NIST sp800-53 compliance with BOUNCER by CoreTrace
The National Institute of Standards and Technology (NIST) Special Publication 800-53, entitled "Recommended Security Controls for Federal Information Systems", details security standards for low, moderate, and high impact information systems.
The guidelines state, relative to information technology security:
"Continuous monitoring activities include configuration management and control of information system components, security impact analyses of changes to the system, ongoing assessment of security controls, and status reporting. The organization establishes the selection criteria for control monitoring and subsequently selects a subset of the security controls employed within the information system for purposes of continuous monitoring."
Clearly, your agency is responsible for ongoing configuration management and monitoring of your information systems. BOUNCER by CoreTrace prevents ‘configuration drift’ by locking down an endpoint's configuration upon initial deployment. It takes a snapshot of the desired configuration, and then not even a user with Local Administrator privileges can change it. This lockdown accomplishes two primary goals:
BOUNCER application whitelisting technology quickly and using very little bandwidth compares each application that tries to run against a list of known good and approved applications. If the program is on the list, it runs. If it is not, then nothing happens — the malware or unauthorized application does not execute, and system administrators receive an alert that there was a policy violation.
None of this functionality requires continual patching to stay on top of zero-day or zero-hour attacks. You're protected no matter what, freeing resources to pursue deeper organizational goals.