Symantec Unveils Updated Control Compliance Suite
Symantec announced Version 10.5 of its Symantec Control Compliance Suite, the company's automated solution to help companies identify and manage risk and compliance issues.
The Control Compliance Suite lets users integrate data on risk and compliance from disparate systems into Web-based dashboards. New features include workflow integration with Symantec Data Loss Prevention that lets IT departments target security training at individuals who have violated policies to educate them on the security risks they face.
"Organizations with the best insight into IT risks have the ability to sort through thousands of IT issues on a daily basis and prioritize remediation efforts to focus on protecting their most critical assets and data first," said Jim Hurley, managing director of the IT Policy Compliance Group, in a statement.
The new version of CCS expands on the solution's ability to integrate data into dashboard panels with out-of-the-box connectors to collect security awareness survey results from the Symantec Control Compliance Suite Response Assessment Manager. Future versions will be able to integrate even more data, including information on critical vulnerabilities, security threats and real-time file integrity monitoring, the company said.
Version 10.5 also incorporates built-in support for the new Security Content Automation Protocol (SCAP) benchmarks, which provide organizations with a standardized approach to security checks and reporting across multivendor solutions.
"The compliance environment is changing very rapidly, so I think we need our vendors like Symantec to keep up, and I think Symantec has done a very good job of building product and staying ahead of that curve," says Jonathan Dambrot, CISSP managing director for Prevalent Networks, a Warren, N.J.-based solution provider.
Prevalent has created several of its own components to enhance CCS, including policy and bandwidth assessments, and Dambrot thinks the improvements Symantec has made are moving the product in the right direction, especially in its ability to integrate across multiple vendors.
"Symantec is really recognizing that we're agnostic and want to be able to provide value with whatever technology you're using and give you visibility across your technology platforms. I think Symantec has made some investments in really making sure that architecture allows for that capability," he says.