Cyber security compliance standards exist to protect devices, data and people connected to the internet from the myriad threats facing them every day. For example, regulations like the North American Electric Reliability Corporation’s (NERC) Critical Infrastructure Protection (CIP) standards ensure businesses operating in the power industry follow certain guidelines with regard to cybersecurity in order to keep the service they provide reliable. Typically, devices that fall within the scope of these regulations include computers, network devices, and other network-connected devices, such as industry-specific tools, card scanners, etc. But what happens when everything is connected to the network?
When it comes to compliance, passing audits means providing adequate documentation that you've taken the necessary steps to secure your environment. Sometimes creating this documentation can be just as difficult as enacting the security measures themselves, so software solutions exist that are supposed to streamline the compliance documentation process and make it easy for both companies and auditors to determine compliance. Tripwire offers a compliance solution with their suite of products, while Industrial Defender, now owned by defense contractor Lockheed Martin, offers their Automated Systems Manager (ASM) product.
As perimeter-based cyber protection falls to the wayside, a new breed of continuous security solutions are emerging that combine traditional endpoint protection with newer technologies like security information and event management (SIEM) and crowdsourced threat intelligence. These next generation security platforms attempt to address the needs of both traditional on-premise data centers as well as organizations with entire IT infrastructures in the cloud. Two vendors—AlienVault and Tenable—have products on the market that fall in this category. Let's see how they stack up in this comparison.