Audit Reports

FISMA Compliance Report

FISMA IT Compliance Report

To protect confidential government data from security attacks and breaches, organizations must deploy high-level security mechanisms, as instructed by the Federal Information Security Management Act (FISMA). FISMA mandates that federal agencies and other organizations dealing with government information establish a formal security program and conduct annual audit reviews to ensure continuous network security.

To comply with FISMA, security administrators must continuously monitor and audit the activities happening across their network. The FISMA guidelines are so stringent that it's almost impossible to compile the required audit reports manually. Security admins need a comprehensive log management solution that centrally collects, monitors, and analyzes log data across the network and extracts meaningful information in the form of reports.

That's where EventLog Analyzer comes in to automate all your log management processes. It helps address the security controls, risk assessments, and continuous monitoring aspects of the security framework established by your organization.

This solution provides out of the box reports that help you meet the following FISMA controls:

Meeting the Audit and Accountability (AU) requirements of FISMA

This requirement demands continuous monitoring of access and activities performed on the files and folders (objects) that store confidential government data.

EventLog Analyzer, with its predefined reports and real-time alerts, facilitates continuous monitoring of confidential data. The predefined reports provide detailed information on object access, such as:

  • Which user accessed or performed an operation on the object.
  • The date and time of the event.
  • The location from which the object was accessed or the operation was initiated

This solution also provides reports based on the type of operation performed on the object. Apart from the Object Access report, the solution also gives reports for other events, such as:

  • Object created
  • Object modified
  • Object deleted
  • Object accessed
  • Object handle

EventLog Analyzer also generates real-time email or SMS alerts that help security administrators instantly identify any unauthorized access or operation being performed on the object. These notifications enable administrators to mitigate the data breach as early as possible.

Satisfying the requirements for Certification, Accreditation, and Security Assessments (CA)

FISMA mandates regular audits and continuous monitoring of the internal security framework established by the organization. The CA guideline of FISMA requires monitoring of the services and applications running across the network to prevent the installation of any unauthorized services or applications.

To meet this requirement, EventLog Analyzer provides a Windows Services report that gives detailed information on when the service was started and which host the service is running on. This solution also helps proactively mitigate security threats by generating real-time email or SMS alerts upon the initiation of any unauthorized Windows services.

Contingency Planning (CP) with EventLog Analyzer reports

EventLog Analyzer's predefined, Windows Backup and Restore reports help you, in a time of crisis, identify and restore all the confidential data . These reports also provide detailed information such as the time, date, and user who initiated the backup and restore operations..

Reports for Access Control (AC)

EventLog Analyzer helps you monitor access to terminal servers, Windows workstations, Linux and Unix servers, network devices, and more. This solution provides detailed out of the box reports on Unsuccessful User Logons, Successful User Logons and Logoffs, and more.

It also provides exhaustive information on Terminal service sessions, such as details on connection, disconnection, and reconnection, which gives you better visibility on the remote access details of your network, as well.

Identification and Authentication (IA) requirements of FISMA

EventLog Analyzer gives you on-the-fly reports on Individual User Actions that help you meet the IA requirements of FISMA.

The solution's Individual User Actions report shows you the complete picture for user actions. It also provides detailed information on the W's of auditing (i.e. who accessed the information, and when it was accessed).

Reports for Configuration Management (CM)

EventLog Analyzer helps document any information system changes that could possibly impact the security framework of the organization. This solution provides detailed reports to help monitor any system changes, such as Windows software updates and changes or upgrades to critical security applications (e.g. anti-malware and other business software). Thus, EventLog Analyzer enables the satisfaction of the CM FISMA requirements, along with the others specified.

Customer Speaks
  • Credit Union of Denver has been using EventLog Analyzer for more than four years for our internal user activity monitoring. EventLog Analyzer provides great value as a network forensic tool and for regulatory due diligence. This product can rapidly be scaled to meet our dynamic business needs.
    Benjamin Shumaker
    Vice President of IT / ISO
    Credit Union of Denver
  • The best thing, I like about the application, is the well structured GUI and the automated reports. This is a great help for network engineers to monitor all the devices in a single dashboard. The canned reports are a clever piece of work.
    Joseph Graziano, MCSE CCA VCP
    Senior Network Engineer
  • EventLog Analyzer has been a good event log reporting and alerting solution for our information technology needs. It minimizes the amount of time we spent on filtering through event logs and provides almost near real-time notification of administratively defined alerts.
    Joseph E. Veretto
    Operations Review Specialist
    Office of Information System
    Florida Department of Transportation
  • I love the alerts feature of the product. We are able to send immediate alerts based on pretty much anything we can think of. We send alerts when certain accounts login, or when groups are changed, etc. That has been very helpful. Also the automatic archive of the log files has been very helpful and has taken the worry out of keeping old logs. The “Ask Me” function is very nice as well. It is great to have some natural language queries built in where you can just click a button and get an answer.
    Jim Earnshaw
    Senior Computer Specialist
    Department of Chemistry
    University of Washington
  • Windows Event logs and device Syslogs are a real time synopsis of what is happening on a computer or network. EventLog Analyzer is an economical, functional and easy-to-utilize tool that allows me to know what is going on in the network by pushing alerts and reports, both in real time and scheduled. It is a premium software Intrusion Detection System application.
    Jim Lloyd
    Information Systems Manager
    First Mountain Bank

EventLog Analyzer Trusted By

A Single Pane of Glass for Comprehensive Threat Management