Manager (AIM) views are designed to help you monitor and manage hosts and is intended for security management and ongoing operations use.

Key features of Assuria Auditor Information Manager (AIM): 

• Overview of all configured Hosts showing changes, patches, users/groups, packages and standards.
• Rapid access to the details of those changes
• Powerful search to quickly find key Host data
• Built in reporting for each view
• Integrated with Assuria Auditor Console database
• Rapid identification of key information
• Export to Excel or clipboard. Paste to Notepad for small quick report.

Supported Platforms

Assuria Auditor provides the industry's widest range of platform support, with powerful yet compact software agents available for the following platforms:-

Assuria Auditor agents:

• MS Windows 2000
• Windows NT (under special arrangements only)
• MS Windows Server 2003 / 2008 (incl. R2)
• Solaris SPARC 7 (under special arrangements only)
• Solaris SPARC 8, 9, 10 and 10 x86
• AIX 5.1+, 6.1
• HP-UX – PA-RISC and ITANIUM 11+
• Red Hat Enterprise Linux 3, 4
• SuSE Enterprise Linux X86
• SuSE Enterprise Linux 10 IBM Z series
• VMware ESX 3.5, 4.1

 The Assuria Auditor Console Version 4.2.8 is supported on:

• MS Windows Server 2003
• MS Windows 2008, 2008R2 (x64)

The Assuria Auditor Console supports MS SQL Server 2005 and 2008 as its underlying database.