ESP Security Policy Lifecycle
Security policy lifecycle automation
Any organization is only as secure as the degree to which it has achieved compliance with well-developed and comprehensive cyber security policies (controls).
ESP offers a robust security policy library with several thousand rules (security technical controls) and editable templates, which Elemental has developed and derived from NSA, DISA, CIS, Microsoft, Oracle and other sources for best practices for general computing security, as well as for HIPAA, SOX, PCI and other government regulations and industry standards.
Unified Policy Infrastructure – ESP offers a unified framework for cross-platform security and regulatory policies spanning network traffic, operating systems, users, hardware devices, applications, and data.
Automation of security policies – is a key component of the Elemental solution. ESP administrators develop policies simply by selecting from an extensive library of policy templates containing tousands of technical security controls. Elemental also makes it simple to define target groups and automatically apply policies to all hosts in the group. As the activity of hosts and their security posture changes, group membership also changes automatically and new policies are applied accordingly, which makes the ESP system self-adaptive to a changing security context.
Automated Targeting and Deployment – the dynamic grouping of computers based on ESP user defined criteria describing the configuration, activity, and inventory of individual machines enable policies to be precisely targeted and automatically updated.