12 – Operations Security
In the Reports Portal, select > > > > > Dashboards or Reports > .
To assess your enterprise's compliance with this requirement, use the following dashboards and reports:
Provides an overview of administrative login activity, relevant to ISO 27002:2013 Control 12.4.3.
To define administrative accounts, use the worksheet condition of this dashboard. Use lowercase to define the accounts. For example, add the user "Administrator" as "administrator."
Application Vulnerabilities Overview
Provides an overview of the following application vulnerabilities, relevant to ISO 27002:2013 Control 12.6.1:
-
SQL injection
-
XSS
-
XSRF
-
Overflow
Provides an overview of failed login activity, relevant to ISO 27002:2013 Control 12.4.1.
Based on ArcSight categorization, provides an overview of failed login relationships involving Sarbanes Oxley systems, relevant to ISO 27002:2013 Control 12.4.1.
Firewall Configuration Changes
Provides an overview of firewall configuration change events, relevant to ISO 27002:2013 Control 12.1.2.
Provides an overview of malware activity, relevant to ISO 27002:2013 Control 12.2.1.
Provides an overview of successful login activity, relevant to ISO 27002:2013 Control 12.4.1.
Provides an overview of missing security patches on Sarbanes Oxley systems, relevant to ISO 27002:2013 Control 12.5.1.
Provides an overview of vulnerability events involving Sarbanes Oxley systems, relevant to ISO 27002:2013 Control 12.6.1.
Provides a summary of antivirus services that were stopped or paused, relevant to ISO 27002:20213 Control 12.4.1.
Provides a summary of audit log cleared events involving Sarbanes Oxley systems, relevant to ISO 27002:2013 Control 12.4.2.
Database Configuration Changes
Provides a summary of database configuration changes, relevant to ISO 27002:2013 Control 12.1.2.
Provides a summary of database vulnerabilities involving Sarbanes Oxley systems, relevant to ISO 27002:2013 Control 12.6.1.
Failed Administrative Login Summary
Provides a summary of failed administrative login events involving Sarbanes Oxley systems, relevant to ISO 27002:2013 Control 12.4.3.
To define administrative accounts, use the worksheet condition of this dashboard. Use lowercase to define the accounts. For example, add the user "Administrator" as "administrator."
Provides a summary of failed antivirus updates, relevant to ISO 27002:20213 Control 12.4.1.
Provides a summary of failed logins detected on specific SOX assets , relevant to ISO 27002:2013 control 12.4.1.
When you run this report, specify the asset (host name, IP address, or MAC address) in lowercase.
Provides a summary of failed login events involving Sarbanes Oxley systems, relevant to ISO 27002:2013 Control 12.4.1.
Firewall Configuration Changes
Provides a summary of firewall configuration change events, relevant to ISO 27002:2013 Control 12.1.2.
Provides a summary of high-risk vulnerabilities involving Sarbanes Oxley systems, relevant to ISO 27002:2013 Control 12.6.1.
Provides a summary of malware events on Sarbanes Oxley systems, relevant to ISO 27002:2013 Control 12.2.1.
Network Device Configuration Changes
Provides a summary of network device configuration change events involving Sarbanes Oxley systems, relevant to ISO 27002:2013 Control 12.1.2.
Provides a summary of overflow vulnerabilities involving Sarbanes Oxley systems, relevant to ISO 27002:2013 Control 12.6.1.
Provides a summary of SQL vulnerabilities involving Sarbanes Oxley systems, relevant to ISO 27002:2013 Control 12.6.1.
Successful Administrative Login Summary
Provides a summary of successful administrative login events involving Sarbanes Oxley systems, relevant to ISO 27002:2013 Control 12.4.3.
To define administrative accounts, use the worksheet condition of this dashboard. Use lowercase to define the accounts. For example, add the user "Administrator" as "administrator."
Provides a summary of successful logins detected on specific SOX assets, relevant to ISO 27002:2013 control 12.4.1.
When you run this report, specify the asset (host name, IP address, or MAC address) in lowercase.
Provides a summary of missing security patches involving Sarbanes Oxley systems, relevant to ISO 27002:2013 Control 12.5.1.
Vulnerability Summary by CVE ID
Provides a summary of vulnerabilities detected on SOX environments by specific CVE ID, relevant to ISO 2700:2013 Control 12.6.1.
When you run this report, specify the CVE ID in lowercase.
Vulnerability Summary by SOX Asset
Provides a summary of vulnerabilities detected on specific SOX assets, relevant to ISO 27002:2013 Control 12.6.1.
When you run this report, specify the asset (host name, IP address, or MAC address) in lowercase.
Vulnerability Summary on SOX Environment
Provides a summary of vulnerabilities involving Sarbanes Oxley systems, relevant to ISO 27002:2013 Control 12.6.1.
Provides a summary of XSRF vulnerabilities involving Sarbanes Oxley systems, relevant to ISO 27002:2013 Control 12.6.1.
Provides a summary of XSS vulnerabilities involving Sarbanes Oxley systems, relevant to ISO 27002:2013 Control 12.6.1.